Skip to content

Hide Navigation Hide TOC

SQLite Firefox Profile Data DB Access (4833155a-4053-4c9c-a997-777fcea0baa7)

Detect usage of the "sqlite" binary to query databases in Firefox and other Gecko-based browsers for potential data stealing.

Cluster A Galaxy A Cluster B Galaxy B Level
Data from Local System - T1005 (3c4a2599-71ee-4405-ba1e-0e28414b4bc5) Attack Pattern SQLite Firefox Profile Data DB Access (4833155a-4053-4c9c-a997-777fcea0baa7) Sigma-Rules 1
Steal Web Session Cookie - T1539 (10ffac09-e42d-4f56-ab20-db94c67d76ff) Attack Pattern SQLite Firefox Profile Data DB Access (4833155a-4053-4c9c-a997-777fcea0baa7) Sigma-Rules 1