HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)

HALFBAKED is a malware family consisting of multiple components intended to establish persistence in victim networks. (Citation: FireEye FIN7 April 2017)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Windows Management Instrumentation - T1047 (01a5a209-b94c-450b-b7f9-946497d91055)	Attack Pattern	HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	1
System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1)	Attack Pattern	HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	1
HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c)	Attack Pattern	1
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736)	Attack Pattern	HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	1
HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	Screen Capture - T1113 (0259baeb-9f63-4c69-bf10-eb038c390688)	Attack Pattern	1
HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	VB Flash (2815a353-cd56-4ed0-8581-812b94f7a326)	Tool	1
HALFBAKED - S0151 (0ced8926-914e-4c78-bc93-356fb90dbd1f)	Malware	Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580)	Attack Pattern	1
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69)	Attack Pattern	File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c)	Attack Pattern	2
PowerShell - T1059.001 (970a3432-3237-47ad-bcca-7d8cbb217736)	Attack Pattern	Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	2
VB Flash (2815a353-cd56-4ed0-8581-812b94f7a326)	Tool	Private Cluster (71ac10de-1103-40a7-b65b-f97dab9769bf)	Unknown	2