Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)

Conficker is a computer worm first detected in October 2008 that targeted Microsoft Windows using the MS08-067 Windows vulnerability to spread.(Citation: SANS Conficker) In 2016, a variant of Conficker made its way on computers and removable disk drives belonging to a nuclear power plant.(Citation: Conficker Nuclear Power Plant)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Exploitation of Remote Services - T1210 (9db0cf3a-a3c9-4012-8268-123b9db6fd82)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Replication Through Removable Media - T1091 (3b744087-9945-4a6f-91e8-9dbceda417a4)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Inhibit System Recovery - T1490 (f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
SMB/Windows Admin Shares - T1021.002 (4f9ca633-15c5-463c-9724-bdcd54fde541)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
System Time Discovery - T1124 (f3c544dc-673c-4ef3-accb-53229f1ae077)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Network Service Discovery - T1046 (e3a12395-188d-4051-9a16-ea8e14d07b88)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Domain Generation Algorithms - T1568.002 (118f61a5-eb3e-4fb6-931f-2096647f4ecd)	Attack Pattern	Conficker - S0608 (58eddbaf-7416-419a-ad7b-e65b9d4c3b55)	Malware	1
Registry Run Keys / Startup Folder - T1547.001 (9efb1ea7-c37b-4595-9640-b7680cd84279)	Attack Pattern	Boot or Logon Autostart Execution - T1547 (1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf)	Attack Pattern	2
SMB/Windows Admin Shares - T1021.002 (4f9ca633-15c5-463c-9724-bdcd54fde541)	Attack Pattern	Remote Services - T1021 (54a649ff-439a-41a4-9856-8d144a2551ba)	Attack Pattern	2
Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5)	Attack Pattern	Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32)	Attack Pattern	2
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529)	Attack Pattern	Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579)	Attack Pattern	2
Dynamic Resolution - T1568 (7bd9c723-2f78-4309-82c5-47cad406572b)	Attack Pattern	Domain Generation Algorithms - T1568.002 (118f61a5-eb3e-4fb6-931f-2096647f4ecd)	Attack Pattern	2