Malware Analysis Automation
Hello Everyone,
Relatively new to malware analysis and I am looking for general guidance on how to improve at it. As of right now I usually use Remnux to analysis PDF's and other general files to see if they have malicious properties. I use a laptop that has a hardware wifi kill switch, have the VM in host only mode, and i have copy and paste disabled. I use a flashdrive to bring the files in question to the VM. I have heard mixed things about whether that is better or if using shared folder with the windows host is better, so would appreciate any guidance there.
For the exact tools I use, usually exiftool, pfpid, peepdf, pdf-parser, and the oletools. I usually can determine if a file is malicious but it usually takes me a lot of time and I have to spend a good amount of time googling to remember the proper arguments for commands, as I do this often but not often enough that I remember the nuances. Is there other tools that I can add on to further enhance my workflow.
I am also curious about dynamic analysis as well, but I tend to avoid that as I don't like to risk messing something up. However, I would like to learn and better my skill set in that area so any guidance there would be appreciated.
Sorry for the long and more vague post but more just looking for any tips tricks, or advice that can help take me to the next level.