It will phone home. Don't do it unless it's disconnected from the network. It might also try to spread the infection through other attack vectors, like bluetooth, or trying to break out of the VM.

More likely it would self-destruct to avoid analysis or detection, this is well documented behavior of a number of more sophisticated pieces of malware.

> break out of the VM

I wonder if this has happened yet?

Most definitely. Here is an example: http://1337day.com/exploit/22519

Got anything that doesn't involve the 2d/3d video acceleration? Those are a rather obvious and off-by-default attack surface.

See here http://www.vupen.com/blog/20120904.Advanced_Exploitation_of_...

Down for me. Here's a cached version:

https://web.archive.org/web/20140703130707/www.vupen.com/blo...

The equivalent of handling Ebola in your home kitchen.