Hey everyone, I messed up the editing for this release and two clips are out of order. The correct order for Parts I and II of Dynamic Analysis of an Unknown Binary should be as follows: 3:00:54 - Part 1 Basic Dynamic Analysis 2:39:37 - Part 2 Basic Dynamic Analysis I apologize for the confusion!
A side note for anyone who runs wannacry at the first detonation and nothing happens, Make sure you disable inetsim on the remnux box as the first thing wannacry does is reach out for a dns host and if it replies, it wont run. Thats how Marcus disabled it in the first place.
thank you so much, I've actually been stuck on this for some time, and it was like the first time in my life I was frustrated over a piece of malware that doesn't wanna run on my system
I don't usually comment on TH-cam but you deserve admirations. I will make sure to mention you in every interview I have for Threat Intel position and to everyone who is interested in Threat Intel/Malware analysis career path. Thank you is not enough.
this is why they say that teaching is an art... you can make someone who knows nothing understand things and slowly take them to the next level is spectacular... as soon as I finish these 5 hours I can't wait to go to buy the rest of the course.
Thank you! I managed to pick up the full course (as well as others) during the $1-$6 discount event! You guys are awesome! I am halfway through PMAT and I am enjoying it. This is definitely worth the money! TCM Security has high quality and very affordable training.
Hey fam! I just released a new, free section of PMAT that includes more detail about the security of Host Only networks and how to set up an Internal Network for malware analysis. It fits right in after the video at 51:39:00. Check it out here: notes.huskyhacks.dev/blog/malware-analysis-labs-internal-network-vs-host-only
Excellent resource. Certainly appreciate the effort that went into this! I encountered an issue with the Windows machine where it wouldn't be fed any fake html page after manually setting the DNS on the Windows machine for the Remnux host. The issue was with the LAN Settings Automatically Detect Settings configuration. Unchecking this box within Internet Explorer resolved the matter. Just in case anyone oberves this as well.
Im about 60% through your course loving it gotta stalk your youtube for everything i need more.. MOOORE 👁️👄👁️ Would definetly recommend his course for anyone reading :D
Great course! I just made it through the tutorial! I was able to solidify my understanding on basic malware analysis. I have taken a course in my graduate studies and it was a great supplement.
Man you are so generous. Now I can tell my Junior to learn from here to know if he's into malware analysis. Btw I already have the full course and I'm halfway done.
Some may have noticed that the part of Basic Dynamic Analysis was not mounted in the proper order. 3:00:54 - Part 1 Basic Dynamic Analysis 2:39:37 - Part 2 Basic Dynamic Analysis Thank you @huskyhacks531 for a fantastic tutorial
Yep, I just realized this. Thank you for pointing it out. I just looked into the editor to see if I could rearrange the order but it doesn't look like that's the case. I'll add something to the description and a pinned comment to try to clear up any confusion.
Glad I found this video. I'm getting in to malware analysis in my job and I think your course will be a great intro. Do you cover analysis of malicious websites too?
Im curious, has the FLAREVM installation changed? I went through the process but simply get a folder named Tools instead of FLARE. Also it seems the packages that get installed are different than those seen the video, for example no peview. Is that just necause theyve changed their tool lost in the config file?
Hello, I’m stuck at the remnux phase where I’m supposed to mount a media It’s keeps telling me “/decdrom” does not exist I look forward to your assistance, thank you
One tip, personally I would go the extra step and by ensuring clipboard sharing is disabled when deploying malware. I don't think he mentioned that and did notice he had it enabled when copying hashes to virus[.]total just my two cents. But great video none the less!
It was an amazing and helpful tutorial for beginner malware analiyst. Thank you so much, I was searching something like this and your content is exactly what I was looking on the internet. Thank you again🤗
For Vmware users: If anyone face problem after configuring Static DNS in Flarevm, and on visiting any url or ip you are not getting any output. Please follow below steps: - uncheck connect a host to virtual adapter in vmnet interface - disconnect & reconnect network adapter of remnux and flarevm. - then please do allow port 53, 80, 443, 21 on firewall as it might block incoming traffic. (or simply disable ufw). - Also, always turn on inetsim utlity as inetsim user only. if you will turn on inetsim from root user, dns will not work. dont know the reason
Hi, mr Husky. I have a little bit problem. As you showed at 59:09 to run wannacry then try it in my flare VM but wannacry.exe didn't run. I wonder why this happened(defender was off) Thanks in advance
Congrats for ur great work and thanks for the content! I wanted to ask u if the host only adapter is safe because somewhere i read that this is not the case since the vm can communicate with the host.
The vbox files on the cdrom exist but on Remnux the files do not exist in cdrom anywhere. I have watched the video up the the sudo mount segment 3x but not sure what to try differently. Thanks
Hi, I have an issue with the inetsim. I have done everything correctly step by step but I only get the message about the fake mode when I navigate to the 10.0.0.3 remnux IP. When I try to run any other site I get 'this site can't be reached'. Can I have some help, please?
Edit: I found the answer to the below from your later explanation. However I did waste plenty of time trying to figure out myself. Here what took me further in the wrong direction is when I tried to open the malz file with 7zip and it did actually open it and presented a heirarchy of files and even 2 executables inside. So perhaps you need to rearrange the video so the safety part comes before any detonation. This is so others don't waste time like me (or worse, do something harmful) Thanks. Original post: Hi. At 57:08 you jumped to the next video and started working with the wanacry exe. However the file from the repository extracted in the previous video is ransomeware.wanacy.exe.malz So how did we jump from that to that?!?
That question and more are addressed in the course FAQ, which is located on the course Discord (link in description). If you get stuck like that please check the Discord, it's likely another student has asked the question before and we can get you back on track
@@huskyhacks I found another problem in the youtube video. The 2 video parts of basic dynamics with RAT.Unknown are in reverse order. The first video comes 2nd and the 2nd video comes 1st.
@@quasaaaar The samples in the sections you've timestamped are different samples. The course material includes multiple samples in the Basic Dynamic Analysis section. The times you've mentioned correspond to Part 2 from the first sample and Part 1 from the second sample
Thank You for this. i actually finished your course,it was really awesome experience lots of good learning, Highly recommended your course. A very good teacher😍😇
I had the same issue. I just downloaded it from Flare VM using wget without any issues. I had to set the network settings back to default before doing so. Make sure nothing malicious is actually on the machine if doing this method
hey husky i tried to download the repo on my physical host but the defender and browser didn't let me download the repo as it was detection viruses into it can you help me with it please
Same issue. Best I can find, the latest version of Win10 does not allow users to disable MsMpEng.exe. It is owned by the system. That's Microsoft's main AV scanner. Have not found a way around it yet.
@@OldDirtyDragon well bro it is a very simple issue what i did that i cloned the repo using git clone command and further it was downloaded on the pc but i made sure i dont open or unzip the repo, i further enabled the drag n drop from host to machine option temporarily for flarevm after dropping the repo into the flarevm i disabled the drag n drop option from v box and made sure that i have deleted the cloned repo from my physical machine and during all this process i didn't touched or twitch the windows defender should work for you as well
Just a quick question.. why does my Network setting is not working? I tried everything but the configuration is just not working in my case? Any solution?
Hello Sir, I am facing one issue, whenever I try to arm any binary, win10 defender or firewall removes it, Although all security options are turned off, Via Real Time Protection, Registry entry, group security policy etc. Still whenever any binary is converted to armed mode, windows automatically removes it. Kindly help what to do?
Was hoping someone could answer a question regarding downloading file samples directly from an EDR dashboard. For example, 365 Defender from MS allows me to download a password protected zip file with the sample in question. However, as I am signed in with the company admin account used to access the EDR dashboard and subsequently have to download the sample to my work machine, how can this be done safely? Do I create a read only account for the dashboard access and sign in to that account in a lab environment and then download the sample? Do I just download the zipped sample on my work machine and send it elsewhere? I'm trying to limit as much possible risk from downloading a sample during an investigation and unfortunately Microsoft don't make this easier in the 365 defender dashboard.
I'm trying to get through the course but I'm not able to run the powershell script from flare-vm. I'm stuck trying to disable Windows Defender... Damn, I've even followed all the links provided under the github repository to do this but none seem to work. Hence I'm stuck here trying to run the powershell script ...
Just for anyone that might face the same issue. I just went ahead and installed Windows 11 on my VM. I was finally able to disable windows defender with the help of John Hammond's yt video. Flare VM install script has successfully ran and I will be continuing the course later today.
Appreciate the effort you put in this video. Amazing content. What i liked about the video is the way it has been explain which clear and to the point. Thanks husky.
Thanks a lot sir. Just what to know for after ransomware detonation which tools I can use for dynamic analysis like you have shown how to use procmon and procexp but when I detonate the ransomware tools get crash.
@@ytriskad3889 Hey, I had the same issue you had and was able to get it to work. Let me know if you still have this issue and I can tell you how I got mine to work and that might help in oyur case.
Thank you very much for this video, can I get your mail id so that can discuss which are related to this in details. Am a PhD student and faculty in an organization, my work on this is very interesting.
listening to all the safety spiels as a linux user is funny. I have a habit of just leaving malware .exes lying around my pc because it can't do anything aha
Can anyone get past the "The Installer GUI" where you can select the different packages you want installed? I dont have the option to confirm yes or no and proceed.
why i cant open the Malware.Unknown.exe ? if i renamed it from .exe.malz to .exe it wont run at all. it says i have to look in the microsoft store to search an app to run it. And could anyone tell me how to get the malware on the vm without compromising my main operating system? Thanks and Great video!
remnux@remnux:~$ sudo mkdir /media/cdrom remnux@remnux:~$ sudo mount /dev/cdrom mount: /dev/cdrom: can't find in /etc/fstab. I cant seem to get past this
📺 Installing REMnux Around the 21:33 mark of the video, I start issuing commands to install the VirtualBox VM Tools on REMnux. In newer distros of REMnux, the VM Tools are installed automatically! So you may not have to issue the CD-ROM mount commands and run the auto-installer script.
Hey everyone, I messed up the editing for this release and two clips are out of order.
The correct order for Parts I and II of Dynamic Analysis of an Unknown Binary should be as follows:
3:00:54 - Part 1 Basic Dynamic Analysis
2:39:37 - Part 2 Basic Dynamic Analysis
I apologize for the confusion!
A side note for anyone who runs wannacry at the first detonation and nothing happens, Make sure you disable inetsim on the remnux box as the first thing wannacry does is reach out for a dns host and if it replies, it wont run. Thats how Marcus disabled it in the first place.
Thanks!
Thank you for this
thank you so much, I've actually been stuck on this for some time, and it was like the first time in my life I was frustrated over a piece of malware that doesn't wanna run on my system
Very helpful, thank you ❤
I recently completed the full 9 hour course on TCM and loved it. Great class!
I don't usually comment on TH-cam but you deserve admirations. I will make sure to mention you in every interview I have for Threat Intel position and to everyone who is interested in Threat Intel/Malware analysis career path.
Thank you is not enough.
this is why they say that teaching is an art... you can make someone who knows nothing understand things and slowly take them to the next level is spectacular... as soon as I finish these 5 hours I can't wait to go to buy the rest of the course.
Just completed this course its soooo awsome
i just completed the course , i really want to thank you for sharing that for free
Thank you! I managed to pick up the full course (as well as others) during the $1-$6 discount event! You guys are awesome! I am halfway through PMAT and I am enjoying it. This is definitely worth the money! TCM Security has high quality and very affordable training.
Hello, i want to ask how can I drag and drop the malware folder from host to FlareVM, not able to perform this action
@@khodorj6581 I am using VMware Workstation and I had to install VMware tools. There is probably a similar process for VMware Player or VirtualBox.
@@khodorj6581 in vm settings set them drag modes to bi directional
Hey fam! I just released a new, free section of PMAT that includes more detail about the security of Host Only networks and how to set up an Internal Network for malware analysis. It fits right in after the video at 51:39:00. Check it out here: notes.huskyhacks.dev/blog/malware-analysis-labs-internal-network-vs-host-only
damn i knew you made long courses but 51 hours is insane
Excellent resource. Certainly appreciate the effort that went into this! I encountered an issue with the Windows machine where it wouldn't be fed any fake html page after manually setting the DNS on the Windows machine for the Remnux host. The issue was with the LAN Settings Automatically Detect Settings configuration. Unchecking this box within Internet Explorer resolved the matter. Just in case anyone oberves this as well.
In remnux when i mount it said no medium found on dev/sro what i can do for these
Go to devices>insert guest additions cd image... >run
Im about 60% through your course loving it gotta stalk your youtube for everything i need more.. MOOORE 👁️👄👁️
Would definetly recommend his course for anyone reading :D
Great course! I just made it through the tutorial! I was able to solidify my understanding on basic malware analysis. I have taken a course in my graduate studies and it was a great supplement.
Man you are so generous. Now I can tell my Junior to learn from here to know if he's into malware analysis. Btw I already have the full course and I'm halfway done.
@daredevil_orchid hieee
This has been such an amazing journey. Much respect to Husky! Heath's crew @ TCM are awesome! 🎉
Some may have noticed that the part of Basic Dynamic Analysis was not mounted in the proper order.
3:00:54 - Part 1 Basic Dynamic Analysis
2:39:37 - Part 2 Basic Dynamic Analysis
Thank you @huskyhacks531 for a fantastic tutorial
Yep, I just realized this. Thank you for pointing it out. I just looked into the editor to see if I could rearrange the order but it doesn't look like that's the case.
I'll add something to the description and a pinned comment to try to clear up any confusion.
best malware analysis course. Thanks for this amazing course
You earned a sub, my friend 😊
How to filter on Procmon:
2:27:00
3:28:42
Glad I found this video. I'm getting in to malware analysis in my job and I think your course will be a great intro. Do you cover analysis of malicious websites too?
How am I only finding your channel now.. great tutor. I'll slowly watch all your videos now.
Thank you so much for this amazing tutorial
Please release next set of malware analysis video
Im curious, has the FLAREVM installation changed? I went through the process but simply get a folder named Tools instead of FLARE. Also it seems the packages that get installed are different than those seen the video, for example no peview. Is that just necause theyve changed their tool lost in the config file?
Hello, I’m stuck at the remnux phase where I’m supposed to mount a media
It’s keeps telling me “/decdrom” does not exist
I look forward to your assistance, thank you
me too stuck with remnux
I already have your course, but its good to see it on youtube :)
One tip, personally I would go the extra step and by ensuring clipboard sharing is disabled when deploying malware. I don't think he mentioned that and did notice he had it enabled when copying hashes to virus[.]total just my two cents. But great video none the less!
It looks like Flare VM already defaults to disabling the clipboard
Thank you my friend. Excelent tutorial :) I'm cheering for you to do more. hhaha
It was an amazing and helpful tutorial for beginner malware analiyst. Thank you so much, I was searching something like this and your content is exactly what I was looking on the internet. Thank you again🤗
Excellent intro to malware analysis ! great job ! looking fwd at many more videos ..
Good to see you share this much for free to many people God bless you.
awesome video, thank you for all the information. I am a cybersecurity student and found this video invaluable.
I can't wait to watch this all the way through! Thank you!
For Vmware users:
If anyone face problem after configuring Static DNS in Flarevm, and on visiting any url or ip you are not getting any output. Please follow below steps:
- uncheck connect a host to virtual adapter in vmnet interface
- disconnect & reconnect network adapter of remnux and flarevm.
- then please do allow port 53, 80, 443, 21 on firewall as it might block incoming traffic. (or simply disable ufw).
- Also, always turn on inetsim utlity as inetsim user only. if you will turn on inetsim from root user, dns will not work. dont know the reason
I bought this and im so happy i did
Did you bought it on TCM Security?
@@todorokiyosukedesu yeah!
hello
@_clavita hello'
Thank you Matt, we truly appreciate the 🎁
Great Video..Thank you
When I try to mount the cdrom I get this error message, mount: /media/cdrom: no medium found on /dev/sr0.
Go to devices>insert guest additions cd image... >run
21:56 I get error "no medium found on /dev/sr0" :(
It means the needed files are already on your distro. Your good to go!
Thank you for the awesome course
Hi, mr Husky. I have a little bit problem. As you showed at 59:09 to run wannacry then try it in my flare VM but wannacry.exe didn't run. I wonder why this happened(defender was off)
Thanks in advance
You probably have the same issue as me - using a Windows 10 build which is no longer vulnerable to wannacry.
@@mattanderson2074 i dont know why, but it worked. Wannacry works properly
Subscribed!!
Good Lecture man!
Congrats for ur great work and thanks for the content! I wanted to ask u if the host only adapter is safe because somewhere i read that this is not the case since the vm can communicate with the host.
I actually just wrote a new section of PMAT about this specifically! notes.huskyhacks.dev/blog/malware-analysis-labs-internal-network-vs-host-only
The vbox files on the cdrom exist but on Remnux the files do not exist in cdrom anywhere. I have watched the video up the the sudo mount segment 3x but not sure what to try differently. Thanks
Hi, I have an issue with the inetsim. I have done everything correctly step by step but I only get the message about the fake mode when I navigate to the 10.0.0.3 remnux IP. When I try to run any other site I get 'this site can't be reached'. Can I have some help, please?
Thank you so much for all your hard working ,but I do not know why the commands did not work for with me at the beginning?
I cannot thank you enough.
Thank you so much
can you tell me where should i download all tools for malware analysis I have Installed Flare VM but some tools are not compelety download
Edit: I found the answer to the below from your later explanation. However I did waste plenty of time trying to figure out myself. Here what took me further in the wrong direction is when I tried to open the malz file with 7zip and it did actually open it and presented a heirarchy of files and even 2 executables inside. So perhaps you need to rearrange the video so the safety part comes before any detonation. This is so others don't waste time like me (or worse, do something harmful) Thanks.
Original post:
Hi. At 57:08 you jumped to the next video and started working with the wanacry exe. However the file from the repository extracted in the previous video is ransomeware.wanacy.exe.malz
So how did we jump from that to that?!?
That question and more are addressed in the course FAQ, which is located on the course Discord (link in description). If you get stuck like that please check the Discord, it's likely another student has asked the question before and we can get you back on track
@@huskyhacks I found another problem in the youtube video. The 2 video parts of basic dynamics with RAT.Unknown are in reverse order. The first video comes 2nd and the 2nd video comes 1st.
@@quasaaaar Do you mind replying with the time stamps of what you think is out of order? I just skimmed that section and it all looks to be in order
@@huskyhacks for Rat.unknown:
Part 2 @ 2:39:35
Part 1 @ 3:00:55
@@quasaaaar The samples in the sections you've timestamped are different samples. The course material includes multiple samples in the Basic Dynamic Analysis section. The times you've mentioned correspond to Part 2 from the first sample and Part 1 from the second sample
You're the best bruh
Windows Defender is not letting me detonate de virus :(
Brilliant !!!
Thank You for this. i actually finished your course,it was really awesome experience lots of good learning, Highly recommended your course. A very good teacher😍😇
is it ok to enable the clipboard share feature on flarevm ?
Hello , I am not able to drag the malware folder from the host to FlareVM, anyone please help
were you able to solve the problem?
@@mahetsiedahi6530 ITS BEEN A YEAR
@@mahetsiedahi6530 Turn on host to guest in the drag-and-drop setting
I had the same issue. I just downloaded it from Flare VM using wget without any issues. I had to set the network settings back to default before doing so. Make sure nothing malicious is actually on the machine if doing this method
at the 4.00.31 i don't understand how i find the metasploit module for use the reverse shell?
hey husky i tried to download the repo on my physical host but the defender and browser didn't let me download the repo as it was detection viruses into it
can you help me with it please
Same issue. Best I can find, the latest version of Win10 does not allow users to disable MsMpEng.exe. It is owned by the system. That's Microsoft's main AV scanner. Have not found a way around it yet.
@@OldDirtyDragon well bro it is a very simple issue what i did that i cloned the repo using git clone command and further it was downloaded on the pc but i made sure i dont open or unzip the repo, i further enabled the drag n drop from host to machine option temporarily for flarevm after dropping the repo into the flarevm i disabled the drag n drop option from v box and made sure that i have deleted the cloned repo from my physical machine and during all this process i didn't touched or twitch the windows defender
should work for you as well
Waiting for Remnux to install 20:58
I’ll be back whenever I remember to continue 24:40
cutter and PEview are missing on flarevm
I can't thank you enough, Matt 🌸💝
This is phucking fantastic. Very well explained
Just a quick question.. why does my Network setting is not working? I tried everything but the configuration is just not working in my case? Any solution?
Hello Sir,
I am facing one issue, whenever I try to arm any binary, win10 defender or firewall removes it, Although all security options are turned off, Via Real Time Protection, Registry entry, group security policy etc. Still whenever any binary is converted to armed mode, windows automatically removes it. Kindly help what to do?
Can you show the same lab setup using VMware Workstation Pro? I haven't been able to find a single video on this topic.
that's paid for. You can either use VMWare player or VirtualBox for free.
@@gameblendingreality yeah i can intall them in VMWare player, but still struggling in isolating them. it is not the same as VirtualBox.
@@hyphen686 so you’re talking about the network settings in vmware? I’d honestly throw it into ChatGPT and that should get you to a fixed spot
floss cmmand not working in my cmd said that it is not recognizeble how to solve this issue
Gonna need to make some time for this.
While mounting th CD-ROM directory It says no media found under /dev/sr0
Just click on Devices -> Insert Guest Additions CD image...
The no media found error should be solved after this
@@angelaguirre9384 Thanks for saving me!
@105:10 did you adjust your DNS and just edit that portion out?
Never mind you cleared the air on this about 10 minutes later! :)
Was hoping someone could answer a question regarding downloading file samples directly from an EDR dashboard. For example, 365 Defender from MS allows me to download a password protected zip file with the sample in question. However, as I am signed in with the company admin account used to access the EDR dashboard and subsequently have to download the sample to my work machine, how can this be done safely? Do I create a read only account for the dashboard access and sign in to that account in a lab environment and then download the sample? Do I just download the zipped sample on my work machine and send it elsewhere? I'm trying to limit as much possible risk from downloading a sample during an investigation and unfortunately Microsoft don't make this easier in the 365 defender dashboard.
Hello , I am not able to drag the malware folder from the host to FlareVM, any idea?
Hi ,I am facing same issue,Can you please share if you already resolved the problem.
@@AaryadevVRBLX @khodorj6581
Same here, have you found the way ? do share the idea.
Hello, you need to enable drag and drop in your VM. On running VM, on toolbar, go to devices -> Drag and Drop -> Host to Guest
i cannot find the flare-vm github repo
Hello, I am trying to find a way to contact Matt Kiely to ask him about his training video i just purchased and i am not able to mount the file.
Hello, please check the description of this video for some notes about that issue.
I am still a beginner, how to install the files to my flare vm and I have no connection to the internet ?
You download it into your main machine then enable drag and drop (host to guest) and transfer the files into the Flare VM
@@muhammedbadawy1543 Will there be any risk to my device?
is malware analysis job generally full time job or are there part time jobs as well?
I'm trying to download labs from the URL given in description but it says "Virus detected" and then stopped downloading.
Please solve my query
download it on the vm and not your host, after its down disable nat again
That first malware file from close to an hour in just will not execute.
My laptop doesn't support virtualization what to do in this condition?
lolololol
WannaCry doesnt work((
this course related to TCM security pratical malware analysis
man disabling the Defender is a real PIA, I tried everything. Being Denied access, even with Administrator access. Does anyone here have any ideas.😰
I'm trying to get through the course but I'm not able to run the powershell script from flare-vm. I'm stuck trying to disable Windows Defender... Damn, I've even followed all the links provided under the github repository to do this but none seem to work. Hence I'm stuck here trying to run the powershell script ...
Just for anyone that might face the same issue. I just went ahead and installed Windows 11 on my VM. I was finally able to disable windows defender with the help of John Hammond's yt video. Flare VM install script has successfully ran and I will be continuing the course later today.
Appreciate the effort you put in this video.
Amazing content.
What i liked about the video is the way it has been explain which clear and to the point.
Thanks husky.
Thanks a lot sir. Just what to know for after ransomware detonation which tools I can use for dynamic analysis like you have shown how to use procmon and procexp but when I detonate the ransomware tools get crash.
5:02 5:03 5:05
i installed inetsim and configured it like you did but i dont get a page when i try to access any web site
did you fix it?
@@ytriskad3889 yes but dont remember how
@@ytriskad3889 Hey, I had the same issue you had and was able to get it to work. Let me know if you still have this issue and I can tell you how I got mine to work and that might help in oyur case.
@@Crixus0112 yeah that would be nice
Thank you very much for this video, can I get your mail id so that can discuss which are related to this in details. Am a PhD student and faculty in an organization, my work on this is very interesting.
Is this course basic or advanced?
listening to all the safety spiels as a linux user is funny. I have a habit of just leaving malware .exes lying around my pc because it can't do anything aha
Cool :)
Martin Scott Garcia Charles Young Anthony
hello
Malware analysis didn't work anymore.
May I know why?
Williams Daniel Williams Karen Clark Thomas
Isn't this a paid course?
Full course covers up to 9 hours, the first 5 hours are completely free.
Hi @huskyhacks ! Thank you for sharing the video. I am unable to get Fireeye Flare-vm, it it mandiant/Flare-vm ?
Yes, it's now hosted under the Mandiant org on GitHub
Can anyone get past the "The Installer GUI" where you can select the different packages you want installed? I dont have the option to confirm yes or no and proceed.
why i cant open the Malware.Unknown.exe ? if i renamed it from .exe.malz to .exe it wont run at all. it says i have to look in the microsoft store to search an app to run it.
And could anyone tell me how to get the malware on the vm without compromising my main operating system?
Thanks and Great video!
How do you get PEView?
Can you please explain how to differentiate between qakbot and emotet
remnux@remnux:~$ sudo mkdir /media/cdrom
remnux@remnux:~$ sudo mount /dev/cdrom
mount: /dev/cdrom: can't find in /etc/fstab.
I cant seem to get past this
📺 Installing REMnux
Around the 21:33 mark of the video, I start issuing commands to install the VirtualBox VM Tools on REMnux. In newer distros of REMnux, the VM Tools are installed automatically! So you may not have to issue the CD-ROM mount commands and run the auto-installer script.
Had the same problem. Thank you
Insert the guest CD-ROM (VirtualBox Guest Additions installation) as you did in Windows to achieve a better screen resolution.
@@huskyhacks Thank you for clarifying, this may be worth pinning for people such as myself who see this in the far future.