Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ATOS.NET

Group: clop

Discovered by ransomware.live: 2023-03-24

Estimated attack date: 2023-03-24

Description:

Atos – Home


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • atos-net.mail.protection.outlook.com.
TXT Records
  • mH1Rn9h3riBvfGruJErTrv0fYVRtzm9p
  • MS=ms54076156
  • ZgB1NqB5mF2we9wPxMyrnzsAdXr6vHqG
  • docusign=b46f6d98-f426-4f29-8f4d-b335955cbb48
  • g7CuF0rKSpUH2wxML5j85hASqdaWfNer
  • atlassian-domain-verification=ya5SmvkJmafqz57oHy/k/DdujzUAZK6H3VHaLIGO6ERL4P/V2fSrKIdsO1AhgPwI
  • atlassian-domain-verification=El8OcdEMNPaQ7MnPHFPEuJ7Gw8TUTpa9wHEpTkTJsx4S0wlAGXp7t2yHwnnHzXog
  • apple-domain-verification=DdRWtSXx52XZQIw2
  • google-site-verification=6JDp0c8UnYdygOIU-d9nTSYznqTRsRJHgYNW2mSbRyA
  • uDpxaf09NtE151JnMZT9jUkrhyAPLmCv
  • dBWMPUFR6BRPBt6mapcPQkmsi4eY19m8
  • Dynatrace-site-verification=decda4e9-cdcc-4a94-a36e-b120888a7151__jgdu71lsmu0a2b31s6ham7om5h
  • atlassian-domain-verification=LA8nvrj5U8jKFuoaUtRnuDTi78KzcTEbueohVWm2ia6EUX7bjo6Cnn7Hl0UI/guP
  • pardot467241=8b9637f73bddcb3c6be4cd464d3b5510c4a641be7b7c4077b8c88286b70e3e3d
  • kNKucTNuYKvcEGjAyKEkpVshbi4xUFX5
  • atlassian-domain-verification=zdbGqIaHMFJflZwOauKWpk765hSGcMv2aTnyo1JNkfKoaK3vncoEq654sitJ20Hy
  • crxTQOL0kTBseGMMi/VSblX5q538AvfCEasjsPPDIHUNzT1hix27KSCS9ecoPYyOzyP6JI8btjkeBlSL2kBWeA==
  • jwvhJdDeDBFaj9QEdct3xU5ZetmsNaij
  • dell-technologies-domain-verification=atos.net_81483595-b34f-49df-a43b-d25d780094cd_1673701870
  • atlassian-domain-verification=tQ76vhjoHXPwqCU0wjW5GvdKHbXnczSlRnabiarnNryggbEUVLiPw5mUbInbMN3m
  • atlassian-domain-verification=/m0KilaUDOLHVeJlP5qrcggnBsoeV170p/GSxccMB0FrIRkwxmQExTnlD29lV1qz
  • atlassian-domain-verification=dVCdanTAWfkm0nIZmo4DWpy4Dm/WDkXku2DsulBs5qRgKTM2RO/i6UhXpto9agjq
  • flexera-domain-verification-hbwntdyceaoqhrnb
  • AUyWFzNeTfCFixwxEfd5sw80AXkt6zdZ
  • Z8kEe#DTuEgdicoN8E#q!RdsIg68Ek!YME#r^295vRMBsD0J^iUrMAhIBXK7UnYjH8*h8mhpzas#W9*pu9Wlx^z2v9Vq6gqqL1p
  • hcp-domain-verification=02b3814c3901c1c4e130ce37fa18db5885b3368a519326f78c441ec21aecce9e
  • 30.07.2025
  • v=spf1 ip4:155.45.167.44 ip4:155.45.167.68 ip4:160.92.141.148/30 ip4:160.92.21.196 ip4:160.92.108.230/30 ip4:160.92.140.180/31 " "ip4:160.92.177.1 ip4:160.92.177.2 ip4:160.92.177.3 ip4:193.56.114.164/30 ip4:193.56.114.176/31 ip4:212.170.156.132 ip4:91.103.172.158 " "ip4:62.134.46.8/30 ip4:160.92.152.2 ip4:160.92.186.94 ip4:80.78.5.227 ip4:80.78.0.212 ip4:80.78.5.228 ip4:68.232.145.191 ip4:216.71.152.242 include:spf.protection.outlook.com include:spf.messagelabs.com include:message-business.com -all
  • google-site-verification=E1br6u_-KmcR8RJjna62HarfgmXNXrHJoT8bVcFLebw
  • adobe-idp-site-verification=fb07f50eac0c1510d27aa1430813d922db386dd78e770b271fa42a198ff8a8e6
  • 75W5GNu5DuigefEW8cTyXeQgQ5xwm3sn
  • duo_sso_verification=4t8R5hblwKoyM0HGpM0dIJkPyTfPx9TFzA0he6wg9L3srzv5H2BvwSIZ7QG4V4KZ
  • google-site-verification=UuS20qJHKNSmyQsDKYtJGdoN-BtgtQBVRq8rCWrj5Mk
  • TAILSCALE-jP0GaibMkEODxakSW47R
  • google-site-verification=pabbvf08v585Vxkvxlod-03UP1678XMFL3rNpCZIYng
  • vfGCbKgDaqRBYdSiNf2QnwnfvGR9gpb1
  • onetrust-domain-verification=4a010e7dc8ea4a7684052ffdf496f2d5
  • flexera-domain-verification-xghdwygmrpxngume
  • ThhJZNJafdn0pRmgGUHuQwucnPLMxJWp
  • HXHgh4EVy5CsL6DiFfYvXWfnqRZjutq4
  • onetrust-domain-verification=40f14bcc8aa144fd98455a74c1132e90
  • atlassian-domain-verification=/dupNWInO19QIbkYWWJSz5GVuuiIfzFcSzW2ZoN8TNd5tbys8RaIX3xdzmIzaaim
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 Salesforce Flexera OneTrust Cisco Duo DocuSign

Leak Screenshot:

Leak Screenshot