Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Afpa

Group: doppelpaymer

Discovered by ransomware.live: 2020-04-17

Estimated attack date: 2020-04-17

Country: FR

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 42

Compromised Users: 5201

Third Party Employee Credentials: 77

External Attack Surface: 118

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • cloud.store orange-business.com
  • florence.patenne afpa.fr
  • mohamed.ould-tourad afpa.fr
MX Records
  • afpa-fr.mail.protection.outlook.com.
TXT Records
  • BPzxG8NnOqBs6ucU9yEgjtQxo0zAWYHOYXjNiNCO4JKQE8Bzjzq2xFQVpoyr3p06OXLKo23q5f2Sjf3jNLv4sA==
  • atlassian-domain-verification=wa9UXInDalpYbaP3QVgUT7eXc3RYpihjq7X1Ip1bDsmSMx3EeB1uiGlDhP875XyD
  • v=spf1 mx ip4:188.231.78.40 ip4:188.231.78.41 ip4:188.231.78.42 ip4:188.231.78.43 ip4:188.231.78.34 ip4:212.99.102.34 ip4:188.231.78.35 ip4:212.99.102.35 include:spf.protection.outlook.com include:_spf.salesforce.com include:spf_c.oraclecloud.com ~all
  • MS=ms31483393
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Oracle Cloud Salesforce