I made configuration extractor for AllCome Clipbanker. The config saves all the cryptocurrency addresses, Paypal emails, Steam trade offer links, C2 server addresses that the clipbanker uses to replace in the clipboard.
Download the tool here:
github.com
You can download samples for testing here (I guess I should upload some more): MalwareBazaar | Browse malware samples
List of several extracted configs is here: Extracted Allcome Clipper Configs - Pastebin.com
Download the tool here:
GitHub - struppigel/hedgehog-tools
Contribute to struppigel/hedgehog-tools development by creating an account on GitHub.
github.com
You can download samples for testing here (I guess I should upload some more): MalwareBazaar | Browse malware samples
List of several extracted configs is here: Extracted Allcome Clipper Configs - Pastebin.com
