Maha Grass
Maha Grass is a threat actor referenced in the provided content in connection with malware development and use. The content describes a Trojan horse associated with the Maha Grass organization named StreamSpy, and notes similarities between that Trojan and the Spyder downloader used by Maha Grass. No additional high-confidence details about attribution, nationality, targeting, victimology, tactics, techniques, procedures, or sub-groups are directly provided in the content. Known alias in the provided content: maha_grass.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Tradecraft
1 distinct technique observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.
Associated malware families
2 malware families attributed to this actor across reporting.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.