KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a)

KOMPROGO is a signature backdoor used by APT32 that is capable of process, file, and registry management. (Citation: FireEye APT32 May 2017)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1)	Attack Pattern	KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a)	Malware	1
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a)	Malware	1
Windows Management Instrumentation - T1047 (01a5a209-b94c-450b-b7f9-946497d91055)	Attack Pattern	KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a)	Malware	1
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	2