I found an old laptop with Windows 10 and discovered a virus on it. What’s the process of analyzing a malicious executable?
Do I boot off of a live linux USB, mount the drive and reverse engineer the exe?
Do I copy the executable to a Windows VM, install RE software like IDA and analyze it there?
Or do I just download the RE software directly on to the infected machine and analyze it in its home environment?
In general, what’s the procedure for a cyber forensics expert that’s just been given an infected machine? I’m well versed in software engineering, but completely new to cyber forensics and not really sure how to structure a google search for this.
Thanks in advance for any direction.