The most critical rule of malware analysis is: You must create an isolated environment to prevent infections from spreading to your personal files or network.

: Most analysts use a Windows virtual machine (VM) because the majority of malware targets Windows. Tools like FLARE VM can automatically turn a standard Windows install into a powerhouse analysis station.

: Use Process Hacker or Procmon to see what new processes the malware spawns.