WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)

WinMM is a full-featured, simple backdoor used by Naikon. (Citation: Baumgartner Naikon 2015)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1)	Attack Pattern	WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	1
Fallback Channels - T1008 (f24faf46-3b26-4dbb-98f2-63460498e433)	Attack Pattern	WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	1
WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18)	Attack Pattern	1
WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	WinMM (6a100902-7204-4f20-b838-545ed86d4428)	Malpedia	1
WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161)	Attack Pattern	1
Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580)	Attack Pattern	WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	1
WinMM - S0059 (22addc7b-b39f-483d-979a-1b35147da5de)	Malware	System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104)	Attack Pattern	1
Application Layer Protocol - T1071 (355be19c-ffc9-46d5-8d50-d6a036c675b6)	Attack Pattern	Web Protocols - T1071.001 (df8b2a25-8bdf-4856-953c-a04372b1c161)	Attack Pattern	2