Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo HRTRANSIT.ORG

Group: clop

Discovered by ransomware.live: 2023-03-23

Estimated attack date: 2023-03-23


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • hrtransit-org.mail.protection.outlook.com.
TXT Records
  • Id8Ccqxvnai5hWXLg7XvVUFnCvxDSmpjzQfP0jC5rHSQcbPWKvRHG2yteLipM8CtqXCO2gQ7ZFhL9uIXkOO2Yw==
  • gwp98ePTMVql32/sVVzte7rKsHLQqVYh4uMUOsmj8dNMd8AtSfA8kXrIn3EmoYkn6ptjh75YvkAo+dAkui5zLA==
  • wHAKVvOgIQLfG6/R8iXNBzOkHC2kKyPHXbwx01txCjoaWELtwev9b2f9eO9h5iXMcZExZZ+sOBi7r3ToaQ+B7w==
  • P8eSqnWP2WEZ4/84EHjIi2fFZ+PN0aQjndSk/NmRAR7rQgz8wH5dlsuBgkBdK24w+k9Wfs0Mk4MHJ5tiOr3eDg==
  • docusign=66c9f840-f3f5-41ca-9f76-5db7388ee01f
  • mandrill_verify.u18_Qz1jlEIaJf_PJBSi6w
  • v=spf1 ip4:216.54.15.30 include:spf.protection.outlook.com include:servers.mcsv.net a:gohrt.com a:host2.gohrt.com include:spf.mailjet.com -all
  • ZOOM_verify_rRiS31mwS2623RIPGFbQeA
  • apple-domain-verification=dnGyKwG2x1sUGY19
  • google-site-verification=lLMG_EZ4apMCPzz_auS8cyNpW3OIXxQff5xnunyvZus
  • ecostruxure-it-verification=bc911bc7-7597-4b7c-9fa7-cd37fa9411ba
  • atlassian-domain-verification=pAvkMgmOxpTbC53XJs6LUO0OYCTJet7kJVZGgkqO0xcQwIFd75be5HtD/o3KrcVk
Cloud / SaaS Services Detected
Apple Atlassian Mailchimp Mailjet DocuSign Zoom

Leak Screenshot:

Leak Screenshot