How To Setup A Sandbox Environment For Malware Analysis
Вставка
- Опубліковано 5 чер 2019
- Hey guys! in this video I will be showing you how to setup a sandbox environment for malware analysis with VirtualBox and Fakenet.
Fakenet: sourceforge.net/projects/fake...
Get Our Courses:
Python For Ethical Hacking: www.udemy.com/python-for-ethi...
Our Platforms:
Hsploit: hsploit.com/
HackerSploit Forum: hackersploit.org/
HackerSploit Academy: hackersploit.io/
HackerSploit Podcast: / hackersploit
iTunes: itunes.apple.com/us/podcast/t...
⭐SUPPORT HACKERSPLOIT BY USING THE FOLLOWING LINKS:
NordVPN: nordvpn.org/hacker
Use the link above or the code below for 77% Off your order
Promo Code: hacker
Patreon: / hackersploit
I Hope you enjoy/enjoyed the video.
If you have any questions or suggestions feel free to ask them in the comments section or on my social networks.
🔗 HackerSploit Website: hsploit.com/
🔹 SUPPORT THE CHANNEL
NordVPN Affiliate Link: nordvpn.org/hacker
Patreon: / hackersploit
🔹 SOCIAL NETWORKS - Connect With Us!
-------------------------------
Facebook: / hackersploit
Twitter: / hackersploit
Instagram: / hackersploit
Patreon: / hackersploit
--------------------------------
Thanks for watching!
Благодаря за гледането
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
#MalwareAnalysis - Наука та технологія
The way you used your words in this video was intelligent, precise, and clear. You are amazing at what you do. Thank you so much!
I like the speaker's voice! Very clear, confident and well spoken! Good content!
Dude, I am subscribed on Your channel for about 2 months and I can say that your videos thaught me more than any profesor on my university in a last 2-3 years. Kudos to You and big thanks, you are doing great job here! Cheers :D
@Hackersploit plz reply this guy... respect ur followers..
@@e1Pr0f3ss0r he is still searching why fakenet do not output all the infos to a file beside .pcap
I know this is years later but oh, my, goodness I am so thankful for you and this video series! Thank you!
you've been rolling out alot of videos lately. Keep up the good work 😃
Great video to start with , for malware analysis sandboxed environment - Thanks for sharing .
Thank you for the Video.
Great Work!!
Thanks for the video. Very educational and systematic, and best of all, your voice is awesome =)
You make very useful content. Keep it up! 👌
I really enjoy your videos Keep Going I am learning so much thank you
i love your videos man keep up the good work
lets be honest... we all just want to be able to click on every shady link that ever pops up with no consequences
facts
im just here to do windows destruction
yup
Lol I 100% do that 😂 I don't use a virtual machine tho. I have alot of usb thumb drives and a few extra samsung 870 evo ssds and i boot windows from them. I have 1 usb stick for normal pc usage that a normal human being usually does on a pc like youtube and Firefox. I have Another USB stick that that I boot off of windows with that I use to try to get as much illegal software and torrents as possible that I need and test them on that same usb stick. If there's a virus from a torrent which I rarely get I just reinstall windows on that thumb drive. And the last usb thumb drive is to store all the downloads I have gathered and just stored. And if I go help my friend makes beats at his house I pop that sucker in and he picks whatever plugin or software he wants lol. I do all that on 1 or 2 laptops😂 and the windows 10 I use is a stripped down modded version that has littrally no bloatware. No Microsoft Spyware and it doesn't even have windows defender. It's disabled its 100% not installed. My gaming pc I littrally just play games on. You might ask me why am I worried about viruses? Lol I'm actually not. I don't store anything personal or important that I would care to loose. I'm more worried about ransomwear on my gaming pc. And all that reckless stuff I do I mabe got 5 viruses within 3 years. 🤙
I just want to be able to mess with some Indians from Kolkata.
Hi your tutorials are awesome. As previously told by me can you please make a tutorial about reverse engineering (fuzzing,buffer overflow vulnerability etc. etc.)
Thanks
thorough and awesome
Man, you're the best!
Thanks man now i can test these performance boost stuff
You make it interesting to learn ty
Thank you so much you really help me :)
Thanks for the detailed tutorial you got a sub from me
Super interesting, thank you!
Could you please also make a video about the Cuckoo sandbox for malware analysis?
Great !
Thanks !
Thanks for a great video. Please consider system details also display windows product key.
Wow , you are young tutor / professional , i thought you r an old person... good to know u r between 32 & 38
Informative
Thanks for the amazing help of this video. I am going to start making yt videos and flashback express seems like the right option to go with. Thx again for the help this video had for me Any One Interested in the Full Version...
#Your titorial is best
Big fan from bangladesh
Nice one!
just as a side advise, I don't think that "host only" virtual bridge would be enough to stop "worms", take your precautions.
WIthout VmWare tools installed, we can used th clipboard, so we can copy for exemple a hash from the VM to the host browser to anlalyse it ?
Is it too bad to run it in a NAT network at all times? It will receive a different IP address from the host, but this way I can create a internal networks of VMs and play with attack/defense between Windows/Kali, for example.
If on my host computer, I have a specific drive for VM's, why can I not see the Oracle program on that drive? Does Virtual Box have to be installed on the C drive of the host machine?
Great video, any chance you would do a video in the future on using Linux?
No get windows
i hoped that you install it in any debian opsys
Great!
Now are you running Vbox inside of a sandbox software like shade or sandboxie? Or is this VM running alone?
Sir please upload on yourself how you started your career as ethical hacker
Hey @HackerSploit
so there are two version of Fake-net the one you have and using on this video and there is another version called " Fakenet-NG" would you be able to show how to set up fakenet. Im also running into the trouble of running it as is giving me a "gateway"error . Does this have to do anything with the VM being in "Host-only adapter" how can i fix this? its probably a simple fix.
interesting. I was trying to run kali linux but my actual AV went off when i ran nikto on it (through a VM) . Is there anyway i can avoid that
are you sure about host only? because i saw tutorials saying that was the wrong thing. what is the right network adapter for just testing viruses?
alex the GREAT thanks
I thought that shared folders between guest and host was one of the easier vectors for malware on a VM to traverse to the host. Has this changed?
You can add and remove shared folders without rebooting VM. It can be mounted as read only but I prefer to completely remove it until I need it.
can we connect to the internet while we are downloading, and then disconnect while executing malwares? is it safe to do? or we need to be completely disconnected from the vm all the time?
Sir please ! Tell me
How to follow Your videos !
For Beginners please sir !
Starting in virtual box virtual machine is already wrong.
If you are doing virus analysis I recommend QEMU with KVM (virtual box is not an option cause it can be detected)
If you are going for reverse engineer I would still recommend QEMU but also virtual box is an option too
This is really a great tutorial. I recently made a bad decision to use software that was part of a class on Udemy and the instructor for the class said it was going to activate a "false positive" but I ran the software, it tripped my anti-virus software and then I removed the software. I don't know what the software installed though in the background or in hidden files. Would you be open to letting me pay you to analyze this software on a virtual machine and tell me what was likely installed into hidden files?
What class was it?
You say about imitating real anvironment. Would malware not check for things like Fakenet installation or disabled firewall also?
A lot of people who are not IT savy will often have there firewall off either some sort of malware disabled it or they turned it off for some reason and don't know why they need it. I worked at a hotel for years and ran a small side business fixing guest computers that were our regulars 90% of the ones I looked at had no antivirus running the firewall was off and they had absurd amounts of different malware.
@@drewgibson4233 I have my firewall off (to cheat) and no antivirus (downloading things) but I've been fine, if you have common since it shouldn't be that hard to not get hacked
@@vypr1653 cheater
Hi! Great video, thank you very much. I was wondering, if I remove Guest Additions, I'm unable to increase the screen size e.g. go full screen, of the VM easily (there are some "low level" configurations that could be tried, but I haven't tried them yet). Note: I am using an Intel processor, so I can't select Enable Nested VT-x/AMD-V, which was one of the suggested solution I came across. Some have mentioned that it's okay to have the Guest Additions installed but to ensure that shared folders and clipboard are disabled. Any thoughts and/or suggestions regarding this, or possibly share how you dealt with this matter? Thanks!
Guest Additions install a custom graphics driver that provide GPU acceleration for your VM, therefore, you require the guest additions in order to go full screen. Alternatively, you can change the resolution manually within the VM display settings.
what about hyper-v? can I use that too?
are these things also enough for old malware like Bonzibuddy, MEMZ (ok, not so old), Wannacry etc.?
Is their a video for VMware / writeup
Does this work for testing minecraft clients that might have trojans etc?
Could you please make more Videos about making your Android Phone into a hacking machine? I would really like to learn more about that!
Make a way for yourself dont relie on hackersploit
Here we can retrive established network connection, but how to capture the changes happtin system due to execution of malware?
When I go to the network settings and select host only adapter, nothing appears in the name. Please help me.
How can i install all necessary packages in Kali linux(WSL)
sudo apt install kali-linux-full
Could you outsmart a malware by let say. I make my host system identify as virtual machine so that malware would reject to run?
Like installing VMware tools?
That is interesting !!
He doesn't do that kind of videos , don't know why!
@@mohammadabdussamad2258 cuz the malware goes through
@HTB_For_Life well some precautions are better than none. I will of course keep running my antivirus on top of it
Highly unlikely you can outsmart a virus, a virus will most likely still run even if it has vmware tools. He's just saying some check for that.
@@nobytes2 but the prestige of such an accomplishment. hardly not worth the time.
do i keep fakenet running while I'm analyzing it?
wouldn't internal network be a better choice? why would you want to give malware a path to your host machine?
Is it okay if i stay connected to the internet in my sandbox environment? I'm trying to detect crytpojackers and without a network connection i really can't conclude the malware is a cryptojacker.How else could i implement this?
Sir plz start making video
Would it also be advisable to choosing the amount for ram based on the "powers of 2" numbers, like for example: 4096 Mb (which is 2^12) or 8192 Mb (2^13), etc?
why wouldn't the malware look to see if it can get to someplace like Google or look for fake net?
Hello, Why we need to remove the guest ?
Microsoft VM is not available anymore on their site please do an update.
do i get virus on my pc if i play crack game on sandbox environment ?
Why not use windows sandbox for malware analysis?
2:33 lmao savage
i did everything and i cant even access the shared folder bullshit because its not connected to the internet
10th awesome!
I have two questions:
1. Do you have to worry about networking a VM due to the threats of worms? What if you’re examining links that lead you to webpages with a keylogger installed?
2. Do you worry about VMEscape malware?
NoEscape doesn't get out of the VM, So feel free to try it in a VM.
Where's the VMWARE video?
So with this, what is the point of the previous windows 7 setup video?
I've been asking myself the same question..
I know this is old but, fingers crossed for when they decide anything under 8 cores is a vm lol
it works for testing ransomware or it will get out ??
the ransomware is scary
It wont get out.
i want to learn so much from your videos...i am fucking procastinating all the time
واالله لي عندو االغة الانجليزية فهو في نعمة عضيمة
Does VMware work?
There he is
Ma nigga
Dose this still work
Hi, is this method safe for messing with memz or wanna cry? Cuz I wanna make a malware testing and how to deal with malware channel. So is this method completely safe for testing memz and other aggressive viruses? Thanks...
I tried installing a malware for a free game and it didnt affect my pc just the vm, I also downloaded vpn to avoid the virus getting to my network. I will say it's safe but I deleted it cuz I'm gonna be selling my pc soon
If u ever need help I'll try to download the memz thing and tell you what happens
@@crukiesbasted1732 ok pls help me
@@stroft2real I downloaded that MEMZ virus and I was shocked lol, nothing happened just cant control the mouse or anything. I restarted my pc and restart the vm and it works fine
@@crukiesbasted1732 I'm so scared. I want to contact you on discord. Do you have discord?
8:05
I need help....
My friend forgot his apple id and his iPhone 7 is locked....
Is there any possible way to remove it...
Please help...
was monetized, so that company could aim for Nice tutorials channel to make money
5:17
It's probably a cracked key.
He hackersploit i have alfa wifi AWUS036H can't connected wifi ..It tries to connect and does not connect
scp096 jasonmraz criticalrole 3dprinting rekietalaw carpenters markrober
Who tried the 000.exe virus after? XD
*me i here using a bare metal setup worth like 40k *
am I a joke to you
HEY HS....BACKUP YOUR VIDEOS TO ANOTHER STREAMING SITE
UA-cam IS BEING SHITTY AGAIN
(READ THE UA-cam COMMUNITY GUIDELINES)
LMAO, my whole laptop only has 4gb of RAM.
same
I will now download free robux
this seems kinda crappy tbh, most malware would detect the vm environment without any hardening done (and even then)
Instead of shitting on his work like an asshat, why not give some actual specifics on what he missed?
@@Anthony-kj3xw he probably has to change the drive names in regedit