VMCloak that can mass-produce ready-to-use cloaked VMs.
Just add your requirements to a configuration file, start the script, wait 2 coffees and you will have a dozen VMs.
To give you a small glimpse of the very useful features VMCloak offers I’ll go into more detail concerning its dependencies (aka “automatically install programs”). A complete documentation can be found here.
When analyzing the behavior of a malicious sample you normally want some programs installed which then will be attacked by the malware. That can include old browsers, PDF readers, Flash players, you name it. Also, when doing a manual analysis, you want you default tools to view the running processes, system changes, etc.
Dependencies are small configuration snippets that allow VMCloak to automatically install programs after the OS has been set up. They define the filename of the setup file, which buttons have to be clicked to get through the installation and some additional information like flags, description, and even dependencies.
Without any kind of automation one would waste minutes to hours in order to click the next button.
PaFish and VMCloak are Open Source and available for everyone. Especially VMCloak is still very young and there are lots of opportunities to test it and show your superior skillz:
The opportunities are endless, so just go ahead.
No need to ever create a virtual machine for malware analysis again. Use VMCloak.
For Science !