FOXGRABBER

Description

(FireEye) FOXGRABBER is a command line utility used to harvest FireFox credential files from remote systems. It contains the PDB path: C:\Users\kolobko\Source\Repos\grabff\obj\Debug\grabff.pdb. FOXGRABBER has also been observed in DarkSide ransomware intrusions.

Names

Name
FOXGRABBER

Type

Credential stealer

Information

https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html

Other Information

Uuid

1ef6068c-cbdf-487e-972a-9ec1ef1004a9

Last Card Change

2021-05-15

Threat Intelligence Garden

Explorer

FOXGRABBER

FOXGRABBER

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks