Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Garuda Indonesia

Group: mallox

Discovered by ransomware.live: 2023-07-09

Estimated attack date: 2023-07-09


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • garudaindonesia-com01e.mail.protection.outlook.com.
TXT Records
  • MS=ms65751892
  • fkgy76z9wdcv60qgpd19q3bzfhrl4sds
  • google-site-verification=EIv62RT-VL53gWoTzrJSnh2tAAmQjB1TvShmOUM7_UE
  • google-site-verification=PoXCWQoSz8nx0NH9R_JQPTca1tf9L_1u-0BWlPparno
  • google-site-verification=Vl7TdYz_HbhZEXGU6h43bN6SUsrW1CfB8FmSf_4Qs2A
  • google-site-verification=XJADItGcID49jVV23YYBbRPJxile7H2Lv-HOGO7Z0Hk
  • q654sGjiDr5UUgYJ1/0XL6kzqGcrHrI9k/TkAWEFV1i6+c2XEBqEa7EhKlrzd5j4DnDFYvZOUYhFsu8cngWO1w==
  • v=spf1 mx ip4:82.150.225.79 ip4:171.17.133.140 ip4:203.130.212.0/26 ip4:147.139.160.180 include:_spf.salesforce.com include:spf.protection.outlook.com include:amazonses.com ~all
  • DirectFedAuthUrl=https://iam.skyteam.com/app/skyteamiam_entraidtest_1/exk8xe3lgjjqM6UY50x7/sso/saml
  • DirectFedAuthUrl=https://sso.skyteam.com/app/lams_entraidauthentication_1/exki1nw5b7Ankn4wZ417/sso/saml
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 Salesforce