Severity
High
Analysis Summary
APT-C-23 (also known as Two-Tailed Scorpion and Desert Scorpion). APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones. The group is highly active in middle east and targeting different organizations. The intention of the group remains unknown at this point, but by previous activities the group has been seen exfiltrating data from different spywares. This campaign is targeting users with a personalized form in which they’re asking for personal details.
Impact
Exposure of personally identifiable information
Indicators of Compromise
Filename
- maram-11_22_2020-9785348634-docx[.]exe
MD5
- 21aa63b42825fb95bf5114419fb42157
SHA-256
- a6f4a0400fc7eee60610c0e113802d5aa544d462d2141b93203a0f9f380f0a16
SHA1
- 70fb5fd1bd42fad7a93916c203cce78ba0fd5966
Remediation
Block all threat indicators at your respective controls.
Search for IOCs in your environment.