Overview

overview

4

Static

static

3

Grass_4.26...up.exe

windows7-x64

4

Grass_4.26...up.exe

windows10-2004-x64

4

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Grass.exe

windows7-x64

1

Grass.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Grass_4.26.6_x64-setup.exe

  • Size

    6.9MB

  • MD5

    d29e59a8064ffc96d206b12d6a06f2cb

  • SHA1

    e7e50ceb379b4a73dd4b86727fa8e8514b84ff22

  • SHA256

    f67b6769306b78979fc7a0b192e8e102adcde38f706a7167e36a42e8caa5b769

  • SHA512

    5f8d560436a077c5871034abf19f9a9983c09a0232d8003a5373cfc2e05ec8e1159be0e70afaf97052c0254aefe2bcc937f6e422d27f6e08561f68dfccad1e2b

  • SSDEEP

    196608:sJXzmLxOk+73aokB3qPZ2XMz9V9wcgy03ZgL80EUddRGd6s+:sB1x7nkwx+S9VOjNWxRAI

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • Grass_4.26.6_x64-setup.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    ed06d61f6957c32cd324837726a5a070


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • Grass.exe
    .exe windows:6 windows x64 arch:x64

    ba1822e6256aac07dba623da47e14f48


    Code Sign

    Headers

    Imports

    Sections

  • icons/128x128.png
    .png
  • icons/[email protected]
    .png
  • icons/32x32.png
    .png
  • icons/icon.icns
  • icons/icon.ico