Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo IRCO

Group: stormous

Discovered by ransomware.live: 2023-03-27

Estimated attack date: 2023-03-27

Description:

Ingersoll Rand is a global market leader with a broad range of innovative and mission-critical air, fluid, energy and medical technologies, providing services and solutions to increase industrial productivity and efficiency. Since merging with Gardner Denver in early 2020, we have more than 300 years of combined experience and innovative expertise


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • irco-com.mail.protection.outlook.com.
TXT Records
  • _v65pvz0ot5kqag6qxr8mlvvtby8q9e8
  • 860hvfwmyf2jc55d7ycqvslx4w219158
  • Bw7xk5rvmpzpzxvf23ph60zz2rg9gh3h
  • _hkx5i0ysxvtxnz1czjp8kimmdjj2fb5
  • _3g59dsgjmbarj02o565wjktrzy22kue
  • _5bh0olsat3wlrzktwpfmuqjqulou5xv
  • _8orhooj1nez9ue0j64g2900aa4ug5lw
  • _8zznfc1joais8jeolxg9oup90c8qk77
  • amazonses:O9ohQa9RecYMQ4atlBWfr8+cN9rG9VW4TQAiIWjW2ZQ=
  • google-site-verification=_6TjMHM5c4JZE_g3OGKEREOq__VpwOhtrTkxaOBDncI
  • krpbycgs67dlct6m5v3cwfyckjctsnnc
  • _zq146v3y12rv8904anbphleji5rviw8
  • atlassian-domain-verification=o3HUJYtW9S/81LIMFHWAIofjhU9KBZzut3eIOzBUzs6S9V70gLq0x4EYKKevQFvw
  • _xuzqasq44ang0jhhfyx20udg2hwj74e
  • bw7xk5rvmpzpzxvf23ph60zz2rg9gh3h
  • _mt4ualfotrbzkwct4qpefuhgkntg2pz
  • gcp16qlg5dk71qvvq0ckc651jf76hk2c
  • _ntwi1x03qyiz9w3e3kypb48l4i9iydk
  • _8q2gnjrq05nnaslnlnnd9ambf46lypm
  • sv2bj3zt8n251s8g5zp6wx1bsnfmnb27
  • nsymnnyyx62zkjf2x65505r7jj2jm51x
  • f61kdgv0qy7ljckmf4fggtbdh683str1
  • _yl3xecu9hm2ox4d7j8d8mlf9b8a6w3a
  • cisco-ci-domain-verification=2ea85e2bd08c87516d624f10310e16213a7b2c31ae2284a017c045d41dade9d3
  • _v2o586mpjgvie52kud2kqb7eml5xvgq
  • _guep8epvtpdo5gre865c6k4garh5jgv
  • _h4u9nskxo6uu2qk63q5w7gmmoaw5jab
  • _5f8kzvdb4naxyjjutjmxf8klkvqn44l
  • _qj5lf9g1eihntvihwptdhd32p7jbcy9
  • _9q9v4lwjuazwf75nbbxh9eove3p093g
  • google-site-verification=dBaPTK7a91RpfajVu6hri-H55geFK-imX9z00rHy3NI
  • c7rqx23kgkcjt5qvwzvyx5xnkmhqb0pg
  • _gwx0ne2qrd4fd3cg217p6618t59wfmu
  • _p16hyl9o69rlhtd5n2xjnrrghcm3h8p
  • _hvx60x07qbzleddkke6l4oapbrh0r5u
  • _h8mza2dicl2hijpfugtzjvbuuhted1j
  • lsrm07tgshzhgtlzyr0ypsp5vjg65w3k
  • google-site-verification=BDO9aiu-CTgzptHp9HjSty9ysEeWuR-tBXJpolhJlaA
  • atlassian-domain-verification=Qz82GvcVdTdBde8f9UKIOkpjBnPj84fpLZr3bWO2Wr2qezmasqv8WnvPP8oO/XAT
  • _g6icjswql8up5y7jpdpxs5hhzmt33rv
  • _y24cupz33qq0evsw00ha9t7jbpcs0pz
  • yw6yt5bw4s0l55tz11m0f67p0tn4173t
  • _6fwzkg6cm1stsnj8ar2x4hvehxlsu9t
  • _nt8s1gzvkyydkh0x6mior0dey5qu9id
  • _ybon797w68waui20xy45wn9enq1wrjk
  • knowbe4-site-verification=125990a2c8bba1769509b3a86f0b1631
  • adobe-idp-site-verification=ba30df82-6bc8-43a7-a36a-ee5f5aa72f87
  • f4fq2k928kt3y0b7zh5xtkqb4bmmj9ym
  • amazonses:Jlx+WPjSN71jOlhCph61gE1bW1TSH17wcwlCpJQhdZs=
  • _k2h8vppyicn029yq5intatj2yp8v716
  • _j4px066qm11kz7xabpip7tkk8ae5ls3
  • tr57kd60xrg4bbt46hzzydd226g7hpdz
  • j17twj54y3q7fd1l3vskb5pr37kstmf7
  • v=spf1 include:spf.protection.outlook.com include:mail.zendesk.com include:servers.mcsv.net include:amazonses.com include:_spf.docboss.com include:_spfext1.irco.com include:_spf.act-on.net include:_spf.bullhornmail.com include:_spf.salesforce.com ~all
  • _9q2d2vhloyvsxgxqlqowzg7hff6uv3j
  • _7qzw696z7d7rs47dzhjd162ojkcsbky
  • _2vtn3x0jhhr45mmv38kbghrfccpihc2
  • _7yugbw52a6mfje0g46oltxvhh3hwrr6
  • _izim6o9ngl07lr62o96png9eiqkbkf6
  • _w4hb2jpfm84lz8u983mxqy57wup9jpk
  • gylng5vwv0pcnmxhflbl9fjkyt5gkc77
  • kyv4hjhwdzg8wtvhyd13vgtnnwn0fsm6
  • wiz-domain-verification=3308e33ee6133d1f828050d6c3495443da8f0c2c4b221625dbda3bcd6741a7eb
  • _cxsplg6z69falzc5npaw9l9k2gj84b3
  • _so471801pgtxj6zkr7gvvwwu1gpkrl5
  • atlassian-domain-verification=ThYR5SdZZC3pmKbIuqy2OEbe21SBnnGawgImQlkUGOtHzT8psMDLNbAyPF1A1fTN
  • google-site-verification=fzd9LS4WSwVqXYl6DXUjlLTUURuAESot9OUrwIh6_GY
  • google-site-verification=RgLqM84sd5u_toXQNzg2-X5SzdlwxYnlOa2uLF_bTf4
  • amazonses:QGZrEwM7KhGtruzSbCQsNCwgFt6tPBiETNqq04XPoAw=
  • cloudflare-verify.irco.com
  • d6696kmylv73djzcrp4r7jdrp1jxyd2k
  • _bdjla4vonwjv560pyfj526ka2ly8d2r
  • _crrxxqrwwhgo57y5gwtq017owznvdbw
  • successfactors-site-verification=OWEzYTRjOWYwM2ZkZDY4MWJhNWYyZTJiMTBlNGFkNjRjMTY4MGNkZGNlNWE2ZTg1MGUwOWZlOGVjODU2YzA0YQ==
  • _k27kref9aw4l42wj56e58ydorhopoiv
  • m7g6rp9nrwk01nvtml6tgzwnzw8p08dx
  • xp94zhmrhwtktgr492bnhyd71c1hhtr5
  • _8jf2zte7qhnefg3owloz9kt456yb1pd
  • nintex.5dc57bf0b77b3f0e11bae0ae
Cloud / SaaS Services Detected
Adobe Atlassian Amazon SES/WorkMail Salesforce Zendesk KnowBe4 Cisco

Leak Screenshot:

Leak Screenshot