Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo CMD

Group: play

Discovered by ransomware.live: 2024-11-19

Estimated attack date: 2024-11-19

Country: US

Description:

United States

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 0

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • apple-domain-verification=93rizbYmx98RiOy5
  • cisco-ci-domain-verification=2ec36601c1a0f3ab0b384a2de31fae351841d36995e9bf58d8a2a1b0db81ecac
  • docusign=066466b8-9b8f-4429-8b0e-52928f20968e
  • lcx4tbjuw22xuoRVvR/a6xiQp9ofX5IgBL3iE3I6drFrPR2fOQ5Ox2NefVuG40D6OFVsy+6Fjv+NgDVm2zmMhQ==
  • ppe-8e8acc50c53993269635326f6bf94f6903aa4fb4
  • v=spf1 ip4:67.52.255.64/27 include:spf.protection.outlook.com include:spf.constantcontact.com include:_spf-us.ppe-hosted.com include:mailgun.org ~all
  • wphhza34kCf7wVyxry7nWrLh8s5B6l/edlKiCnobg+Te3U9EItCHF/Mt3MfzwT+T93UVVcHGzFqaXTEbn98BmQ==
  • MS=ms74132335
  • TD8X98esMSwDzz3cVfKgz0pL3kXOHYXptirYyEgD9OT8u099F3vb4F0cN41qJvnYnFYlxpMvNFyu4ZO3jZq0aA==
Cloud / SaaS Services Detected
Apple Microsoft 365 Mailgun Cisco DocuSign Proofpoint Essentials

Leak Screenshot:

Leak Screenshot