KOMPROGO

KOMPROGO is a signature backdoor used by APT32 that is capable of process, file, and registry management. [1]

ID: S0156
Aliases: KOMPROGO
Type: MALWARE
Platforms: Windows

Version: 1.0

Alias Descriptions

NameDescription
KOMPROGO[1]

Techniques Used

DomainIDNameUse
EnterpriseT1059Command-Line InterfaceKOMPROGO is capable of creating a reverse shell.[1]
EnterpriseT1082System Information DiscoveryKOMPROGO is capable of retrieving information about the infected system.[1]
EnterpriseT1047Windows Management InstrumentationKOMPROGO is capable of running WMI queries.[1]

Groups

Groups that use this software:

APT32

References