<<< Hide Navigation Hide TOC >>>
KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a)
KOMPROGO is a signature backdoor used by APT32 that is capable of process, file, and registry management. (Citation: FireEye APT32 May 2017)
Cluster A![]() |
Galaxy A![]() |
Cluster B![]() |
Galaxy B![]() |
Level![]() |
---|---|---|---|---|
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) | Attack Pattern | KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a) | Malware | 1 |
KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a) | Malware | Windows Management Instrumentation - T1047 (01a5a209-b94c-450b-b7f9-946497d91055) | Attack Pattern | 1 |
KOMPROGO - S0156 (7dbb67c7-270a-40ad-836e-c45f8948aa5a) | Malware | System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) | Attack Pattern | 1 |
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) | Attack Pattern | Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) | Attack Pattern | 2 |