<p>I recently got introduced to REMnux for Malware Analysis. It includes tools like peepdf and vmonkey which are used for analyzing files (e.g. checking embedded JavaScript and macros).</p>
<ol>
<li>Download the REMnux General OVA file <a target="_blank" href="https://docs.remnux.org/install-distro/get-virtual-appliance">here</a>.</li>
<li>Check SHA-256 hash. Note that shasum default algorithm is SHA-1. Specify <code>-a 256</code> to get the correct hash for comparison.<pre><code>shasum <span class="hljs-operator">-</span>a <span class="hljs-number">256</span> rremnux<span class="hljs-operator">-</span>v7<span class="hljs-operator">-</span>focal.ova
</code></pre></li>
<li>Open VirtualBox. Go to File -&gt; Import Appliance (cmd + I)
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1649903962223/5XCdvkbZf.png" alt="image.png" /></li>
<li>I used the default settings
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1649903901697/WgVF5dHOn.png" alt="image.png" /></li>
<li>Start. Try if <code>peepdf</code> is available.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1649903662432/e60WHerFs.png" alt="image.png" /></li>
</ol>
<h2 id="heading-notes">Notes</h2>
<ul>
<li><p>I used the General OVA file (remnux-v7-focal.ova). I got an error with the VirtualBox OVA (remnux-v7-focal-virtualbox.ova).
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1649899222565/5B1Y97FLb.png" alt="image.png" /></p>
</li>
<li><p>The General OVA file size is slightly larger (5.29 GB).
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1649903143447/xW4LYZ-7S.png" alt="image.png" /></p>
</li>
<li><p>I mostly use <a target="_blank" href="https://www.virustotal.com/gui/">VirusTotal</a> to quickly check if a file hash has a known malicious fingerprint.</p>
</li>
</ul>
<h2 id="heading-reference">Reference</h2>
<ul>
<li><a target="_blank" href="https://docs.remnux.org/install-distro/get-virtual-appliance">REMnux Documentation: Get the Virtual Appliance</a></li>
</ul>


I recently got introduced to REMnux for Malware Analysis. It includes tools like peepdf and vmonkey which are used for analyzing files (e.g. checking embedded JavaScript and macros).

1. Download the REMnux General OVA file [here](https://docs.remnux.org/install-distro/get-virtual-appliance).
2. Check SHA-256 hash. Note that shasum default algorithm is SHA-1. Specify `-a 256` to get the correct hash for comparison.
```
shasum -a 256 rremnux-v7-focal.ova 
```
3. Open VirtualBox. Go to File -> Import Appliance (cmd + I)
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1649903962223/5XCdvkbZf.png)
4. I used the default settings
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1649903901697/WgVF5dHOn.png)
5. Start. Try if `peepdf` is available.
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1649903662432/e60WHerFs.png)

## Notes

- I used the General OVA file (remnux-v7-focal.ova). I got an error with the VirtualBox OVA (remnux-v7-focal-virtualbox.ova).
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1649899222565/5B1Y97FLb.png)

- The General OVA file size is slightly larger (5.29 GB).
![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1649903143447/xW4LYZ-7S.png)

- I mostly use [VirusTotal](https://www.virustotal.com/gui/) to quickly check if a file hash has a known malicious fingerprint.

## Reference

- [REMnux Documentation: Get the Virtual Appliance](https://docs.remnux.org/install-distro/get-virtual-appliance)

How to Setup REMnux VM in VirtualBox

Documenting my journey on Software Engineering, Cybersecurity and a little bit everything. Working to bring learning to life. #TIL #WIP


reiopd

reiopd

How to Setup REMnux VM in VirtualBox

Notes

Reference