Botnets are the top concern responsible for SPAM, Cryptomining, DDoS attacks and offer a variety of attacks-as-a-service to disrupt IT infrastructure and services. Current approaches to detect and analyze Botnet characteristics rely on disassembly and reverse engineering, and single instance deployments in an isolated environment. However, Botnets consist of distributed and interconnected instances and thus current approaches only observe a fraction of a Botnet and its characteristics. In this paper, we introduce the framework DMEF to deploy and analyze malware in a scalable, distributed and secure environment. DMEF provides a training environment for network administrators and researchers in the fight against malware and contributes to optimize intrusion response.