0

I'm working on malware analsys, and using VirtualBox for that.

I have created virutal machine (windows 7), in which i going to inspect the malware. I would like to send back to the host machine, the files and data from the analysis before i destroy the infected machine. The "problem" is:

I uninstalled the "virtual box guest addition" so the malware won't suspect - so shared folder isn't an option I have disabled the network connections for the guest machine (host-only), as a safty measure. What are the other optoins to transfer files from the guest to host machine? What is the safest?

Thank you.

Improve this question
2
  • I would just reinstall the guest additions after you have done your analysis. Of course transferring files off the VM, or connecting any storage device, isn't the greatest idea. Of course, the VM probably should have been on a isolated host, and the host simply reimaged when the analysis was done.
    – Ramhound
    Commented Sep 20, 2021 at 14:43
  • Note: be sure to encrypt your samples when at rest so they cannot be accidentally executed.
    – Frank Thomas
    Commented Sep 20, 2021 at 14:44

1 Answer 1

Reset to default
0

You can use a USB Key to transfer files (enable USB Passthrough).

The safest way is to burn a DVD on the host with the malware included, then read the DVD on the guest or vice versa.

Internet, Networking (file sharing), or physical devices are the only ways. DVD is the safest.

Alternative Approach:

Since allowing a machine with virtual machines access to the internet can risk all machines, another approach is a separate (economical) machine on which to do malware analysis.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .