Author Topic: Malware Analysis Environment  (Read 4284 times)

0 Members and 1 Guest are viewing this topic.

June 10, 2010, 12:14:30 am
Read 4284 times


  • Newbie

  • Offline
  • *

  • 1

I'm new here and looking to get started in malware analysis. I'm just wondering, what type of environment does everyone use? Is VMware running Windows safe to analyze viruses? Do you have a dedicated "dirty" machine just for virus analysis? Do you use something like Deep Freeze to easily preserve an analysis environment? What tools are useful besides IDA, OllyDbg, Filemon, Regmon?

Thanks for any tips.


June 10, 2010, 07:27:21 am
Reply #1


  • Jr. Member

  • Offline
  • **

  • 23
    • inReverse

June 11, 2010, 01:32:03 am
Reply #2


  • Newbie

  • Offline
  • *

  • 4
i use vm's to triage but also have a goat machine for analysis of vm-aware code. i route all connections from the goat through a linux gateway which allows me to control inbound and outbound connections.

June 27, 2010, 12:17:56 am
Reply #3


  • Special Access
  • Full Member

  • Offline
  • *

  • 49
    • ocean's Inseclab
most of the work can be done with a good VM: VMware it think it's the best right now, Virtualbox is like unusable right now because of lots of nasty bugs like hw bps not working and lots others...

tools? every tool that's needed :P mostly IDA, OllyDbg, the good old softice if needed, PEid+plugins, Explorer Suite, Python...