Emulating a native USB stick within vmware
up vote
-1
down vote
favorite
I use a sandbox to test malware any analyse it.
One of the latest malware explicitly looks for USB-sticks to write code on it.
What I'd need is a little (windows) tool to emulate/fake a USB stick within the Win7 that acts like the malware victim, so the malware "thinks" it's real. That fake should not be recognised as fake to easy as the malware will not run then.
VMWare-tools usb-redirection is not an option as this implies VMWare tools installed and that is a nogo for the victim.
Thanks so much for your ideas... :-)
Cheers
Marcus
windows usb malware emulator
edited 2 days ago
Hennes
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
-1
down vote
favorite
I use a sandbox to test malware any analyse it.
One of the latest malware explicitly looks for USB-sticks to write code on it.
What I'd need is a little (windows) tool to emulate/fake a USB stick within the Win7 that acts like the malware victim, so the malware "thinks" it's real. That fake should not be recognised as fake to easy as the malware will not run then.
VMWare-tools usb-redirection is not an option as this implies VMWare tools installed and that is a nogo for the victim.
Thanks so much for your ideas... :-)
Cheers
Marcus
windows usb malware emulator
edited 2 days ago
Hennes
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
There are a couple SE questions about usingdummy_hcdandg_mass_storagefor emulating USB drives, but that idea doesn't work on Windows.
– dsstorefile1
2 days ago
add a comment |
up vote
-1
down vote
favorite
up vote
-1
down vote
favorite
I use a sandbox to test malware any analyse it.
One of the latest malware explicitly looks for USB-sticks to write code on it.
What I'd need is a little (windows) tool to emulate/fake a USB stick within the Win7 that acts like the malware victim, so the malware "thinks" it's real. That fake should not be recognised as fake to easy as the malware will not run then.
VMWare-tools usb-redirection is not an option as this implies VMWare tools installed and that is a nogo for the victim.
Thanks so much for your ideas... :-)
Cheers
Marcus
windows usb malware emulator
edited 2 days ago
Hennes
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I use a sandbox to test malware any analyse it.
One of the latest malware explicitly looks for USB-sticks to write code on it.
What I'd need is a little (windows) tool to emulate/fake a USB stick within the Win7 that acts like the malware victim, so the malware "thinks" it's real. That fake should not be recognised as fake to easy as the malware will not run then.
VMWare-tools usb-redirection is not an option as this implies VMWare tools installed and that is a nogo for the victim.
Thanks so much for your ideas... :-)
Cheers
Marcus
windows usb malware emulator
windows usb malware emulator
edited 2 days ago
Hennes
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Hennes
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Hennes
58.6k792141
edited 2 days ago
Hennes
58.6k792141
edited 2 days ago
Hennes
58.6k792141
58.6k792141
asked 2 days ago
Marcus
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
Marcus
1
asked 2 days ago
Marcus
1
1
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Marcus is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
There are a couple SE questions about usingdummy_hcdandg_mass_storagefor emulating USB drives, but that idea doesn't work on Windows.
– dsstorefile1
2 days ago
add a comment |
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
There are a couple SE questions about usingdummy_hcdandg_mass_storagefor emulating USB drives, but that idea doesn't work on Windows.
– dsstorefile1
2 days ago
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
There are a couple SE questions about using
dummy_hcd and g_mass_storage for emulating USB drives, but that idea doesn't work on Windows.– dsstorefile1
2 days ago
There are a couple SE questions about using
dummy_hcd and g_mass_storage for emulating USB drives, but that idea doesn't work on Windows.– dsstorefile1
2 days ago
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
Use ImDisk to create a virtual USB-drive to test your malware with.
Link to ImDisk Toolkit software: https://sourceforge.net/projects/imdisk-toolkit/
However I don't know if the malware will recognize this as fake or not.
answered 2 days ago
Aulis Ronkainen
5491412
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Use ImDisk to create a virtual USB-drive to test your malware with.
Link to ImDisk Toolkit software: https://sourceforge.net/projects/imdisk-toolkit/
However I don't know if the malware will recognize this as fake or not.
answered 2 days ago
Aulis Ronkainen
5491412
add a comment |
up vote
0
down vote
Use ImDisk to create a virtual USB-drive to test your malware with.
Link to ImDisk Toolkit software: https://sourceforge.net/projects/imdisk-toolkit/
However I don't know if the malware will recognize this as fake or not.
answered 2 days ago
Aulis Ronkainen
5491412
add a comment |
up vote
0
down vote
up vote
0
down vote
Use ImDisk to create a virtual USB-drive to test your malware with.
Link to ImDisk Toolkit software: https://sourceforge.net/projects/imdisk-toolkit/
However I don't know if the malware will recognize this as fake or not.
answered 2 days ago
Aulis Ronkainen
5491412
Use ImDisk to create a virtual USB-drive to test your malware with.
Link to ImDisk Toolkit software: https://sourceforge.net/projects/imdisk-toolkit/
However I don't know if the malware will recognize this as fake or not.
answered 2 days ago
Aulis Ronkainen
5491412
answered 2 days ago
Aulis Ronkainen
5491412
answered 2 days ago
Aulis Ronkainen
5491412
answered 2 days ago
Aulis Ronkainen
5491412
5491412
add a comment |
add a comment |
Marcus is a new contributor. Be nice, and check out our Code of Conduct.
Marcus is a new contributor. Be nice, and check out our Code of Conduct.
Marcus is a new contributor. Be nice, and check out our Code of Conduct.
Marcus is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1376223%2femulating-a-native-usb-stick-within-vmware%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Are you asking for a software recommendation?
– dsstorefile1
2 days ago
Actually, anything that would do the job. The only constraint is, that it looks as real USB stick as possible to the malware. ;-)
– Marcus
2 days ago
There are a couple SE questions about using
dummy_hcdandg_mass_storagefor emulating USB drives, but that idea doesn't work on Windows.– dsstorefile1
2 days ago