So far, the only real technology I’ve encountered as part of the Malware Analysis is VMWare, specifically Workstation 17. I’ve only spent a week working with the program, and virtual machines in general, but it’s pretty interesting and I’m excited to learn more about it.
VMWare Workstation 17 is a program that allows you to create virtual environments of any OS running ontop of another computer system. This week, after watching a few tutorials and reading a few guides, I got a version of Windows 10 running on a virtual machine. I never knew exactly how virtual machines worked before, but I found there was a lot of individual parameters and options you can manipulate depending on the purpose of your environment. I have initially opted for a setup utilizing 2 CPU cores, 30 GB of disk space, and 8 GB of ram. For older OS’s like Vista or XP, which my teammates have explored, we should be able to manage to run with lesser settings, thereby enabling us to run more individual environments with more specific test settings.
Another setting I was not aware of is how your environment can be split between various files, or consolidated into one. I learned that running multiple files can make the whole project more portable, and leads to less issues when moving files around, which may better suit our project down the line if we need to share our VM’s. But singular file setups provide easier organization and are simpler to understand, which is what I opted for first, though I may change this later on once I’m more comfortable with the program.
So far, I’m still learning all there is do, but I love having a safe environment for working with malicious or suspicious software. As the team moves forward in our project, we have many options of terms of OS’s (such as older Windows systems or Linux or what have you) to create interesting tests for our chosen piece of malware, which will help make our final report more in-depth and descriptive.
Leave a Reply