Version 3 Release of the REMnux Linux Distro for Malware Analysis

This note was published in December 2011. A newer revision of the REMnux distro has been released since then.

I’m happy to announce the release of version 3 of the REMnux Linux distribution for reverse-engineering malware. This release incorporates many usability improvements, software updates and new tools to make the environment even more useful for analyzing malicious software.

REMnux is available as a VMware virtual appliance and as an ISO image of a Live CD. The easiest way to get started with and derive the most value from REMnux is to refer to the REMnux Usage Tips cheat sheet.

Here’s what’s new in REMnux v3:

REMnux was rebuilt to be based on Ubuntu 11.10 to improve maintainability, while maintaining backwards compatibility wherever practical.

The desktop environment on REMnux has been migrated to use LXDE for improved usability, while maintaining the lightweight nature of the distribution.

The malware analysis tools available in the earlier version of REMnux have been upgraded to the latest stable versions to provide the latest features and improvements. The most significant updates include:

REMnux includes several malware analysis tools that were not present in earlier versions of the distribution, including:

For more information about REMnux, including download instructions, please refer to the distribution’s official website. If you find REMnux useful, take a look at the reverse-engineering malware course I teach at SANS, which makes use of REMnux and various other tools.

A big thank you to the individuals who tested beta releases of REMnux v3. Thank you for lending your time and expertise to this project!

Updated

About the Author

Lenny Zeltser is a business and tech leader with extensive experience in information technology and security. His areas of expertise include incident response, cloud services and product management. Lenny focuses on safeguarding customers' IT operations at NCR Corporation. He also teaches digital forensics and anti-malware courses at SANS Institute. Lenny frequently speaks at conferences, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more