If you are not an expert in this skill, there are still some automated malware analysis tools that you can use to get some information from the files.
Sandboxes can be a very useful tool, and Cuckoo is probably the one that is best known. You can either set it up yourself, or find online Cuckoo sandboxes. Cuckoo will tell you what DNS queries are made and what HTTP connections are attempted as well as many other details.
You can replicate a part of what a sandbox does by running the malware in a closed VM and monitoring the network connections and any changes it makes to the filesystem. This only gives you a tiny amount of info (and is very risky to run unknown malware in your own VM if you do not know what you are doing), but it is also an option.
If you do have some skills, then you might want to run a debugger and see exactly how it runs, but this is an advanced skill.
There are, of course, numerous commercial tools available.