Trusted Design

WEBC2-HEAD (FAMILY)

概要

The WEBC2 malware family is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. The WEBC2-HEAD variant communicates over HTTPS, using the system's SSL implementation to encrypt all communications with the C2 server. WEBC2-HEAD first issues an HTTP GET to the host, sending the Base64-encoded string containing the name of the compromised machine running the malware.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

WEBC2-TOCK (FAMILY) (score: 0.82)
WEBC2-BOLID (FAMILY) (score: 0.81)
WEBC2-YAHOO (FAMILY) (score: 0.80)
WEBC2-UGX (FAMILY) (score: 0.80)
WEBC2-RAVE (FAMILY) (score: 0.80)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 12.28

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1588.001 - Malware
T1209 - Time Providers
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1016.001 - Internet Connection Discovery

MITREへのリンク →

Mustang Panda

Score: 14.75

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process

MITREへのリンク →

Kimsuky

Score: 15.94

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1547.002 - Authentication Package
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1008 - Fallback Channels

MITREへのリンク →

UNC3886

Score: 8.69

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1588.001 - Malware
T1055.015 - ListPlanting

MITREへのリンク →

Lotus Blossom

Score: 4.92

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1209 - Time Providers

MITREへのリンク →

Lazarus Group

Score: 29.89

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1588.001 - Malware
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages
T1209 - Time Providers
T1055.005 - Thread Local Storage
T1055.015 - ListPlanting
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process
T1216 - System Script Proxy Execution

MITREへのリンク →

CURIUM

Score: 4.29

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.008 - LSASS Driver

MITREへのリンク →

Dragonfly

Score: 4.60

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1546.016 - Installer Packages

MITREへのリンク →

APT28

Score: 5.35

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption

MITREへのリンク →

OilRig

Score: 21.40

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1048 - Exfiltration Over Alternative Protocol
T1592.002 - Software
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1055.015 - ListPlanting
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

FIN13

Score: 6.81

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

BackdoorDiplomacy

Score: 5.63

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1209 - Time Providers

MITREへのリンク →

Agrius

Score: 3.53

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1209 - Time Providers

MITREへのリンク →

APT39

Score: 9.17

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.002 - Authentication Package
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

GALLIUM

Score: 3.82

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Threat Group-3390

Score: 6.77

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

Tropic Trooper

Score: 4.72

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

Ember Bear

Score: 3.53

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1209 - Time Providers

MITREへのリンク →

Sandworm Team

Score: 8.18

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages

MITREへのリンク →

Fox Kitten

Score: 5.63

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1209 - Time Providers

MITREへのリンク →

Volt Typhoon

Score: 12.55

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1584.002 - DNS Server
T1537 - Transfer Data to Cloud Account
T1546.016 - Installer Packages
T1209 - Time Providers

MITREへのリンク →

APT38

Score: 16.61

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1048 - Exfiltration Over Alternative Protocol
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1059.005 - Visual Basic
T1216 - System Script Proxy Execution

MITREへのリンク →

APT29

Score: 19.26

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1592.004 - Client Configurations
T1218.009 - Regsvcs/Regasm
T1223 - Compiled HTML File
T1537 - Transfer Data to Cloud Account
T1547.008 - LSASS Driver

MITREへのリンク →

Magic Hound

Score: 11.74

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1588.001 - Malware
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1547.008 - LSASS Driver

MITREへのリンク →

BlackByte

Score: 4.72

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

APT32

Score: 13.41

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1592.004 - Client Configurations
T1588.001 - Malware
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1556 - Modify Authentication Process

MITREへのリンク →

Medusa Group

Score: 10.39

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1216 - System Script Proxy Execution

MITREへのリンク →

Leviathan

Score: 8.73

Matched TTPs:

T1555.003 - Credentials from Web Browsers
T1554 - Compromise Host Software Binary
T1546.016 - Installer Packages

MITREへのリンク →

BRONZE BUTLER

Score: 8.32

Matched TTPs:

T1592.004 - Client Configurations
T1556.005 - Reversible Encryption
T1008 - Fallback Channels

MITREへのリンク →

Carbanak

Score: 4.49

Matched TTPs:

T1588.001 - Malware
T1547.002 - Authentication Package

MITREへのリンク →

FIN7

Score: 7.93

Matched TTPs:

T1588.001 - Malware
T1547.002 - Authentication Package
T1055.015 - ListPlanting

MITREへのリンク →

Winter Vivern

Score: 3.28

Matched TTPs:

T1588.001 - Malware
T1556.005 - Reversible Encryption

MITREへのリンク →

Wizard Spider

Score: 6.03

Matched TTPs:

T1588.001 - Malware
T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

BITTER

Score: 3.28

Matched TTPs:

T1588.001 - Malware
T1556.005 - Reversible Encryption

MITREへのリンク →

Naikon

Score: 3.86

Matched TTPs:

T1588.001 - Malware
T1209 - Time Providers

MITREへのリンク →

ZIRCONIUM

Score: 6.55

Matched TTPs:

T1588.001 - Malware
T1547.002 - Authentication Package
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Higaisa

Score: 3.28

Matched TTPs:

T1588.001 - Malware
T1556.005 - Reversible Encryption

MITREへのリンク →

Storm-0501

Score: 4.15

Matched TTPs:

T1588.001 - Malware
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

APT41

Score: 17.27

Matched TTPs:

T1588.001 - Malware
T1048 - Exfiltration Over Alternative Protocol
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1055.015 - ListPlanting
T1008 - Fallback Channels

MITREへのリンク →

Gamaredon Group

Score: 7.72

Matched TTPs:

T1554 - Compromise Host Software Binary
T1547.002 - Authentication Package
T1556.005 - Reversible Encryption

MITREへのリンク →

Dark Caracal

Score: 9.20

Matched TTPs:

T1048 - Exfiltration Over Alternative Protocol
T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

Silence

Score: 3.44

Matched TTPs:

T1048 - Exfiltration Over Alternative Protocol

MITREへのリンク →

APT37

Score: 7.21

Matched TTPs:

T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1216 - System Script Proxy Execution

MITREへのリンク →

Turla

Score: 6.42

Matched TTPs:

T1547.002 - Authentication Package
T1556.005 - Reversible Encryption
T1546.016 - Installer Packages

MITREへのリンク →

MuddyWater

Score: 3.59

Matched TTPs:

T1547.002 - Authentication Package
T1556.005 - Reversible Encryption

MITREへのリンク →

SideCopy

Score: 4.13

Matched TTPs:

T1584.002 - DNS Server

MITREへのリンク →

TA505

Score: 3.24

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption

MITREへのリンク →

TeamTNT

Score: 5.01

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers

MITREへのリンク →

Rocke

Score: 8.29

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1556.005 - Reversible Encryption
T1209 - Time Providers
T1008 - Fallback Channels

MITREへのリンク →

Patchwork

Score: 5.34

Matched TTPs:

T1537 - Transfer Data to Cloud Account
T1008 - Fallback Channels

MITREへのリンク →

Moonstone Sleet

Score: 3.71

Matched TTPs:

T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

Daggerfly

Score: 4.02

Matched TTPs:

T1556.005 - Reversible Encryption
T1546.016 - Installer Packages

MITREへのリンク →

FIN8

Score: 3.93

Matched TTPs:

T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

Windshift

Score: 3.71

Matched TTPs:

T1556.005 - Reversible Encryption
T1547.008 - LSASS Driver

MITREへのリンク →

APT33

Score: 3.93

Matched TTPs:

T1556.005 - Reversible Encryption
T1556 - Modify Authentication Process

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

Contagious Interview

Score: 5.27

Matched TTPs:

T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.74

Matched TTPs:

T1016.001 - Internet Connection Discovery
T1588.001 - Malware
T1209 - Time Providers
T1556 - Modify Authentication Process
T1556.005 - Reversible Encryption
T1055.015 - ListPlanting
T1546.016 - Installer Packages
T1547.008 - LSASS Driver
T1055.005 - Thread Local Storage
T1547.002 - Authentication Package
T1216 - System Script Proxy Execution

MITREへのリンク →

OilRig

Score: 0.55

Matched TTPs:

T1209 - Time Providers
T1555.003 - Credentials from Web Browsers
T1592.002 - Software
T1048 - Exfiltration Over Alternative Protocol
T1556 - Modify Authentication Process
T1556.005 - Reversible Encryption
T1055.015 - ListPlanting
T1547.008 - LSASS Driver

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る