Ether Automation Utility: Ether Bunny
Ether Bunny is a script that I use to automatically startup and run Xen domains, copy files, and then execute them with Ether. It is a quick hack I put together. Most of the variables at the top of the file will need to be changed to match your configuration. This script is made available as-is. If it doesn't work you'll need to debug it on your own. That being said if you find it useful and modify it let me know and I'll be happy to update the public version.
You'll need to get a copy of Winexe as well to remotely run the files. There are some setup instructions at the Winexe page that will help you to configure your host machine.
Here's how I use it:
snoosnoo:/xen# ./eb.py 192.168.0.2 malware.exe Ether Bunny v0.1 by Danny Quist Analyzing malware.exe to on VM 192.168.0.50 Destroying old vm image /xen/winxp-sp2-malware-instance/ Restoring vm image... Starting vm from /etc/xen/ramdisk-winxp-sp2.cfg Copying malware.exe to VM 1166 at 192.168.0.50 Attempt: 1 Running malware.exe on VM winxp-sp2-ramdisk (1166) 192.168.0.50 Letting program run... dos charset 'CP850' unavailable - using ASCII EPOLL_CTL_ADD failed (Operation not permitted) - falling back to select() Killing ether. Destroying VM ID: 1166 Aborting...
Download Ether Bunny here.
Edit Jan 18 2011: The Winexe site seems to have disappeared, so I have linked to my local compiled copy.