Skip to content

S0157 SOUNDBITE

SOUNDBITE is a signature backdoor used by APT32. 1

Item Value
ID S0157
Associated Names
Type MALWARE
Version 1.1
Created 14 December 2017
Last Modified 30 March 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1071 Application Layer Protocol -
enterprise T1071.004 DNS SOUNDBITE communicates via DNS for C2.1
enterprise T1010 Application Window Discovery SOUNDBITE is capable of enumerating application windows.1
enterprise T1083 File and Directory Discovery SOUNDBITE is capable of enumerating and manipulating files and directories.1
enterprise T1112 Modify Registry SOUNDBITE is capable of modifying the Registry.1
enterprise T1082 System Information Discovery SOUNDBITE is capable of gathering system information.1

Groups That Use This Software

ID Name References
G0050 APT32 1

References

Back to top