Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

SOUNDBITE

SOUNDBITE is a signature backdoor used by APT32. [1]

ID: S0157
Aliases: SOUNDBITE
Type: MALWARE
Platforms: Windows

Version: 1.0

Alias Descriptions

NameDescription
SOUNDBITE[1]

Techniques Used

DomainIDNameUse
EnterpriseT1010Application Window DiscoverySOUNDBITE is capable of enumerating application windows.[1]
EnterpriseT1083File and Directory DiscoverySOUNDBITE is capable of enumerating and manipulating files and directories.[1]
EnterpriseT1112Modify RegistrySOUNDBITE is capable of modifying the Registry.[1]
EnterpriseT1071Standard Application Layer ProtocolSOUNDBITE communicates via DNS for C2.[1]
EnterpriseT1082System Information DiscoverySOUNDBITE is capable of gathering system information.[1]

Groups

Groups that use this software:

APT32

References