Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo INVESTORCOM.COM

Group: clop

Discovered by ransomware.live: 2023-03-24

Estimated attack date: 2023-03-24

Description:

Regulatory Compliance Software & Communications Solutions - InvestorCOM


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse easydns.com
MX Records
  • investorcom-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 ip4:206.51.251.254 include:spf.protection.outlook.com include:sendgrid.net a:smtp2.distributech.ca ip4:66.155.99.73/24 ip4:156.11.20.65 include:servers.mcsv.net mx ip4:69.164.211.10 include:x.fw-mail.com include:autotask.net include:_spf.intacct.co" "m include:docusign.net -all
  • intacct-esk=F8121911A77397A7E0533A06510AA6B0
  • pek54n81gjhatt9j7ko31bg45v
  • 5ve1bvab16otd0n3g8uni72spr
  • MS=ms89771614
  • n16sq9libsfadci6o6i2hiotp6
  • google-site-verification=pHoFh7WECCPU0Lu7CFhAJzxeB_UzVdVq1EQ-piaVWEU
  • cisco-ci-domain-verification=4fd6ded040b5e4f9f3b8880f4d96710401639066785584c0ff33d79c87ea66b2
  • rnrfcvtceu8c48u7idgham6ri5
  • investorcom.com. 18000 IN TXT v=spf1 include:autotask.net ~all
Cloud / SaaS Services Detected
Microsoft 365 Cisco SendGrid

Leak Screenshot:

Leak Screenshot