ASEAN Notes.iso Mustang Panda [Malware Analysis]
Malware Analysis Report: ASEAN Notes.iso from Mustang Panda Campaign Author: Capang Date: 24-01-2025 Analysis Environment: Windows 10 VM Associated Campaign: Mustang Panda ASEAN Notes.iso Ref: https://csirt-cti.net/2024/01/23/stately-taurus-targets-myanmar/ Executive Summary The ASEAN Notes.iso file is a component of a Mustang Panda campaign targeting entities in Myanmar. The attack leverages DLL sideloading via a hijacked Microsoft GetCurrentRollback.exe process (renamed office.exe) to execute the malicious GetCurrentDeploy.dll. The malware establishes persistence through registry modification and attempts C2 communication with fallback infrastructure. Primary objectives include initial access, persistence, and command execution, with suspected espionage motivations. ...