Trusted Design

WEBC2-HEAD (FAMILY)

概要

The WEBC2 malware family is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. The WEBC2-HEAD variant communicates over HTTPS, using the system's SSL implementation to encrypt all communications with the C2 server. WEBC2-HEAD first issues an HTTP GET to the host, sending the Base64-encoded string containing the name of the compromised machine running the malware.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

WEBC2-TOCK (FAMILY) (score: 0.82)
WEBC2-BOLID (FAMILY) (score: 0.81)
WEBC2-YAHOO (FAMILY) (score: 0.80)
WEBC2-UGX (FAMILY) (score: 0.80)
WEBC2-RAVE (FAMILY) (score: 0.80)

このPulseに関連する脅威アクター (事実ベース)

FIN6

Score: 12.28

Matched TTPs:

T1560.003 - Archive via Custom Method
T1036.004 - Masquerade Task or Service
T1046 - Network Service Discovery
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

CopyKittens

Score: 3.15

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Mustang Panda

Score: 14.75

Matched TTPs:

T1560.003 - Archive via Custom Method
T1505.003 - Web Shell
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Kimsuky

Score: 15.94

Matched TTPs:

T1560.003 - Archive via Custom Method
T1505.003 - Web Shell
T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1102.001 - Dead Drop Resolver

MITREへのリンク →

UNC3886

Score: 8.69

Matched TTPs:

T1560.003 - Archive via Custom Method
T1036.004 - Masquerade Task or Service
T1008 - Fallback Channels

MITREへのリンク →

Lotus Blossom

Score: 4.92

Matched TTPs:

T1560.003 - Archive via Custom Method
T1046 - Network Service Discovery

MITREへのリンク →

Lazarus Group

Score: 29.89

Matched TTPs:

T1560.003 - Archive via Custom Method
T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols
T1584.004 - Server
T1046 - Network Service Discovery
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1529 - System Shutdown/Reboot

MITREへのリンク →

CURIUM

Score: 4.29

Matched TTPs:

T1505.003 - Web Shell
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 4.60

Matched TTPs:

T1505.003 - Web Shell
T1584.004 - Server

MITREへのリンク →

APT28

Score: 5.35

Matched TTPs:

T1505.003 - Web Shell
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols

MITREへのリンク →

OilRig

Score: 21.40

Matched TTPs:

T1505.003 - Web Shell
T1218.001 - Compiled HTML File
T1137.004 - Outlook Home Page
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1008 - Fallback Channels
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN13

Score: 6.81

Matched TTPs:

T1505.003 - Web Shell
T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

BackdoorDiplomacy

Score: 5.63

Matched TTPs:

T1505.003 - Web Shell
T1036.004 - Masquerade Task or Service
T1046 - Network Service Discovery

MITREへのリンク →

Agrius

Score: 3.53

Matched TTPs:

T1505.003 - Web Shell
T1046 - Network Service Discovery

MITREへのリンク →

APT39

Score: 9.17

Matched TTPs:

T1505.003 - Web Shell
T1102.002 - Bidirectional Communication
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

GALLIUM

Score: 3.82

Matched TTPs:

T1505.003 - Web Shell
T1027.002 - Software Packing

MITREへのリンク →

Threat Group-3390

Score: 6.77

Matched TTPs:

T1505.003 - Web Shell
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

Tropic Trooper

Score: 4.72

Matched TTPs:

T1505.003 - Web Shell
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

Ember Bear

Score: 3.53

Matched TTPs:

T1505.003 - Web Shell
T1046 - Network Service Discovery

MITREへのリンク →

Sandworm Team

Score: 8.18

Matched TTPs:

T1505.003 - Web Shell
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols
T1584.004 - Server

MITREへのリンク →

Fox Kitten

Score: 5.63

Matched TTPs:

T1505.003 - Web Shell
T1036.004 - Masquerade Task or Service
T1046 - Network Service Discovery

MITREへのリンク →

Volt Typhoon

Score: 12.55

Matched TTPs:

T1505.003 - Web Shell
T1614 - System Location Discovery
T1027.002 - Software Packing
T1584.004 - Server
T1046 - Network Service Discovery

MITREへのリンク →

APT38

Score: 16.61

Matched TTPs:

T1505.003 - Web Shell
T1218.001 - Compiled HTML File
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1036.006 - Space after Filename
T1529 - System Shutdown/Reboot

MITREへのリンク →

APT29

Score: 19.26

Matched TTPs:

T1505.003 - Web Shell
T1550.003 - Pass the Ticket
T1090.004 - Domain Fronting
T1027.006 - HTML Smuggling
T1027.002 - Software Packing
T1566.003 - Spearphishing via Service

MITREへのリンク →

Magic Hound

Score: 11.74

Matched TTPs:

T1505.003 - Web Shell
T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

BlackByte

Score: 4.72

Matched TTPs:

T1505.003 - Web Shell
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

APT32

Score: 13.41

Matched TTPs:

T1505.003 - Web Shell
T1550.003 - Pass the Ticket
T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Medusa Group

Score: 10.39

Matched TTPs:

T1505.003 - Web Shell
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1529 - System Shutdown/Reboot

MITREへのリンク →

Leviathan

Score: 8.73

Matched TTPs:

T1505.003 - Web Shell
T1102.003 - One-Way Communication
T1584.004 - Server

MITREへのリンク →

BRONZE BUTLER

Score: 8.32

Matched TTPs:

T1550.003 - Pass the Ticket
T1071.001 - Web Protocols
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Carbanak

Score: 4.49

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication

MITREへのリンク →

FIN7

Score: 7.93

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication
T1008 - Fallback Channels

MITREへのリンク →

Winter Vivern

Score: 3.28

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols

MITREへのリンク →

Wizard Spider

Score: 6.03

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

BITTER

Score: 3.28

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols

MITREへのリンク →

Naikon

Score: 3.86

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1046 - Network Service Discovery

MITREへのリンク →

ZIRCONIUM

Score: 6.55

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1102.002 - Bidirectional Communication
T1027.002 - Software Packing

MITREへのリンク →

Higaisa

Score: 3.28

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1071.001 - Web Protocols

MITREへのリンク →

Storm-0501

Score: 4.15

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1027.002 - Software Packing

MITREへのリンク →

APT41

Score: 17.27

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1218.001 - Compiled HTML File
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1008 - Fallback Channels
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Gamaredon Group

Score: 7.72

Matched TTPs:

T1102.003 - One-Way Communication
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols

MITREへのリンク →

Dark Caracal

Score: 9.20

Matched TTPs:

T1218.001 - Compiled HTML File
T1027.002 - Software Packing
T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

Silence

Score: 3.44

Matched TTPs:

T1218.001 - Compiled HTML File

MITREへのリンク →

APT37

Score: 7.21

Matched TTPs:

T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols
T1529 - System Shutdown/Reboot

MITREへのリンク →

Turla

Score: 6.42

Matched TTPs:

T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols
T1584.004 - Server

MITREへのリンク →

MuddyWater

Score: 3.59

Matched TTPs:

T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols

MITREへのリンク →

SideCopy

Score: 4.13

Matched TTPs:

T1614 - System Location Discovery

MITREへのリンク →

TA505

Score: 3.24

Matched TTPs:

T1027.002 - Software Packing
T1071.001 - Web Protocols

MITREへのリンク →

TeamTNT

Score: 5.01

Matched TTPs:

T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery

MITREへのリンク →

Rocke

Score: 8.29

Matched TTPs:

T1027.002 - Software Packing
T1071.001 - Web Protocols
T1046 - Network Service Discovery
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Patchwork

Score: 5.34

Matched TTPs:

T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Moonstone Sleet

Score: 3.71

Matched TTPs:

T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

Daggerfly

Score: 4.02

Matched TTPs:

T1071.001 - Web Protocols
T1584.004 - Server

MITREへのリンク →

FIN8

Score: 3.93

Matched TTPs:

T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Windshift

Score: 3.71

Matched TTPs:

T1071.001 - Web Protocols
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT33

Score: 3.93

Matched TTPs:

T1071.001 - Web Protocols
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

Contagious Interview

Score: 5.27

Matched TTPs:

T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.74

Matched TTPs:

T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1529 - System Shutdown/Reboot
T1036.004 - Masquerade Task or Service
T1046 - Network Service Discovery
T1560.003 - Archive via Custom Method
T1584.004 - Server
T1027.007 - Dynamic API Resolution
T1008 - Fallback Channels
T1102.002 - Bidirectional Communication
T1071.001 - Web Protocols

MITREへのリンク →

OilRig

Score: 0.55

Matched TTPs:

T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1505.003 - Web Shell
T1046 - Network Service Discovery
T1008 - Fallback Channels
T1218.001 - Compiled HTML File
T1071.001 - Web Protocols
T1137.004 - Outlook Home Page

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る