# VMRay Notes

**DRAFT**

VMRay Deployment is currently in progress. Information below is subject to change.

# Summary
VMRay Analyzer is a tool to detonate malware in a controlled environment.

## Generalized Architecture

VMRay Analyzer consists of a VMRay Server, which coordinates the use of other systems, and one or more _bare metal_ worker machines on which malware detonates. The systems run Ubuntu 20.04 LTS.

The system is deployed in its own account in GovCloud (one for prod, one for test)

# Source

documentation and downloads are at: https://portal.vmray.com/customer/login?

### Install Log

```
sudo ua attach <private>
sudo ua enable --assume-yes cis fips fips-updates
sudo /usr/share/ubuntu-scap-security-guides/cis-hardening/Canonical_Ubuntu_20.04_CIS-harden.sh lvl2_server
sudo apt update && sudo apt upgrade
sudo reboot


sudo -H pip3 install --upgrade awscli
sudo -H pip3 install --upgrade --force-reinstall awscli
sudo find /usr/local/lib -type f -exec chmod o+r {} \;
aws --region us-gov-east-1 s3 cp s3://afsxdr-binaries/VMRay/extended-kvm-4.2.1.zip .
aws --region us-gov-east-1 s3 cp s3://afsxdr-binaries/VMRay/vmray-4.2.1.zip .
sudo mkdir /usr/local/src/vmray/
sudo chown centos /usr/local/src/vmray/
sudo mv *.zip /usr/local/src/vmray/
cd /usr/local/src/vmray
unzip extended-kvm-4.2.1.zip
unzip vmray-4.2.1.zip
sudo bash install.sh
```

For server:
```
Do you want to install or update VMRay Platform Server on this machine (y/n)? y
Do you want to install or update VMRay Platform Worker on this machine (y/n)? n
Do you want to perform an offline installation? (y/n)? n
Do you want to continue (y/n)? y
```

For the worker:
```
Do you want to install or update VMRay Platform Server on this machine (y/n)? n
Do you want to install or update VMRay Platform Worker on this machine (y/n)? y
Do you want to install or update Extended KVM on this machine (y/n)? y
Do you want to perform an offline installation? (y/n)? n
Do you want to continue (y/n)? y
```

... Then back to admin guide for now.