Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ARROW.COM

Group: clop

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2023-07-26


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • arrow-com.mail.protection.outlook.com.
TXT Records
  • docusign=dd85fa03-c15e-4e0b-b4e3-bd7a3b380793
  • L51pXZVNhYEirEoiqiz6q8BYiWuHh+hMeJc8rSF0oV4aW2m+BpZYVTmulTuclbsFaVlZ4S8X9pSEumMdSb4zEw==
  • 1dxmmxfzsxdtlk49gxj73ch1gj85t01d
  • google-site-verification=8YMBxqE3e9ltRlKbZ8V-QGXgexyCXno7LkqXnA0DsiU
  • duo_sso_verification=mp4ErzHzuVT0oeKv9abJxkeGCisiTanBAPgyb6jbTeuAkZM1YdgWDzxiEKugHm7e
  • v=spf1 include:spf.protection.outlook.com include:_spf.arrow.com include:_spf.salesforce.com include:spf.US.exclaimer.net -all
  • pendo-domain-verification=552d72ed-bb67-4488-954a-6fb6c3eeffda
  • postman-domain-verification=b98e66f798de806336059536424f5f13d2df8e86072a01a30437468b8f8b9969f4f4454f14349153d8b2a6ad1de3ea622a45dca5620b02a3284fa8d9953ec1d1
  • NGmGH8aOGnXNKucI8w960Tuyk5C0+66fBwodIyhH+eYh8Z5WyN5IJeCWmR/OCigSrbLrMjaponaRU4+9FLY3TQ==
  • pwKiXLVicShbHlmYTMiCFPs4CCnD
  • rnjpf2v323s1psznzgr282ztwhn9j16d
  • b98e66f798de806336059536424f5f13d2df8e86072a01a30437468b8f8b9969f4f4454f14349153d8b2a6ad1de3ea622a45dca5620b02a3284fa8d9953ec1d1
  • globalsign-domain-verification=KaParXxs1OHDy7o8CMbPpHBN-2m_mzwdPqKMMQ66a6
  • 82af3dc6d00443919b474e9c4c58bdbd
  • docusign=8027bae1-a07d-4e7d-b018-f8c4731c197e
  • _vd9xgka967sdkeagsx9nuc3m1o75qzc
  • canva-site-verification=s0R_EoWLmSOpjf6thXcluA
  • google-site-verification=VaJS2xoJO1gmS-4zRImbvb3TnXydPXmzsXP5tX71QAM
  • vOUqisEYnbDYsHmN8DWQAj2EcIheFOhn5phmhTJwZ71OUu3vKZHdhDKzZ7w5vqFt59PMjFWYpM8rRDUEWnizsw==
  • atlassian-domain-verification=sPGKiSRxkRD9Z/RdTUNxz2weQDiMy36HvGFePMdTgdsV8igLpnvXr8IUOwtjMV5B
  • _869l6cu1i835s66dqp7rtugec7yovzg
  • uber-domain-verification=a07c63cb-5aee-4314-89ac-5e80156097c0
  • atlassian-domain-verification=un5yyVlkFXo4h0zqCEzXvR0uJuWhhNbs1bWswrrhZxjLcRIKUzMIKEK45W1rSsLG
  • apple-domain-verification=37zdYzX9CxTZ65UB
  • pardot_395872_*=6e526633fd41d6047b3aaf573f7162fac97b619d1568328bb1a0733bab2f8fd4
  • MS=ms60605122
  • hcp-domain-verification=755480bfc08174098e0f51b6797bde2e5bb13f4cdb94620cb7956dfaa8deb2c4
  • atlassian-domain-verification=DkMUeKc6/JR2x6KHXHGeIDFbi6uWH6hizAmEpqFnjhX8S8SKdW4lE4r9H47ekC8E
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365 Salesforce Cisco Duo DocuSign

Leak Screenshot:

Leak Screenshot