The second and last part of this article introduces beginner-friendly tools, helps with sample searches and explains safe handling between host & VM.
Analyzing Windows malware with little prior knowledge and consistently free tools? That’s fine. In our two-part guide for beginners, we accompany you step-by-step through all the preparations for your first malware analyses.
After you set up a virtualized Windows environment with us, isolated from the host system, in the previously published first part of this article, we now want to upgrade it together to a fully-fledged analysis environment for the first malware experiments. We will introduce you to tools that even beginners can work with. We outline how it works and assist in installing it in the VM.
Caution is advised when handling malicious code. We give you reputable sources from which security researchers can obtain samples without putting their systems at risk. And we will show you how to minimize the handling risks on the host system and how to transfer the malicious code to the VM in an escape-proof manner.