WEBC2-DIV

WEBC2-DIVWEBC2-DIV

Description

The WEBC2 malware family is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. The WEBC2-DIV variant searches for the strings "div safe:" and " balance" to delimit encoded C2 information. If the decoded string begins with the letter "J" the malware will parse additional arguments in the decoded string to specify the sleep interval to use. WEBC2-DIV is capable of downloading a file, downloading and executing a file, or sleeping a specified interval.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
WEBC2-UGX
Software
WEBC2-QBP
Software
WEBC2-TOCK
Software
WEBC2-TABLE
Software
WEBC2-YAHOO
Software
WEBC2-AUSOV
Sourced from MITRE ATT&CK Enterprise . Curated by Adam Lundqvist, SQUR.