otx.alienvault.com
Open in
urlscan Pro
18.66.248.83
Public Scan
URL:
https://otx.alienvault.com/pulse/623a0158a86ca8462350f870?scan=1&utm_userid=swimlanecyou&utm_medium=inproduct&utm_source=ot...
Submission: On March 22 via api from US — Scanned from DE
Submission: On March 22 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
<form _ngcontent-mka-c132="" novalidate="" class="login ng-untouched ng-pristine ng-invalid" id="welcomeLoginForm-pulse-detail" __bizdiag="-695151727" __biza="WJ__">
<div _ngcontent-mka-c132="" class="form-group"><label _ngcontent-mka-c132="" for="id_login">Username</label><input _ngcontent-mka-c132="" container="body" formcontrolname="login" id="id_login" name="login" placement="right" type="text"
class="form-control input-alienvault ng-untouched ng-pristine ng-invalid"><!----></div>
<div _ngcontent-mka-c132="" class="form-group"><label _ngcontent-mka-c132="" for="id_password">Password</label><input _ngcontent-mka-c132="" container="body" formcontrolname="password" id="id_password" name="password" placement="right"
type="password" class="form-control input-alienvault ng-untouched ng-pristine ng-invalid"><!----></div><button _ngcontent-mka-c132="" id="loginBtn" type="submit" class="btn btn-att disabled" disabled=""> Log in
<i _ngcontent-mka-c132="" aria-hidden="true" class="fa fa-chevron-right smaller"></i></button>
<div _ngcontent-mka-c132="" class="remember-checkbox"><label _ngcontent-mka-c132=""><input _ngcontent-mka-c132="" id="id_remember" name="remember" type="checkbox"> REMEMBER ME</label></div>
</form>Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (180067) Suggest Edit Clone Embed Download Report Spam CLIPPER MALWARE DISGUISED AS AVD CRYPTO STEALER * Created 1 hour ago by AlienVault * Public * TLP: White Clipper malware is a disguised variant of the well-known Clipper Crypto Stealer, which can read and edit any text copied by the victim, and then replace the data with a new crypto wallet address. Reference: https://blog.cyble.com/2022/03/22/hunters-become-the-hunted/ Tags: clipper, avd crypto, ethereum, crypto stealer, bitcoin Malware Families: Clipper , AvD Crypto Att&ck IDs: T1566 - Phishing , T1204 - User Execution , T1547 - Boot or Logon Autostart Execution , T1115 - Clipboard Data , T1567 - Exfiltration Over Web Service Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (6) * Related Pulses (0) * Comments (0) * History (0) FileHash-MD5 (2)FileHash-SHA256 (2)FileHash-SHA1 (2) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses FileHash-SHA256deaad208c6805381b6b6b1960f0ee149a88cdae2579a328502139ffc5814c039Mar 22, 2022, 5:03:21 PM0 FileHash-SHA256b6135c446093a19544dbb36018adb7139aa810a3f3eaa45663dc54448fe30e39Mar 22, 2022, 5:03:21 PM0 FileHash-SHA147480d9b4df34ea1826cd2fafc05230eb195c0c2Mar 22, 2022, 5:03:21 PM0 FileHash-SHA120f7554280e5e6d0709aa1e850f01e816d2674f2Mar 22, 2022, 5:03:21 PM0 FileHash-MD5fea27906be670ddbf5a5ef6639374c07Mar 22, 2022, 5:03:21 PM0 FileHash-MD5012fca9cf0ac3e9a1c2c1499dfdb4eafMar 22, 2022, 5:03:21 PM0 SHOWING 1 TO 6 OF 6 ENTRIES COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status Login to Initiate Scan × * Sign Up * Log In or Username Password Log in REMEMBER ME Recover Your Password | Resend Verification Email