Move your VMware and KVM applications to the cloud without making any changes

  • November 9, 2015

Malware analysis using REMnux on AWS

Calling all malware analysts! We are proud to share that REMnux is now available on Ravello Repo. Using Ravello’s nested virtualization and networking overlay technology, it is now possible to run REMnux in an isolated sandbox environment for malware analysis on public clouds like AWS.

For the uninitiated, REMnux is a Linux toolkit for helping malware analysts with reverse engineering malicious software. At the heart of this toolkit is REMnux Linux distribution based on Ubuntu. REMnux incorporates many tools for analyzing Windows and Linux malware, examining browser-based threats such as obfuscated JavaScript, exploring suspicious document files and taking apart other malicious artifacts. Using REMnux, forensic investigators and incident responders can intercept suspicious network traffic in an isolated lab when performing behavioral malware analysis.  

Get it on Repo

REPO by Ravello Systems, is a library of public blueprints shared by experts in the infrastructure community.

The REMnux blueprint inthe Ravello repo is configured to use 1 CPU, 8GB RAM and 14GB storage to optimize resource utilization while keeping costs low if you’re running a single REMnux virtual appliance as part of the application. Also, the blueprint requests a publicly-accessible IP address and allows your REMnux virtual appliance to be reachable on TCP ports 22, 25, 80 and 443. You might want to tweak these settings based on your needs. Ravello lets you add other VMs to the environment and tweak many network parameters.

To run REMnux, please open a Ravello trial account, and add the REMnux blueprint to your library. Read more on REMnux blog on how to get your REMnux environment running on Ravello.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.