Recently my antivirus detected some keyloggers that infected my network. I have those malware files and I want to analyze them.
How can I do this analysis? It is important to find out details like where those logs are sent. At least I need a clue to investigate.
If you are not an expert in this skill, there are still some automated malware analysis tools that you can use to get some information from the files.
Sandboxes can be a very useful tool, and Cuckoo is probably the one that is best known. You can either set it up yourself, or find online Cuckoo sandboxes. Cuckoo will tell you what DNS queries are made and what HTTP connections are attempted as well as many other details.
You can replicate a part of what a sandbox does by running the malware in a closed VM and monitoring the network connections and any changes it makes to the filesystem. This only gives you a tiny amount of info (and is very risky to run unknown malware in your own VM if you do not know what you are doing), but it is also an option.
If you do have some skills, then you might want to run a debugger and see exactly how it runs, but this is an advanced skill.
There are, of course, numerous commercial tools available.
Malware analysis needs knowledge on reverse engineering and depending on the complexity of your malware it could be a real pain to understand how it works. If you've never opened IDA or OllyDbg for example there is no need to try to analyze your files by yourself (without learning how things are done: assembly, reverse engineering, unpacking... )
Now if you just want to monitor your network, as @schroeder said, running your malicious files on a VM then running Wireshark for example will probably do the trick.
Here are some online sandboxes / malware analysis services you can use to get some "deep" infos about your keylogger:
Check this link, it lists some free automated malware analysis sandboxes and services.
