Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Exela Technologies

Group: hive

Discovered by ransomware.live: 2022-07-13

Estimated attack date: 2022-07-13

Country: US

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 9

Compromised Users: 189

Third Party Employee Credentials: 1

External Attack Surface: 71


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx2.googlemail.com.
  • aspmx3.googlemail.com.
TXT Records
  • google-site-verification=b2QPLNPVOSAHhOABHL9Yd9B7p7c3XAfQaNtvP6RAnKM
  • pardot143511=d17b0d274c7500c99cb769792f60f2b66cdba724f58045fd0509a11021f8c089
  • ciscocidomainverification=7a7cdbed5be52113baf263184863ba638b2068c2c94ea639ed5d0fb0cad3d35
  • v=spf1 ip4:207.231.176.228 include:sendgrid.exela.global " "include:_spf.google.com include:_spf.salesforce.com " "ip4:148.163.146.239 ip4:148.163.142.211 ip4:185.132.180.243 ip4:185.183.28.194 " "include:amazonses.com ~all
  • MS=ms80140807
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 Salesforce