VirtualBox: How to Setup your Malware Analysis

From Embedded Lab Vienna for IoT & Security
Revision as of 18:58, 5 December 2019 by Carseven (talk | contribs) (Created page with "== Summary == This documentation will provide you with a step-by-step guide to creating a virtual machine over VirtualBox. Though, we will not create a generic VM! This VM w...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Summary

This documentation will provide you with a step-by-step guide to creating a virtual machine over VirtualBox. Though, we will not create a generic VM! This VM will provide you with completely isolated and non-detectable environment for Malware Analysis.

As advanced malware nowadays is able to detect its environment (e.g. scanning for RAM, CPU cores, disk space, registry keys and even drivers) they are now able to stop their execution if they detect a virtualized environment. Therefore it is critical to setup your malware analysis VM correctly.

In order to render your VM undetectable we have chosen two state-of-the-art tools on Github. One only supports Windows as its host OS and the other is relying on dependencies only available on Ubuntu.

Requirements

  • Host Operating system: Ubuntu 16/18.04 or Windows 7/10
  • Tools: 'VBoxHardenedLoader' (for Windows) and 'antivmdetection' (for Ubuntu)

In order to complete these steps, you must have followed Some Other Documentation before.

Description

Step 1

Enter these commands in the shell 

echo foo
echo bar

Step 2

Make sure to read

  • War and Peace
  • Lord of the Rings
  • The Baroque Cycle

Used Hardware

Device to be used with this documentation Maybe another device to be used with this documentation

Courses

References

Retrieved from "https://wiki.elvis.science/index.php?title=VirtualBox:_How_to_Setup_your_Malware_Analysis&oldid=2356"