T - Security Config

[thea30]

Malware Analysis Set-up

Virtual Machine:
Windows 8.1
Ubuntu Server 16.04.2

VM Windows (analyse malware):
PEID
PEstudio
Process Monitor
Regshot
ApateDNS

VM Ubuntu Server (simulate fake network):
Inetsim


Above are my environment set up to start up my malware / ransomware analysis.
I m a beginner in malware analysis. Is there anything that I need to improve or fix in the set up?

Thanks

 

[jamescv7]

Well considering the fact you are in Mac OS X then you are already safe for majority of malware attacks except if you download some suspicious .dmg files which you need to be vigilant.

Also prior on the establishment of virtual machine, then make sure that the connection is isolated (using NAT) to avoid any worms jump on the network.

 

[thea30]

Thanks for your advice @jamescv7

 

[hd35]

Thank you for sharing our configuration with us.

 

[thea30]

sorry guys, i got one more question .
May i know how to get the active malware samples?

 

[Parsh]

sorry guys, i got one more question .
May i know how to get the active malware samples?

You need to have 100 posts (prefer quality) at MT to get access to the malware samples posted at the Malware Vault.
Till then, you can study and discuss at the Malware Analysis section, which I believe you are already aware of, by now.

 

[Exterminator]

Secure MAC config! Thanks for sharing it with us

 

[Winter Soldier]

Hello, about malware analysis and reverse engineering relatively to .NET platform, I'd like to suggest to you ILSpy, a powerful tool to decompile any (non-obfuscated) malware wrote in.NET.
It can open any executable compiled with the framework by showing you a very good approximation of the original source in C# and VB.