Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo GALDERMA.COM

Group: clop

Discovered by ransomware.live: 2023-03-16

Estimated attack date: 2023-03-16

Description:

Home - Galderma


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse comlaude.com
  • galderma.com-Registrant anonymised.email
  • galderma.com-Admin anonymised.email
  • galderma.com-Tech anonymised.email
MX Records
  • galderma-com.mail.protection.outlook.com.
TXT Records
  • brevo-code:1c437a33a967a703f8f22da7f181f905
  • amazonses:twL73FGVwQPeP8Xu4TMvT3QgR0AJfHH2U6LIn2+2iAs=
  • globalsign-domain-verification=z69t07NtOa0Wbqw2ZVy175Z2uv2F2_HZEwie1_npqg
  • globalsign-domain-verification=7f9fdb328c44de66ecbd73818ee92b66
  • google-site-verification=WygWStmUAlzWDoMThrsPbN2R9h7scKgUffZs5Rm9_k8
  • faxination=fen45002237
  • globalsign-domain-verification=WtxW04x-wYgy-hnKjGnzdjyiPYI9YMMpRrk_w_GI2L
  • google-site-verification=f5Ij-qhV2FYaFwCkqOtbIrrAjE-B6zwnowqaq2LtNME
  • twilio-domain-verification=a63d367254e4dbeedeac117de49c311c
  • _globalsign-domain-verification=GSA4fUColA-yiS0DEAyiDXjczIYPym0SDFLljzzKH_
  • google-site-verification=Mabcwr6LsNVP1s6trcsSqExNJLyIIz076rWZXqR-HAo
  • _globalsign-domain-verification=718sVGbIPRfzrztJl9xOa4c6RyFl9d3IcTTAVMQELh
  • _globalsign-domain-verification=1mmTls-esPoNcCTBEO4YU5r4dg2kLDvINXgWuhPjrw
  • google-site-verification=UxsiKeu8YBIK_P5Fd8ZRrYrg6HdBrDVisSLnobNRGwg
  • fastly-domain-delegation-346kjnsg0987-16082021
  • google-site-verification=p0TcwopJI2x-3DgzIjEkIzQ94xytELvwTGmeke6Ksdc
  • v=spf1 redirect=8ozkxy5t._spf._d.mim.ec
  • Y+K7OtJhrL3WW3Un6N2wdvtNe22CDQosLX15T5bahhQfGUD5CzmhAQVrij5i+IsgG9D2hUmm2M0LZrrzJUpVlA==
  • docusign=1d148f89-7c3f-4268-bf3f-22b6be621e17
  • mentimeter-4620658e-eb5b-4620-8ecc-b6cde1800af7
  • docusign=a06f6301-52d7-4b9d-b47a-c4c2adc0dceb
  • globalsign-domain-verification=gBacjbbc1moJrRxA7lL67CZfShIoKd0bS3RSJ-3z5M
  • globalsign-domain-verification=dd6023f7591a7b244d41e358680e631b
  • smartsheet-site-validation=JMXR4DosGP8Ky6yActZBLKo0SEpf8b4g
  • 00d7q000004uiebuay
  • google-site-verification=5HiMvGyCc6yNTs5WT_i5wk5e45yxhMqJmjFm6Wxt2gQ
  • MS=ms56630278
  • globalsign-domain-verification=90C5BB1E679FD2DF088A1CE5C41C470C
  • globalsign-domain-verification=A6B319FA4A5EE64233036FD5036CDCDA
  • globalsign-domain-verification=TT8yNPJRRSpynyEtC707B7e-N1UAYsotaW9v2D9B5T
  • globalsign-domain-verification=02FA4619965B1752CE47FC0DE3C26095
  • globalsign-domain-verification=954F7E962F9078E16F6B3852F534DF5C
  • 11324761
  • _globalsign-domain-verification=z-z5IqU9jsyjQeKMTb7OwOKqjKSg8Oi4lxYDtrWVgr
  • onetrust-domain-verification=86f53960a03a49688477584e97ad9796
  • MS=ms36941352
  • globalsign-domain-verification=55C2DD5475F8F4F38D1C5098A2FFBA25
  • _globalsign-domain-verification=9w80Ue0F1niSRsD2WsiVB3O0t4UxpOKV7jTz2f-Djz
  • fastly-domain-delegation-NQFc8JcHONw1ohObfnjh-455952-27122021
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 Twilio OneTrust DocuSign

Leak Screenshot:

Leak Screenshot