Any Additional Considerations to Testing Malware in Windows XP SP3 32 bit?

[AtlBo]

Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?

One other thing. Is there a best place/way to find non-ransomware malware?

 

[Deleted member 178]

Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?

I wont use XP personally, better Win7 (which is closer to Win8/10)

One other thing. Is there a best place/way to find non-ransomware malware?

Did you check our malware hub?

 

[509322]

Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?

One other thing. Is there a best place/way to find non-ransomware malware?

hybrid-analysis.com
malwr.com

You'll find anything you want as long as you know what you're looking for and how to look for it.

Use the Search and Advanced Search functions. You'll figure it out. Find articles that analyze a malware and give hashes. Then search by hash. You can also search by name.

 

[AtlBo]

I wont use XP personally, better Win7 (which is closer to Win8/10)

Did you check our malware hub?

Not yet. Im just going to be testing some program mechanisms mostly so I just need some "unrecognized" files. For example, I'd like to test Comodo's command-line heuristics against unrec files and then maybe BB element of 360 and some others. If I do any serious testing Ill use W7 or W10. Doubt that will be soon tho.

Ill check the malware hub thanks. Mostly I was looking for any information on securing the VM. Is there anything extra I need to do. Ill install Windscribe on the VM to start and turn off the sharing.

hybrid-analysis.com
malwr.com

You'll find anything you want as long as you know what you're looking for and how to look for it.

Great. That's what I need. Sounds like I can find standard low-medium danger malware. That's what I would like to start with. Going to set up the VM tonight and get the updates done for Windows. Might as well give it as much of a fighting chance as possilbe I suppose.

Hope I can come out of this in a couple of months with some nice pic sequences for various settings choices in some programs. Also, MAYBE a video on command-line protection in Comodo. Not sure what exactly at this point.

 

[EASTER]

Not yet. Im just going to be testing some program mechanisms mostly so I just need some "unrecognized" files. For example, I'd like to test Comodo's command-line heuristics against unrec files and then maybe BB element of 360 and some others. If I do any serious testing Ill use W7 or W10. Doubt that will be soon tho.

Ill check the malware hub thanks. Mostly I was looking for any information on securing the VM. Is there anything extra I need to do. Ill install Windscribe on the VM to start and turn off the sharing.



Great. That's what I need. Sounds like I can find standard low-medium danger malware. That's what I would like to start with. Going to set up the VM tonight and get the updates done for Windows. Might as well give it as much of a fighting chance as possilbe I suppose.

Hope I can come out of this in a couple of months with some nice pic sequences for various settings choices in some programs. Also, MAYBE a video on command-line protection in Comodo. Not sure what exactly at this point.

Whatta champ.

As mentioned you will find exactly those m'wares you will like to pit against Comodo and others.
Save a clean VM snap or two and should be good to go.

Reason I mention "champ" is because most folks have all but put XP in their rear view mirror for good but you can read a good many others actually still favor it and some even have that system pretty well clamped down which really isn't so hard to do after all in spite of things after you learn how.

Have a safe time of it and we look forward to seeing those results on the other end.

 

[AtlBo]

Whatta champ.

@EASTER. I feel like Ive been through a championship boxing title fight about right now...or maybe MMA . Not sure the VM is perfect yet, but I can't think of anything but a security program and malware next. 300 updates or whatever it was. Don't want to grab a snapshot until I am a little bit more sure.

For now, I could end up posting a thread for test requests for questions about Comodo and was thinking of ReHIPS once I have some time to establish a routine and get some experience. Could be others too, but I am steering away from sigs to the mechanical side testing in XP. Generally, the idea is to get a full handle on settings choices<->alerts choices<->unblock choices and how they affect each other and security file trust ratings. I want to see how the Comodo heuristics by itself does against malware for example. I know it will lose some if not many, but what I would like to know is how effective it is when there is command-line.

Only gave XP 2 gigs, but it seems to be doing OK in the VM...default 16 MB of video memory might be a question mark tho.

One thing I need is a browser. Anybody have an opinion for a browser for XP? Don't know what I can run....maybe SlimJet?