batlxt.org Loki Bot (Hosted in Russian Federation Moscow Mail.ru Llc)

By Pig, February 7, 2020

Domain name : batlxt.org

IP : 95.163.214.100

URL : http://batlxt.org/y8x/pin.php

Steals Credentials From Local FTP Client Softwares :

C:\Users\user\AppData\Roaming\FileZilla\sitemanager.xml C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml C:\Users\user\AppData\Roaming\Far Manager\Profile\PluginsData\42E4AEB1-A230-44F4-B33C-F195BB654931.db C:\Program Files (x86)\FTPGetter\Profile\servers.xml C:\Users\user\AppData\Roaming\FTPGetter\servers.xml C:\Users\user\AppData\Roaming\Estsoft\ALFTP\ESTdb2.dat key: HKEY_CURRENT_USER\Software\Far\Plugins\FTP\Hosts key: HKEY_CURRENT_USER\Software\Far2\Plugins\FTP\Hosts key: HKEY_CURRENT_USER\Software\Ghisler\Total Commander key: HKEY_CURRENT_USER\Software\LinasFTP\Site Manager

Sample :

hxxp://107.189.10.150/HT/7845100.jpg

Hosting infos:

hxxp://whois.domaintools.com/95.163.214.100

Categories: Uncategorized

Tags: Loki

Previous postfentq.org Loki Bot (Hosted In Russian Federation Moscow Mail.ru Llc)

Next postmyehterwallet.top Loki bot (Hosted in China Hangzhou Alibaba.com Llc)

kdotraky.com(Loki Bot Hosted In Shinjiru MSC Sdn Bhd)