[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:10
[ALL_FAMILIES]

FalseFront

backdoor1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
FalseFront
CATEGORY:
BACKDOOR
DESCRIPTION:
FalseFront is a sophisticated backdoor malware used by the Peach Sandstorm threat actor (Curious Serpens). The malware is designed to provide persistent access to compromised systems and is known for its advanced evasion techniques and modular architecture.
ALIASES:
falsefront backdoor
TAGS:
backdoorpersistenceaptevasion

[MUTEX_SIGNATURES](1)

[MUTEX_01]
864H!NKLNB*x_H?5
ANALYST: @adhikara13 DATE: 2024-07-19
REFERENCES:
https://unit42.paloaltonetworks.com/curious-serpens-falsefont-backdoor/
https://www.nextron-systems.com/2024/01/29/analysis-of-falsefont-backdoor-used-by-peach-sandstorm-threat-actor/
https://www.cyfirma.com/news/weekly-intelligence-report-29-mar-2024/

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Peach Sandstorm
Curious Serpens
FIRST_OBSERVED:
Unknown

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:1
THREAT_ACTORS:2
ALIASES:1
TAGS:4
CATEGORY:BACKDOOR
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]