09-01-2025, 01:08 PM
#1
[Image: LOR-Logger-v2.png]What is LO$R Logger v2?LO$R Logger (short for Loki Password Stealer & Recorder) is a banking trojan and keylogger that first emerged in underground cybercrime forums. The v2 version represents a major upgrade, featuring:
 
  • Enhanced credential theft (banking logins, credit cards, crypto wallets)
  • Advanced evasion techniques (anti-VM, anti-sandbox, code obfuscation)
  • Modular plugin system (allowing attackers to add new features)
Key Features of LO$R Logger v21. Banking & Financial Data Theft
  • Web injects 
  • Form grabbing
  • Credit card harvesting 
  • Cryptocurrency theft
2. Keylogging & Screen Capture
  • Records keystrokes 
  • Takes screenshots 
  • Webcam hijacking
3. Anti-Detection & Evasion Techniques
  • Polymorphic code – Changes its signature to avoid AV detection.
  • Process injection – Runs inside legitimate processes (e.g., explorer.exe).
  • Virtual Machine (VM) evasion – Detects sandbox environments and shuts down.
  • Rootkit functionality – Hides files, registry keys, and network activity.
4. C2 (Command & Control) Communication
  • Tor-based C2 servers 
  • Encrypted exfiltration 
  • Telegram bot integration 
5. Persistence Mechanisms
  • Registry autorun keys 
  • DLL sideloading 
  • Task scheduler abuse 
4 Share
Mega-NZ
Mirrored
Media Fire