Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Banco Promerica

Group: snatch

Discovered by ransomware.live: 2024-01-13

Estimated attack date: 2024-01-11

Country: CR

Description:

Grupo Promerica es un conjunto de instituciones financieras enlazadas a través del holding PROMERICA FINANCIAL CORP (PFC), el cual es dirigido por un equipo multinacional de banqueros, con conocimiento puntual de las actividades económicas y financieras que se llevan a cabo en cada uno de


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • promericacr.in.tmes.trendmicro.com.
TXT Records
  • Y4pT4DdETbJJ7A9WwW3UtDJfKh5dogFfflFBDlySOoQ=
  • 4yUbVwRauBejCVSrMTDG7YnjMAKtB4xuhWUA3DgjGSE=
  • 5xr5jiR1if3cBBbmlWqeDZwnJQso3cdFHBY1xjQmVeM=
  • xAeNoeEP9yWYIRiGrtdlIugxyPwjRlrDp9/ypig/GgE=
  • bbf61dbdd3b6730a96453debdf725c7060472c67
  • MS=ms10318311
  • globalsign-domain-verification=05c649718e10507c5fde8a32949f7043
  • globalsign-domain-verification=E1C03FA9A573AC244948F7A6C95662BC
  • 367B-40F2-140E-2593-BDA8-6953-6905-2F77
  • ZOOM_verify_Hxi_nADqSPGGjeWz9wmDLA
  • globalsign-domain-verification=F22E4C3C1335F0482F192BDA674135C2
  • aHWV4lM/Fd/djw3CI9JW1CIJd8rQOv5Yss9w3x1tlts=
  • facebook-domain-verification=mhpnv4q3a9nwd8l3ofrh68x2jtgl8s
  • google-site-verification=Y9sob72G9O1fhFHrquinSS68D7p1zq2mdGDw7tGgfQ0
  • _globalsign-domain-verification=Ry7-xJu0Cv9R_Mjtmh2dR2Wd8lTMh_LzRjPRG-kJBK
  • CchA+as4JN4mCvcI6GinyLNSm/2OkytA0GiZocDIUUE=
  • MS=ms49963086
  • CstALyx8ofRy72wZFqlfx+ma/mWr0IW+HHFh7WDyFR4=
  • x1Ar7+hmOnjQ7PW4TEFOIETF0wlTkAK0o6Lc9lc96CQ=
  • hThJMoBOTQ5CXKetEAFHRne47FNQhWVXk2SeE+DoY7E=
  • citrix.mobile.ads.otp=qkm34r1nigloe9x7fadts
  • U8obKsdoDe2GqncHv2DltXXe2+54d7RJ6HlV7SJcLXg=
  • apple-domain-verification=u7exsVLVpdPSqLeB
  • globalsign-domain-verification=9298C2E5FA78B9C36A168288AE4292CA
  • QEPvlHFYOG3Hypm8hVazWl7OS/rtuJ+EzWsRm/ubEm0=
  • v=spf1 ip4:179.0.202.13 ip4:179.0.202.26 ip4:179.0.202.27 ip4:201.196.148.61 include:_spf.qualtrics.com include:spf.protection.outlook.com mx mx:mail1.promerica.fi.cr include:spf_c.oraclecloud.com include:spf.tmes.trendmicro.com ~all
  • 4UhJLY+EQK78/EtT2g+9CEtyIp/EFqCYKqY88xj2cuI=
  • globalsign-domain-verification=5dd20afaf7b8037735a5ec1f8f8d6eba
  • tmes=884e5a43cad368a390c68d8cfdf9be7a
Cloud / SaaS Services Detected
Apple Microsoft 365 Oracle Cloud Zoom

Leak Screenshot:

Leak Screenshot