WEBC2-BOLID

WEBC2-BOLIDWEBC2-BOLID

Description

A WEBC2 backdoor is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. This family of malware is a backdoor capable of downloading files and updating its configuration. Communication with the command and control (C2) server uses a combination of single-byte XOR and Base64 encoded data wrapped in standard HTML tags. The malware family installs a registry key as a persistence mechanism.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
WEBC2-UGX
Software
WEBC2-CSON
Software
WEBC2-Y21K
Software
WEBC2-AUSOV
Software
WEBC2-DIV
Software
WEBC2-TOCK
Sourced from MITRE ATT&CK Enterprise . Curated by Adam Lundqvist, SQUR.