This is not a good solution. Your question assumes a compromised host and a clean guest. So, the malware will have control over the host. Virtual machines' data is contained in files, stored by the virtualizer on the host. So any malware on the host machine could potentially send those files back to an adversary. The adversary could then simply run that same virtual machine on his/hers virtualizer, and get access to everything stored in the VM.
Now lets assume you encrypt all of the VMs files (and ignore the practicality discussion). This still leaves your VM exposed to screenshots, memory dump analysis (although I am not aware if this has ever been done), and more data exfiltration methods.
Furthermore, VM network activity runs through the host's network interface (NIC), thus exposing the traffic to the malware.
So both of the points you made are not secure:
- You should not keep sensitive information in a VM on a compromised host.
- The malware could potentially intercept the network traffic from the guest.
A better solution might be to do the exact opposite - run a clean host, and use a VM for every activity that may expose you to infection (web browsing, file sharing etc.). Consider reading about Qubes and maybe this will interest you for more than just PDF viewing.
