Possible to test Malware?

Hello all,  I just have a quick question. Im interested in testing Malware for research and I saw that Windows 7 has a virtual machine "built in" My question is, would it be ok to test malware on virtual xp mode? or is there a chance it can infect my host machine. Thanks for your replies.

|
Answer
Answer

Hello all,  I just have a quick question. Im interested in testing Malware for research and I saw that Windows 7 has a virtual machine "built in" My question is, would it be ok to test malware on virtual xp mode? or is there a chance it can infect my host machine. Thanks for your replies.


Hi Redman2563:

It’s never safe, the reason is because the virus developers
made a small proportion of code that allows them to read
environment. Once they get environment data they know
that they are in a virtualized machine, trust me, I’ve been
researching viruses, malware and other potentially unwanted
viruses and software.

The reason it isn’t safe is because some viruses try to use
Virtual Machine ports to communicate with the real-machine.

But as an expert I highly recommend VMware® Workstation for this.
I suggest you use VMware because its better and much safer, trust me.
All professional experts that do Malware analysis will use VMware®.

I can give you some suggestions of what you need before you begin:

§ The knowledge of how malwares work.

 

§ The knowledge of how to analyze malware code.

 

§ How to convert binary data, how to work with hex-numbers.


Tools you need:

§ Process Explorer

 

§ Hex-Editor

 

§ Windows Registry Monitor Tool (Regmon)

 

§ DSplit Antivirus Signature Detector Tool


Testing environment:

§ VMWare® Workstation 7.0


Operating System:

§ Windows® Operating System.

 

*To go real expert hardcore I would install a Linux distribution (e.g. Ubuntu or Fedora),
and install a copy of MAC OSX in the VMware® Virtual Machine.


A good online reference: I recommend VX Heavens (http://vx.netlux.org/).

*Important note: The link for DSplit you can download the tool at your own risk,
I haven’t check it. You also visit the VX Heavens website at your own risk.

As I said I’ve been working with viruses and virus code and made my own
scan engine which failed and detected only one virus type: the Aids PC virus.

Here are my online participations where I’ve been helping beginners with
virus scanners in programming:
http://social.msdn.microsoft.com/Forums/en/windowssecurity/thread/434d312f-903c-43b7-88b6-7df2c8cfc765

http://social.msdn.microsoft.com/Forums/en/windowssecurity/thread/1b23cadf-aa7e-44fe-9f35-01d3d6561d10


http://social.msdn.microsoft.com/Forums/en-US/vbgeneral/thread/74a7566c-391a-4db1-b8eb-30c723db0358

 

http://social.msdn.microsoft.com/Forums/en/vbgeneral/thread/4d4a2d83-20b4-4282-b3a7-65837b9ba5a5

 
*If you need any help just ask me.
J

My name is: Fisnik.

I hope you find this information useful and if you need any further assistance,
please feel free to contact me and let me know.

I hope this information was helpful…

Have a nice day…

Best regards,
Fisnik


Itknowledge24.com

4 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info


Last updated August 15, 2020 Views 1,446 Applies to: