September 25, 2016

REMnux: A Linux Distribution for Reverse-Engineering Malware

REMnux is a new Linux distribution based on Ubuntu for assisting malware analysts in reverse-engineering malicious software. REMnux is designed for running services that are useful to emulate within an isolated environment to performing behavioural malware analysis. As part of this process, the analyst typically infects another laboratory system with the malware sample and directs potentially-malicious connections to the REMnux system that’s listening on the appropriate ports.

REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab.

It is important to highlight, that REMunx is not a Windows analysis tools on a Linux platform. Zero Wine project may help those who are looking for a Windows analysis tool.

You can download the REMnux distribution as a VMware virtual appliance archive and also as an ISO image of a Live CD

REMnux has been developed by Lenny Zeltser

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks