Basic Environment Downloads And Setup Instructions

Hypervisors

• Virtual Box - Used to run Virtual machines.
• VMWare - Another option for running VMs

Virtual Box is a solid choice for running Virtual Machines for Malware analysis (Personal preference)

VMs

• Windows 10 - Primary Machine to run Live Malware.
• Remnux - Linux Based VM to analyze malware and run network simulations.
• Ubuntu - My recommended VM to analyze malware and run network simulations. Prefered 22.04.5 LTS

  24.04 did NOT seem to get past initial start up .

Flare VM

Flare VM is a wonderful way to install all the tools for malware analysis. Its installation in done inside the windows virtual machine. Flare VM allows you to pre select the malware analysis tool you want to use. Flare VM instructions can be found here. This may take hours to setup.

Ubuntu & Windows Network setupSetup

1. Install Ubuntu 22.04.5 LTS and import into Virtual Box
2. Start the VM and let it setup
3. once setup, run

su #and sign in
apt-get update && apt-get upgrade

4. Install desired packages.
5. Create Host only network on virtual box and assign to the Ubantu & windows vm.

Basic Analysis.

For basic analysis detach network adaptors on windowns vm in the vm settings to prevent the malware form propagating the network.

Advanced Analysis

For a better understing on Virtual Networks go to Virtual Box manual Chapter 6.

On the windows machine assign the Host Only network adaptor and set the IP address 192.168.x.y where is "x" is "66" if the IP address of the Ubantu machine is for example "192.168.66.5" and "y" is anything other than "5" (192.168.66.5). Also set the Default Gateway to the IP address of the Ubantu machine. You should be able to ping each of them from each other.