Remnux main

How to Install REMnux 6 for Malware Analysis and its Prominent Features

Remnux is a lightweight Ubuntu based Linux distribution, which is specifically developed to help reverse engineer and analyze malware. It contains a wide range of apps and features which are mandatory for successful analysis of malware. Forensic investigators and incident reporters can use this tool kit to analyzing Windows and Linux malware, browser-based threats, and explore suspicious files. New release of this tiny distro is out now, we will be reviewing the primary features and installation process of REMnux 6 in this article.

Salient Features

Here are some of the noteworthy features of this Remnux 6.

  • It offers wide range of tools for static file analsis, few of them are pescanner, pestr, pyew, and readpe
  • It offers few tools for Binary files analysis as well, including but not limited to radare2, yara, vivbin, and  wxHexEditor
  • Analysis toolkit includes two useful tools Rekall and Volatility for memory snapshots
  • Includes tcpdump, ngrep and wireshark for Network analysis
  • Includes NetworkMiner, CapTipper and burpsuite tools for web traffic analysis
  • Uses js-beautify for Java Script cleanup
  • Uses wget and Curl to retrieve remote web pages content
  • Includes support for oletools and libolecf for Microsoft Office and Open Office documents
  • Uses Androwarn, AndroGuard for android malware decoding

Installing REMnux 6

The installation process for this distro is bit different, you don’t need to download ISO, Burn it and start the installation wizard. Instead REMnux provides a ova file to download. We need to import this file using any virtualization tool and then use the operating system to carry out analysis tasks. We will show the installation process of this operating system using Oracle Virtual Box virtualization tool.

Tip: If oracle Virtual Box is not installed on your end, you can install it by following method:

Ubuntu users should run following command on terminal.

apt-get install virtualbox

Windows users should download its executable file and run installer.
Download virtual Box for Windows

In order to install REMnux, First of all download its ova file from following location.

Download REMnux5 ova

Once the download process is complete, launch Oracle Virtual Box and click on File >> Import Appliance.

Import Appliance

Tip: Kindly note that all good virtualization tools offers you this feature to import and export appliances, if you are using some other tool, you should be able to locate and use the similar option.

Alright, now browse and provide the physical path to your downloaded REMnux ova file on this step.

Appliance path

Once done click “Next” to proceed to the third step, It will list you a summary of the import option, you can change resources like CPU, Memory etc from here, otherwise keep default option and hit “Import” , The import process of ova to a new VM will be started immediately.

Appliance Import1

It will keep showing your progress of the import process, be patient :)

Appliance Import2

As soon as the import process completes, you should be able to see it in Virtual Machines lists in Powered off mode. Simply right click it and choose “Start”.

start Remnux

It will boot your REMnux 6 operating system, Login with username “remnux” and default password “malware”.

Remnux main

That’s all , Enjoy using REMnux :)


This little distro is blessing, think of setting up a Linux box with all these security related apps will take long amount of time. You can get all required apps on one place in this small distro, its lightweight in true sense and resource consumption by this distro is very low. Hope you find this article useful, do let us know in comments please :)

Please follow and like us:

Leave a Comment

× five = 40