ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool JsonCookies

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: JsonCookies

NamesJsonCookies
CategoryMalware
TypeInfo stealer
Description(Kaspersky) Proprietary tool that steals cookies from SQLite databases of Chromium-based browsers. For this purpose, the sqlite3.dll library is downloaded from the C&C and used during execution to parse the database and generate a JSON file named ‘FuckCookies.txt’ containing stolen cookie info.
Information<https://securelist.com/cycldek-bridging-the-air-gap/97157/>

Last change to this tool card: 04 June 2020

Download this tool card in JSON format

Previous: JS Flash
Next: jsp File browser

All groups using tool JsonCookies

ChangedNameCountryObserved

APT groups

 Goblin Panda, Cycldek, ConimesChina2013-Jun 2020 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]