HALFBAKED

HALFBAKED is a malware family consisting of multiple components intended to establish persistence in victim networks. [1]

ID: S0151
Type: MALWARE
Platforms: Windows
Version: 1.0

Techniques Used

Domain ID Name Use
Enterprise T1107 File Deletion HALFBAKED can delete a specified file.[1]
Enterprise T1086 PowerShell HALFBAKED can execute PowerShell scripts.[1]
Enterprise T1057 Process Discovery HALFBAKED can obtain information about running processes on the victim.[1]
Enterprise T1113 Screen Capture HALFBAKED can obtain screenshots from the victim.[1]
Enterprise T1082 System Information Discovery HALFBAKED can obtain information about the OS, processor, and BIOS.[1]
Enterprise T1047 Windows Management Instrumentation HALFBAKED can use WMI queries to gather system information.[1]

Groups

Groups that use this software:

FIN7

References