Categories: Kali Linux

MalwareCMDMonitor – Shows Command Lines Used By Latest Instances Analyzed On Hybrid-Analysis

By using MalwareCMDMonitor python script, you can observe the commands of the latest malware instances executed on hybrid-analysis.com sandbox. In a nutshell, it downloads the HA feed and then retrieves commands of unseen instances; the ones that did not appear in the previous feeds.

Also ReadJava-Stager : A PoC To Download, Compile & Execute A Java File In Memory

Running The MalwareCMDMonitor

To run the script

python  hybrid_analysis.py

However, if you want to run the script on a regular basis, you can use –daemon (or -d for short) switch.

python  hybrid_analysis.py --daemon

Running the above command results in getting the feed every hour. To change the interval, you can use –cycle (or -c) and specify the number of minutes the script must wait before retrieving the feed again.

python  hybrid_analysis.py --daemon --cycle 120

In the above example, the script sleeps for 2 hours between each feed retrieval. Moreover, you can use –output (or -o) to specify the output file that you want to store the results. By default, the output is written on the console.

python  hybrid_analysis.py --daemon --cycle 120 --output "c:\test\ha - cmd.log"

Last but not least, you can see all the switches by using –help (or -h)

python hybrid_analysis.py -h

R K

Recent Posts

cp Command: Copy Files and Directories in Linux

The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…

1 week ago

Image OSINT

Introduction In digital investigations, images often hold more information than meets the eye. With the…

1 week ago

cat Command: Read and Combine File Contents in Linux

The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…

1 week ago

Port In Networking

What is a Port? A port in networking acts like a gateway that directs data…

1 week ago

ls Command: List Directory Contents in Linux

The ls command is fundamental for anyone working with Linux. It’s used to display the files and…

1 week ago

pwd Command: Find Your Location in Linux

The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…

2 weeks ago