WEBC2-KT3 (e2afc267-9674-4ca3-807f-47678fb40da4)
The WEBC2 malware family is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. The WEBC2-KT3 variant searches for commands in a specific comment tag. Network traffic starting with *!Kt3+v| may indicate WEBC2-KT3 activity.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| WEBC2-KT3 (e2afc267-9674-4ca3-807f-47678fb40da4) | Tool | WebC2-Kt3 (15094548-7555-43ee-8c0d-4557d6d8a087) | Malpedia | 1 |