MESVISION.COM
MESVISION.COM
Group: clop
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-07-26
Description:
MESVision Members
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 45
Third Party Employee Credentials: 0
External Attack Surface: 14
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mesvision-com.mail.protection.outlook.com.
TXT Records
- v=spf1 mx ip4:204.105.162.112 ip4:204.105.162.113 ip4:168.87.137.54 ip4:168.87.137.55 ip4:136.147.138.75/32 ip4:65.196.178.144/32 ip4:198.2.128.0/24 ip4:198.2.132.0/22 ip4:198.2.136.0/23 ip4:198.2.145.0/24 ip4:198.2.186.0/23 ip4:205.201.131.128/25 ip4:205" ".201.134.128/25 ip4:205.201.136.0/23 ip4:205.201.139.0/24 ip4:198.2.177.0/24 ip4:198.2.178.0/23 ip4:198.2.180.0/24 include:spf.protection.outlook.com include:spf.messagelabs.com include:aspmx.pardot.com -all
- L0U0X60573
- MS=70D41CEB83E603426D228356D5F8A5500E058D13
- MS=ms51426565
- MS=ms58047984
- L0U1X05489
Cloud / SaaS Services Detected
Microsoft 365
Leak Screenshot:
