185.126.201.167 (Loki Bot Hosted In IRAN)

Direct connection to : 185.126.201.167

Steals Data from : Vivaldi, Maple Studio, SecureFX, Pocomail, Chromium, KiTTY, NCH Fling, Orbitum, AbleFTP, IncrediMail, Internet Explorer / Edge, CocCoc, Bitvise SSH Client, Microsoft Outlook, NCH Classic FTP, BlazeFTP, WinChips, Epic Privacy Browser, Pidgin, PuTTY, Automize, FAR Manager, Yandex Browser, Comodo Dragon, Chrome Canary, JaSFTP, Google Chrome, Total Commander, Trojita, Internet Explorer, FileZilla, Torch, Opera Mail, Opera, QtWeb Internet Browser, LinasFTP, FTP Navigator.

Sample : hxxp://216.170.123.111/nass.exe

Hosting Infos :

hxxps://whois.domaintools.com/185.126.201.167

Categories: Uncategorized

Leave a Reply