ID	E1510
Objective(s)	Impact
Related ATT&CK Techniques	Data Manipulation: Transmitted Data Manipulation (T1641.001)
Impact Type	Integrity
Version	2.0
Created	4 December 2020
Last Modified	13 September 2023

Clipboard Modification

ATT&CK defines Clipboard Modification as a Mobile technique (Android platform). MBC extends it to the Windows platform.

Use in Malware

Name	Date	Method	Description
Clipminer	2011	--	Clipminer monitors the clipboard for cryptocurrency addresses and replaces them with ones controlled by the adversary. [1]
Dark Comet	2008	--	The malware writes clipboard data. [2]
Emotet	2018	--	Emotet writes clipboard data. [2]
Hupigon	2013	--	Hupigon replaces clipboard data. [2]
Rombertik	2015	--	The malware replaces clipboard data. [2]

Tool: capa	Mapping	APIs
write clipboard data	Clipboard Modification (E1510)	user32.EmptyClipboard, System.Windows.Forms.Clipboard::Clear, user32.SetClipboardData, System.Windows.Forms.Clipboard::SetAudio, System.Windows.Forms.Clipboard::SetData, System.Windows.Forms.Clipboard::SetDataObject, System.Windows.Forms.Clipboard::SetFileDropList, System.Windows.Forms.Clipboard::SetImage, System.Windows.Forms.Clipboard::SetText

[2] capa v4.0, analyzed at MITRE on 10/12/2022