Before setting up the Windows VM, you first need to install a Windows operating system (Windows 7, Window 8, and so on) of your choice in the virtualization software (such as VMware or VirtualBox). Once you have Windows installed, follow these steps:

1. Download Python from https://www.python.org/downloads/. Be sure to download Python 2.7.x (such as 2.7.13); most of the scripts used in this book are written to run on the Python 2.7 version and may not run correctly on Python 3. After you've downloaded the file, run the installer. Make sure you check the option to install pip and Add python.exe to Path, as shown in the following screenshot. Installing pip will make it easier to install any third-party Python libraries, and adding Python to the path will make it easier to run Python from any location.
   

2. Configure your Windows VM to run in Host-only network configuration mode. To do that in VMware or VirtualBox, bring up the Network Settings and choose the Host-only mode; save the settings and reboot (this step is similar to the one covered in the Setting Up and Configuring Linux VM section).
3. Configure the IP address of the Windows VM to 192.168.1.x (choose any IP address except 192.168.1.100 because the Linux VM is set to use that IP) and set up your Default gateway and the DNS server to the IP address of Linux VM (that is, 192.168.1.100), as shown in the following screenshot. This configuration is required so that when we execute the hostile program on the Windows VM, all of the network traffic will be routed through the Linux VM.

4. Power on both the Linux VM and the Window VM, and make sure they can communicate with each other. You can check for the connectivity by running the ping command, as shown in this screenshot:

5. Windows Defender Service needs to be disabled on your Windows VM as it may interfere when you are executing the malware sample. To do that, press the Windows key + R to open the Run menu, enter gpedit.msc, and hit Enter to launch the Local Group Policy Editor. In the left-hand pane of Local Group Policy Editor, navigate to Computer Configuration | Administrative Templates | Windows Components | Windows Defender. In the right-hand pane, double-click on the Turn off Windows Defender policy to edit it; then select Enabled and click on OK:

6. To be able to transfer files (drag and drop) and to copy clipboard content between the host machine and the Windows VM, follow the instructions as mentioned in Step 7 of the Setting Up and Configuring Linux VM section.
7. Take a clean snapshot so that you can revert to the pristine/clean state after every analysis. The procedure to take a snapshot was covered in Step 10 of the Setting Up and Configuring Linux VM section.

At this point, your lab environment should be ready. The Linux and Windows VMs in your clean snapshot should be in Host-only network mode and should be able to communicate with each other. Throughout this book, I will be covering various malware analysis tools; if you wish to use those tools, you can copy them to the clean snapshot on the virtual machines. To keep your clean snapshot up to date, just transfer/install those tools on the virtual machines and take a new clean snapshot.