I'm glad I asked instead of first trying qubes haha

I'll definitely check out virtualbox and VMware though and see how it goes.

Anything you feel most people forget about securing on vms? I'm the type to try find out all the security issues before doing anything that could possibly become a problem.

Yeah I knew as soon as I seen it it was a sketchy link so I had no intentions of pressing it, but it was just strange receiving something so sketchy on an account nobody but me knew existed.

I've been meaning to learn a lot more about vms and how to make it a secure sandbox so I'm going to check out some of the ones mentioned in this thread and see where I can go from there.

I've just sent the file off, do they get back to you with the results?

You're a legend man :) Just even a simple glance at the code to see what it was targeting would be huge for me because I feel this virus was targeted since I never used the email in question anywhere on the internet.

I haven't downloaded it yet because I'm still going through the wealth of information all of the other providers have posted, but if you have a free sanitised/throwaway email you could pm me I could forward it.

God damn that is exactly the type of information I needed on top of what others provided, I'm definitely getting into learning all about how to do this stuff because it's so interesting.

Do you have any opinion on qubes or are the vms you mentioned better?

Thanks for all the resources :)

I will definitely try this out, I'm mostly into Linux but I have a few windows machines lying around and it wouldn't hurt to learn just in case :)

Those are some seriously awesome links, thanks man! I feel like I'm going to get lost in them for hours haha

Any words of wisdom on plugging all the vm holes?

I've heard Qubes is a good bootable os for it because it runs solely on vms although there is a little bit of setup involved

Now you've ruined the whole movie!

How would you know when you get to the creamy botnet layer?

Huh, TIL. Ah well the money isn't a huge thing to me anyway but I love the idea of seeing how deep a rabbit hole like this would go. :)

That is exactly the type of thing I was hoping existed! Thank you sir :)

Would I have to download it in a vm or would forwarding it in email work?

Oh so you would also find out the exploit they were trying to exploit? That's fascinating because if it was a previously unknown exploit you could potentially cash in on bug bounty programs as well as finding out what the system target was.

Could you interact in any way any with the servers it was trying to call?

I'll definitely be checking out Django tho because I'm a big supporter of open source, so thanks for the heads up.

Yeah I've been recently messing around with the terminal in Ubuntu recently but I was planning on changing distros and another friend also recommended kali so I'll definitely check that out too.

Thanks for all the information man :)

So what would you be looking for in viruses that are emailed to you? Mistakes in the original programmers code? What would that reveal about the programmer?

I think I will probably start out with Python because the ability to create scripts would be a really nice thing to have.

Do you have any resources you think would be good to start out with in programming?

Sorry for all the questions, I just find this whole thing super interesting :)

It seems quite interesting to me, have you done it much?

I'm just at the beginning stages of coding so I obviously wouldn't have the skills to reverse engineer a virus but I would hopefully like to be able to at some point in future.

How long did it take before you had the skills to reverse engineer?