Analyzing malware and ransomware without infecting ourself

discussion
reverseengineering
hacking
malware

#1

Spoiler alert: for newbies.

I want to learn how to analyze the behavior and mechanism of the trending malwares and ransomwares without jeopardizing my own pc. How can I achieve my objective? Will infecting OS in booted pendrive work?


#2

It’s called virtual machines, google it.


#3

I’m familiar with using Ubuntu in VMWare. However, what I meant to ask was that as the virtual machine does access the hard disk for showing me the drives, wouldn’t the original OS installed be infected if i infect the OS in VMWare? I apologize if the question sounds dumb, I’m just getting to know these things.


#4

Virtual machines are isolated/separate entities. The host OS should (in theory) be untouched. There are cases however where exploits/malware can achieve entire VM escapes but that’s another story.


#5

Regards, but some of them can harm the hard drive even you run them on VM, like WannaCry [ just as a mention ]


#6

I believe that’s exactly what I said above.


#7

So do you have any alternatives you can suggest to accomplish the task?


#8

So are there any alternative ways to accomplish the task knowing that I will be secure?


(0x65) #9

If you are concerned that the malware will escape the VM, then use a separate computer not connected to your network.


#10

I only have a single laptop. That’s the reason I’m started this topic in the first place.


#11

No. You will never know for certain that you’re secure. if this is what you want you’re in the wrong place looking into the wrong subject.


#12

@witch So using virtual machine is the best choice I have, right?


#13

Without another air-gaped machine (which is still not invulnerable) Yes.


#14

Alright. Thank you for your time. :slight_smile:


(system) #15

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.