Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Garda

Group: metaencryptor

Discovered by ransomware.live: 2023-12-07

Estimated attack date: 2023-12-07

Description:

Garda


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse gcd.com
MX Records
  • esa4.hc358-86.ca.iphmx.com.
  • esa1.hc358-86.ca.iphmx.com.
  • esa2.hc358-86.ca.iphmx.com.
  • esa3.hc358-86.ca.iphmx.com.
TXT Records
  • ZOOM_verify_wt95A97yQ76NNgXFcs9-ww
  • smartsheet-site-validation=L6warUdG2z0IYGrtqBK8PRlwbRSnryU1
  • asv=9ae228db55530da2a41b82df310e8cc5
  • MS=ms66929108
  • have-i-been-pwned-verification=f437b57ae2831a65c8a1950715e37279
  • MS=ms40793044
  • teamviewer-sso-verification=7fc5e48670d2446a9e8fb9ea3ddebe40
  • O1YE2U9s4CamijbKSq7RIrVMpAiBm1h/JZFvAds6esawymdU0wbYMBMLeKqZX5fIOJvWIlyVZH6+0ocqjQsuug==
  • miro-verification=8f656c4217253715f3de02b1c082d35edb4f289a
  • 079128eaf3cd03c47439e986cb57c9e3dca25af950ab3d0ebf
  • google-site-verification=KXJ9KShIdxyyBfDfABZKZHx0jfEZVJetWDroDNB22Iw
  • pardot_154931=db990cfa058ef5433936450ae5fc5eee787fbf097b5cd5f6f14efe0bdaa5e55e
  • Y0jxXukl/EVCiJtH6J5APlIyLDiukK2B6u2wugNHhcnxh6gRkIByOhS5FYvAlSlnafoaQKKqcAFvNZ33TMxM8A==
  • google-site-verification=mn3VmhHG40nRh2v6I2aJgUjg64wYSScBxWnMNX9cLag
  • docusign=ce20e394-6043-4a95-8064-7c0a4a175f30
  • apple-domain-verification=t1PNk43OaNZaFjZw
  • 168a111af11586ac4431fd6ed101dbc59c2e48a065ce02c0b4
  • d7+nky0+4HwvErSi2XCwgQgk5b8LNpXLn2p4zcc+aQnlBNIrbhnOQcL3mkrgtxwB+LfoE5++vIijZbhBKWjfhg==
  • TAILSCALE=mOKRsCGc9ceLbIsJu4Ov
  • v=spf1 mx:garda.com include:aspmx.pardot.com ~all
  • dell-technologies-domain-verification=garda.com_5e6910fe-38ac-4d91-84f9-7e4bf707316d_1730662727
  • docker-verification=fb48542c-50f8-4965-ba95-0117d25b856a
  • logmein-verification-code=e89a5818-3c03-4e3a-971e-ace65853f893
  • atlassian-domain-verification=zhmOlKNKw1UMq8D3DmPflduKQCuAhERrlHUFceHU9o2gC95fOzUTtX7f1gLJ9ClF
  • h6mgihf2vejg9k3c4g3om2gm36
  • dropbox-domain-verification=gpzgucyyge2a
  • Foxit-domain-verification=247a436722e2ca3e090eda403b840ec1
  • facebook-domain-verification=53wot4qox6obc3yi9nuqq70ovwf813
  • P2A_13286_8
  • teamviewer-sso-verification=ccaa2d21da6d48759e033f62309f6208
  • akmtmbmj1rrjgbdevq1sbpu2up
Cloud / SaaS Services Detected
Apple Atlassian Box Dropbox Microsoft 365 Miro LogMeIn Teamviewer DocuSign Have I Been Pwned Zoom

Leak Screenshot:

Leak Screenshot