← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
The long road to your crypto: ClipBanker and its marathon infection chain
WHITE AlienVault 2026-04-09 Modified: 2026-04-09
12
IOCs
MEDIUM VOLUME
Proxifiers are speciaized software designed to tunnel traffic for programs that do not natively support proxy servers. They are a go-to for making sure these apps are functional within secured development environments. By coincidence, Proxifier is also a name for a proprietary proxifier developed by VentoByte, which is distributed under a paid license. If you search for Proxifier (or a proxifier), one of the top results in popular search engines is a link to a GitHub repository. That’s exactly where the source of the primary infection lives.
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
ClipBanker
Indicators of Compromise (12)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 107484d66423cb601f418344cd648f12 2026-04-09
FileHash-MD5 34a0f70ab100c47caaba7a5c85448e3d 2026-04-09
FileHash-MD5 7528bf597fd7764fcb7ec06512e073e0 2026-04-09
FileHash-MD5 8354223cd6198b05904337b5dff7772b 2026-04-09
FileHash-SHA1 15efe7c0a510950c753a9ec1a388d699b341a2c4 2026-04-09
FileHash-SHA1 d85cef60cdb9e8d0f3cb3546de6ab657f9498ac7 2026-04-09
FileHash-SHA256 fdae784b02b22916bf4bac1344b3e8e13f98996e3cd85f2daf171084983247e1 2026-04-09
domain chiaselinks.com 2026-04-09
domain rlim.com 2026-04-09
hostname git.parat.swiss 2026-04-09
hostname paste.kealper.com 2026-04-09
hostname pinhole.rootcode.ru 2026-04-09
References (1)
↗ https://securelist.com/clipbanker-malware-distributed-via-trojanized-proxifier/119341/