During dynamic analysis (behavioral analysis), you will follow a sequence of steps to determine the functionality of the malware. The following list outlines the steps involved in the dynamic analysis:

• Reverting to the clean snapshot: This includes reverting your virtual machines to a clean state.
• Running the monitoring/dynamic analysis tools: In this step, you will run the monitoring tools before executing the malware specimen. To get the most out of the monitoring tools covered in the previous section, you need to run them with administrator privileges.
• Executing the malware specimen: In this step, you will run the malware sample with administrator privileges.
• Stopping the monitoring tools: This involves terminating the monitoring tools after the malware binary is executed for a specified time.
• Analyzing the results: This involves collecting the data/reports from the monitoring tools and analyzing them to determine the malware's behavior and functionality.