How to Setup REMnux VM in VirtualBox
I recently got introduced to REMnux for Malware Analysis. It includes tools like peepdf and vmonkey which are used for analyzing files (e.g. checking embedded JavaScript and macros).
- Download the REMnux General OVA file here.
- Check SHA-256 hash. Note that shasum default algorithm is SHA-1. Specify
-a 256
to get the correct hash for comparison.shasum -a 256 rremnux-v7-focal.ova
- Open VirtualBox. Go to File -> Import Appliance (cmd + I)
- I used the default settings
- Start. Try if
peepdf
is available.
Notes
I used the General OVA file (remnux-v7-focal.ova). I got an error with the VirtualBox OVA (remnux-v7-focal-virtualbox.ova).
The General OVA file size is slightly larger (5.29 GB).
I mostly use VirusTotal to quickly check if a file hash has a known malicious fingerprint.