Conclusion
Running and analyzing malware using VMware and virtual machines involves the following steps:
Start with a clean snapshot with no malware running on it.
Transfer the malware to the virtual machine.
Conduct your analysis on the virtual machine.
Take your notes, screenshots, and data from the virtual machine and transfer it to the physical machine.
Revert the virtual machine to the clean snapshot.
As new malware analysis tools are released and existing tools are updated, you will need to update your clean base image. Simply install the tools and updates, and then take a new, clean snapshot.
To analyze malware, you usually need to run the malware to observe its behavior. When running malware, you must be careful not to infect your computer or ...
Get Practical Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
