WEBC2-YAHOO

WEBC2-YAHOOWEBC2-YAHOO

Description

The WEBC2 malware family is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. The WEBC2-YAHOO variant enters a loop where every ten minutes it attempts to download a web page that may contain an encoded URL. The encoded URL will be found in the pages returned inside an attribute named 'sb' or 'ex' within a tag named 'yahoo'. The embedded link can direct the malware to download and execute files.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
WEBC2-Y21K
Software
WEBC2-TOCK
Software
WEBC2-UGX
Software
WEBC2-DIV
Software
WEBC2-QBP
Software
WEBC2-ADSPACE
Sourced from MITRE ATT&CK Enterprise . Curated by Adam Lundqvist, SQUR.