Via Reddit, I saw and really like this blog post about how to “set up your own malware analysis lab with VirtualBox, INetSim and Burp.” Oh wow, INetSim fills a nice role in this, but the author also does go through almost every step you need to do to set up a couple victim boxes, an analysis box, and get visibility into the basics.
My lab is nearly equipped right now to do this, but it could with some adjustments based on these steps. I’ve never done full on malware detonation and analysis before. I have done malware analysis to a smaller degree many years ago on actively infected production systems. It’s definitely more sane to do this in a controlled, throwaway environment! Filing this one away to do on a rainy day where I’m inspired to do some malware analysis like this. I really dig the INetSim and Burp setup.