PC Build

I’m almost 35 and I’ve never built a PC. We’re going to fix that. Also it’s going to be a real monster of a computer.

My main consideration is being able to safely reverse engineer malware samples. I’m currently following the not so wise practice of doing malware analysis on my primary computer. While I haven’t screwed up yet, I really need change that. Especially if I’m going to espouse to others that they shouldn’t be playing with malware on the same computer that they do everything else on.

To address the malware problem I’m going to be doing a dual boot of Windows and Linux. Windows will be my everyday operating system. Linux will be my malware playground. Each OS is getting a dedicated, 2 TB solid state drive.

My second consideration was performance.

I do some HD video editing and my current computer just doesn’t have the compute, graphics, or memory to support it. When I work on videos everything runs painfully slow and has a tendency to crash.

In addition to video editing, I do a lot of virtualization. This is especially true when playing with malware samples. My current setup just can’t gracefully handle a small VLAN with multiple virtual hosts any longer.

Now, I must admit I’ve probably gone a little overboard here… but I figure you only live once! With that in mind I bought a 32-core processor, 128 GB of memory, and two really nice graphics cards.

Here are build details:

  • CPU: AMD – Threadripper 2990WX 3 GHz 32-Core Processor
  • CPU Cooler: Cooler Master – MasterLiquid ML360 RGB TR4 Edition 66.7 CFM Liquid
  • Motherboard: ASRock – Fatal1ty X399 Professional Gaming ATX TR4
  • Memory: Corsair – Dominator Platinum 128 GB (8 x 16 GB) DDR4-3200
  • Storage: Two x Samsung – 860 Evo 2 TB M.2-2280 Solid State Drive
  • Video Card: Two x EVGA – GeForce RTX 2080 Ti 11 GB XC2 ULTRA GAMING (2-Way SLI)
  • Case: CORSAIR – Obsidian 750D Full-Tower
  • Power Supply: EVGA – SuperNOVA T2 1600 W 80+ Titanium Certified Fully Modular ATX

SecDSM Amateur Malware Analysis Presentation

At the September 2018 SecDSM meeting I gave a presentation titled “Amateur Malware Analysis.” Thank you to anyone who came and watched!

For anyone who didn’t make it or didn’t watch SecDSM’s live-stream the summary for my presentation was:

Are you interested in reversing but don’t know where to start? Think reversing is beyond your means? This talk will try to make the topic of reversing more accessible and will focus on amateur malware analysis, including setting up your environment, free tools, and some demos.

Here are the slides I used for my presentation in case anyone wanted to reference them:

SecDSM Malware Presentation Slides (from Sept 20, 2018)

The slides contain URLs to the tools I talked about in the presentation. They still seemed to be safe the last time I checked them (although some AV engines disagree for some of the tools). That being said, as with all open source software and freeware that you download, you use them at your own risk. If you want to be really safe about it you could simply download them inside of the VM you plan to use for your malware analysis, and then only run them in your analysis VM. In fact, that is what I do. The same idea applies to any malware samples you download.

I really enjoy attending SecDSM. If you are interested you can check them out at https://secdsm.org/.