brainsmith07
Registered
What is Cooked Grabber 2024?
Cooked Grabber 2024 is a stealer malware that specializes in extracting and exfiltrating sensitive information from compromised machines. Once executed, it silently collects:
- Saved browser credentials (Chrome, Firefox, Edge)
- Autofill data & credit card details
- Cryptocurrency wallet files (Exodus, MetaMask, Electrum)
- Session cookies (for account hijacking)
- FTP & VPN credentials
Detailed Features of Cooked Grabber 2024
1. Advanced Data Harvesting
- Browser Password Extraction – Decrypts and steals stored logins from Chrome, Firefox, Edge, and Brave.
- Credit Card & Autofill Data Theft – Captures saved payment details from web browsers.
- Cryptocurrency Wallet Grabber – Targets MetaMask, Exodus, Binance Chain Wallet, and other crypto storage apps.
- Session Cookie Hijacking – Steals active login tokens for persistent access to accounts (e.g., Gmail, Facebook, banking sites).
2. System & File Infiltration
- Clipboard Monitoring – Swaps crypto wallet addresses during transactions.
- Screen Capture – Takes screenshots of sensitive activities.
- File Grabber – Searches for documents (PDFs, Word files) containing credentials.
3. Anti-Detection & Evasion Techniques
- Process Hollowing – Injects malicious code into legitimate processes (e.g., explorer.exe).
- Polymorphic Code – Changes signatures to avoid antivirus detection.
- Delayed Execution – Waits before activating to bypass sandbox analysis.
4. Persistence Mechanisms
- Registry Modification – Adds itself to startup via HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
- Task Scheduler Abuse – Creates scheduled tasks for auto-reactivation.
5. C2 Communication & Data Exfiltration
- Encrypted HTTPS Traffic – Hides stolen data in normal-looking web traffic.
- Discord & Telegram Webhook Support – Sends logs directly to attacker-controlled channels.
- Backup Server Fallback – Switches C2 servers if one gets blocked.
6. Multi-Platform Targeting
- Primarily affects Windows 10/11 but can adapt to older versions.
- Some variants target macOS & Linux via cross-platform malware modules.