Using KVM and guestfish for dynamic malware analysis on Windows