Windows Sandbox is an amazing Windows feature that could be used for Malware Analysis. In order to install it you’ll need to follow this blog post here by Microsoft.
One thing about this Sandbox, is everything is ephermal, which means once you close the sandbox or power off the Sandbox, all the files, changes, applications, etc will be gone. So, in order to setup your Malware Analysis lab every single time, you’ll have to do one of two things: (1) Go through the whole setup of your applications and configurations every single time, which is so bad and time consuming (+wasting), or you (2) use .wsb scripts to automate everything!
Some of the best scripts that I use, can be found below:
Run-in-Sandbox
Windows_Sandbox_Editor
Sandbox
REEWSB
A nice reference with info about pre-installing your applications can be found in the post titled “Start Windows Sandbox with Preinstalled Apps“.
You can also follow this thread found here for other discussions and topics related to Windows Sandbox.
