WEBC2-GREENCAT (bfe69071-17bf-466f-97fd-669b72053137)
A WEBC2 backdoor is designed to retrieve a Web page from a pre-determined C2 server. It expects the Web page to contain special HTML tags; the backdoor will attempt to interpret the data between the tags as commands. This malware is a variant on the GREENCAT family, using a fixed web C2. This family is a full featured backdoor which provides remote command execution, file transfer, process and service enumeration and manipulation. It installs itself persistently through the current user's registry Run key.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| WebC2-GreenCat (cfed10ed-6601-469e-a1df-2d561b031244) | Malpedia | WEBC2-GREENCAT (bfe69071-17bf-466f-97fd-669b72053137) | Tool | 1 |