In our continued quest to become the ultimate REMnux fanbois we thought we’d point to a recent post by Lenny Zeltser that provides a basic overview of how to setup and install the popular malware analysis distro. The article covers using both the Open Virtualization Format (OVF) and VMware’s own proprietary format for most VMware products. He also discusses setting the OVF file up on Virtual Box as well. The setup for VMware fans is pretty much dead simple.
- Download the ZIP file,
- Extract it to your directory of choice, and
- Double-click on the VMX file.
You can download your very own copy of REMnux here. See Lenny’s article below for additional details on using the OVF file.
REMnux is a lightweight Linux distribution for assisting malware analysts with reverse-engineering malicious software. Starting with version 4, the REMnux virtual appliance is available as the Open Virtualization Format (OVF/OVA) file, which can be imported into most virtualization tools, such as VMware and VirtualBox. REMnux is used my many malware analysts and is incorporated into SANS’ FOR610: Reverse-Engineering Malware course.
Installing the REMnux Virtual Appliance With VMware
Install the VMware tool of your choice, such as VMware Player (free) or VMware Workstation (paid). Download the remnux-4.0-ovf-public.ova file. If using VMware Player Don’t double-click this file to open it due to a problem on some VMware Player installations. Instead, open VMware Player, select Open a Virtual Machine and point to the .ovf file. It’s OK to double-click the file if using VMware Workstation.
In the Import Virtual Machine window, specify the name for the VMware virtual machine you will create out of the OVF package and point to the location where the virtual machine’s files will be stored. Click Import.
Today’s post pic is from Zeltser.com. See ya!