SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
WEBC2
WEBC2 is a family of backdoor malware used by APT1 as early as July 2006. WEBC2 backdoors are designed to retrieve a webpage, with commands hidden in HTML comments or special tags, from a predetermined C2 server. [1][2]
ID: S0109
Type: MALWARE
Platforms: Windows
Contributors: Wes Hurd
Version: 2.0
Created: 31 May 2017
Last Modified: 25 August 2020
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1059 | .003 | Command and Scripting Interpreter: Windows Command Shell | |
Enterprise | T1574 | .001 | Hijack Execution Flow: DLL Search Order Hijacking |
Variants of WEBC2 achieve persistence by using DLL search order hijacking, usually by copying the DLL file to |
Enterprise | T1105 | Ingress Tool Transfer |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0006 | APT1 |
References
×