Reference: https://github.com/mandiant/flare-vm
Create a new Windows 10 VM
Check Skip Unattended Installation
Set 8GB of RAM and Quad Core because I am impatient and can’t stand running anything less if I am able to avoid it
Allocate 100GB of drive space
Go through the typical windows install
Jump through all the hoops of making an offline account
Disable all the telemetry stuff
Realize just how bad the windows install process is now, cry.
After the initial setup is completed, shut down the VM and enable virtualization support by going to VM Settings > System > Processor and checking Enable Nested VT-x/AMD-V
Install guest additions
Disable Windows Updates
Disable Windows Real Time Protection
Windows Security
Virus and Threat Protection > Manage Settings
Ensure tamper protection is off
Turn off Real-time Protection and Behavior Monitoring
Turn off Microsoft Defender Antivirus
Reboot
Take Snapshot
Install FLARE
Run PS as admin, copy install script from https://raw.githubusercontent.com/mandiant/flare-vm/main/install.ps1
Unblock file, set execution policy, run script
Keep defaults
I appreciate how much debloat stuff I am seeing
Reboot – install continues automatically
This takes a bit, but eventually we got through it.
I did want to check the failed items to see what is missing, I know there were a couple fails as I was watching.
Killian Sherer 