By using MalwareCMDMonitor python script, you can observe the commands of the latest malware instances executed on hybrid-analysis.com sandbox. In a nutshell, it downloads the HA feed and then retrieves commands of unseen instances; the ones that did not appear in the previous feeds.
Also ReadJava-Stager : A PoC To Download, Compile & Execute A Java File In Memory
To run the script
python hybrid_analysis.py
However, if you want to run the script on a regular basis, you can use –daemon (or -d for short) switch.
python hybrid_analysis.py --daemon
Running the above command results in getting the feed every hour. To change the interval, you can use –cycle (or -c) and specify the number of minutes the script must wait before retrieving the feed again.
python hybrid_analysis.py --daemon --cycle 120
In the above example, the script sleeps for 2 hours between each feed retrieval. Moreover, you can use –output (or -o) to specify the output file that you want to store the results. By default, the output is written on the console.
python hybrid_analysis.py --daemon --cycle 120 --output "c:\test\ha - cmd.log"
Last but not least, you can see all the switches by using –help (or -h)
python hybrid_analysis.py -h
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…
Image credit:pexels.com If you think back to the early days of personal computing, you probably…
In an era defined by technological innovation, the way people handle and understand money has…
The online world becomes more visually driven with every passing year. Images spread across websites,…
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…