Results 1 to 9 of 9

Thread: Malware analysis Machine Reimaging

  1. #1

    Malware analysis Machine Reimaging

    Hi Everyone,

    I've setup a machine for malware analysis, i've Ubuntu linux and Win XP installed on the machine, What is the quickest or best solution for reimaging the machine after i do the malware analysis .( i don't want to use virtualization solutions as some of the malware have antiVM techniques ). I tried to use partImage but it looks like it is for linux OS, does anyone have experience or knowledge how i can use PartImage in my case? Anyother suggestions and guidance are welcome .

    Thanks in advance.
    charlie

  2. #2
    Hi,

    Any ghosting solution will do. We use a custom ghosting solution at work (consisting of booting a very tiny linux and dd-ing/gzipping to a server), there is also Norton's, Acronis'...
    I, however, strongly advise you to use virtualization, VM detection can still be defeated and benefits in terms of image reverting are quite significant... If well configured, isolation works quite well and VM evasion is still rare.
    Please consider donating to help Woodmann.com staying online (here is why).
    Any amount greatly appreciated. Thank you.

  3. #3
    partimage is a great tool!.you can use partimage for backing up your windows partition since you've installed linux.
    esther


    Reverse the code,Reverse Your Minds First

  4. #4
    Howdy,

    I agree with Silkut, better to have a VM then none at all.

    I use DriveImage XML.

    Woodmann
    Learn Or Die.

  5. #5

    Recommended tool

    If you are laying down a windows image I would recommend imageX.

    http://technet.microsoft.com/en-us/library/cc748966%28WS.10%29.aspx

    They should have a pretty good walk through on getting you set up there. It usually takes about 15 minutes to lay down your image once you have everything set up. Recommendations are a PE with imageX and a external drive with enough space to store that wim.

    Again this is for windows.

  6. #6
    Can anyone please recommend free ghost imaging software , google suggests norton ghost image software which we is commercial , any thoughts ?

    thanks in advance
    charile

  7. #7
    Clonezilla.
    Learn Or Die.

  8. #8
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    PC Disk Clone Free 8.0

    http://www.softpedia.com/get/CD-DVD-Tools/Virtual-CD-DVD-Rom/PC-Disk-Clone-Free.shtml

    as advertised, looks ossom.. who knows..

  9. #9
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    well, it is somehow fun..

Similar Threads

  1. Allaple Malware analysis for illustration..
    By encryptedmind in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: April 4th, 2013, 23:47
  2. Interesting Malware analysis write up.
    By charlie in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: May 11th, 2010, 15:16
  3. Malware analysis examples @ Websense
    By Kayaker in forum Malware Analysis and Unpacking Forum
    Replies: 8
    Last Post: April 18th, 2008, 02:01
  4. Capture, care and analysis of Malware made easy
    By Kayaker in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: April 17th, 2007, 02:40
  5. Malware analysis: Nailuj sys file
    By Kayaker in forum Malware Analysis and Unpacking Forum
    Replies: 6
    Last Post: March 18th, 2007, 22:56

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •