win.clipbanker (Back to overview)


The ClipBanker Trojan is known as an information stealer and spy trojan, it aims to steal and record any type of sensitive information from the infected environment such as browser history, cookies, Outlook data, Skype, Telegram, or cryptocurrency wallet account addresses. The main goal of this threat is to steal confidential information.
The ClipBanker uses PowerShell commands for executing malicious activities. The thing that made the ClipBanker unique is its ability to record various banking actions of the user and manipulate them for its own benefit. The distribution method of the ClipBanker is through phishing emails or through social media posts that lure users to download malicious content.

New Info-stealer Disguised as Crack Being Distributed
ClipBanker CryptBot Raccoon RedLine Stealer
2022-03-03Trend MicroTrend Micro Research
IOC Resource for Russia-Ukraine Conflict-Related Cyberattacks
ClipBanker Conti HermeticWiper PartyTicket WhisperGate
2021-12-23TrustwaveTrustwave SpiderLabs
COVID-19 Phishing Lure to Steal and Mine Cryptocurrency
2020-07-29ESET Researchwelivesecurity
DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos PlugX Pony REvil Socelars STOP Tinba TrickBot WannaCryptor
2020-01-01CynetMax Malyutin
Threat Research Report: Clipbanker – 13 Second Attack
2019-04-30ESET ResearchESET Research
Buhtrap backdoor and Buran ransomware distributed via major advertising platform
Buhtrap ClipBanker RTM

There is no Yara-Signature yet.