Flare VM Installation

From Embedded Lab Vienna for IoT & Security
Revision as of 13:56, 28 October 2023 by TNicholson (talk | contribs) (TNicholson moved page (Article title) to Flare VM Installation)
Jump to navigation Jump to search

Flare VM Installation

Flare VM is a Windows distribution specifically designed for Malware Analysis. It includes all the relevant tools to get started in this field.

Step 1: Setup Virtual Machine

First, you need to setup a Windows 10 virtual machine. This can be done by downloading the ISO from Microsoft and installing it inside your preferred hypervisor, such as VirtualBox or VMware Workstation.

  • IMPORTANT: The network adapter of the virtual machine must be set to Host-only. This is important to prevent potential spreading of malware onto the host system or network.
  • The hard drive of the VM must be at least 60 GB large, RAM should be at least 2 GB (more is recommended)

Step 2: Install Flare VM

Go to the official FlareVM Github repository (https://github.com/mandiant/flare-vm)

  1. Download the install.ps1 script
  2. Open Powershell as Administrator
  3. Go to the directory the script is located in and run: Unblock-File ..ps1
  4. Enable script execution: Set-ExecutionPolicy Unrestricted
  5. Type Y to accept
  6. Finally, exeute the script: .\install.ps1 and enter your Windows password when prompted

This installation can take some time (up to 3 hours). Your machine will reboot a few times during the installation.

Once you see “Type ENTER to exit:”, type Enter to Exit the script - then, the installation is complete.

Now, you should definitely save a snapshot of the VM so you can always revert back to this state if needed.

Retrieved from "https://wiki.elvis.science/index.php?title=Flare_VM_Installation&oldid=11783"