FYI, malware researchers deliberately infect a VM and then analyze the malware. Here are some present-day examples of such investigations using the open source Garuda framework: https://cysinfo.com/introduction-to-threat-hunting-using-gar...