KOMPROGO

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Komprogo is a type of malware, a harmful software program designed to exploit and damage computer systems or devices. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. Komprogo is associated with APT32 operations, which are known for deploying signature malware payloads including Windshield, Soundbite, Phoreal, and Beacon, in addition to Komprogo itself. The first recorded instance of Komprogo usage was in 2016 in the Philippines, targeting the consumer products industry. In the same year, it was also used alongside Windshield, Soundbite, and Beacon malwares. APT32 has been active since at least 2013, focusing on private sectors tied to Vietnam but also targeting foreign governments, Vietnamese dissidents, and journalists. The group has shown interest in exerting political influence and has repeatedly targeted various industries in different countries using their suite of malware. APT32 employs ActiveMime files as attack vectors, using social engineering methods to trick victims into enabling macros, thereby facilitating the infection process. The group's wide range of targets and sophisticated techniques, including the use of Komprogo and other malware, highlight its advanced capabilities and the significant threat it poses to both private sector organizations and government entities.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Cobalt Strike
Malware
Beacon
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
WINDSHIELDUnspecified
1
Windshield is a notorious malware, a harmful program designed to exploit and damage computers or devices. It is one of the signature malware payloads deployed by APT32 operations, alongside KOMPROGO, SOUNDBITE, and PHOREAL. This malicious software can infiltrate systems through suspicious downloads,
SOUNDBITEUnspecified
1
Soundbite is a type of malware, a harmful software designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data host
PHOREALUnspecified
1
Phoreal is a type of malware, or malicious software, that is designed to exploit and damage computer systems. It can infiltrate your system through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware has
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
APT32Unspecified
1
APT32, also known as OceanLotus Group, APT-C-00, Canvas Cyclone, and Cobalt Kitty, is a threat actor group suspected to originate from Vietnam. Active since at least 2012, this group has targeted foreign companies investing in Vietnam's manufacturing, consumer products, consulting, and hospitality s
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the KOMPROGO Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations | Mandiant
MITRE
a year ago
Advanced Persistent Threats (APTs) | Threat Actors & Groups