PMA 40: FLARE-VM (20 pts extra)

What you need

A computer with VMware or some other hypervisor product installed

Purpose

To set up a FLARE-VM--a powerful Windows-based forensic and malware analysis machine from FireEye.

Warning: This is a Slow Process

This project takes a lot of time and a lot of storage space (60 GB or so). It took more than a day to complete on my system.

Also, the final machine is only useful for 90 days, as far as I can tell (although there may be a way to extend that with snapshots).

Downloading Windows 10

In a browser, go to

https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

In the "Virtual Machines" list, select "MSEdge on Win10...", as shown below.

In the Choose a VM platform" list, choose your virtualization software, as shown below.

Download the file. Unzip it and launch it in your virtualization software.

Username: IEUser
Password: Passw0rd!

Installing Firefox

In your Windows 10 virtual machine, open Edge. Go to

https://getfirefox.com

Download and install Firefox.

Installing FLARE-VM

In your Windows 10 virtual machine, in Firefox, go to

https://github.com/fireeye/flare-vm

Follow the instructions on that page to download and install FLARE-VM. Once you start it, it will download and install many packages, and automatically restart many times. This process took about a day when I did it.

PMA 40.1: Pentest Folder (20 pts)
On your desktop, double-click the FLARE folder icon.
Double-click the Pentest folder.
The name of the folder inside is the flag, covered by a green box in the image below.

Posted 9-14-2020