MultiCareInc pt.2
MultiCareInc pt.2
Group: everest
Discovered by ransomware.live: 2023-04-07
Estimated attack date: 2023-04-07
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- multicare-org.mail.protection.outlook.com.
TXT Records
- ciscocidomainverification=19b21cca1f4cdd679de9e785f09a8241899a8317c609a26078e5ff8991000a98
- @MS=ms55526858 1Hour
- knowbe4-site-verification=cf96feb6b78ce95e522ad04dfa4ac722
- 9D267E4073D3D227F941C8E6D6E54802F346F718276443C519FD9A16811A6AFE
- onx=f017a418-e45a-4dd4-a5a7-21386b5bcc2e
- v=spf1 include:spf2.multicare.org include:spf.protection.outlook.com include:outboundmail.blackbaud.net include:outboundmail.convio.net ~all
- citrix.mobile.ads.otp=q0nwt8p4zihnotv9uawg6kbm
- onx=283838cf-5d41-41d0-b84c-45133db99c65
- asv=87d1b3716eacb7b186198672f0763260
- apple-domain-verification=qPG2CBAWoEVDajDZIwt8ZJdwzgh4ap8_9DD7Hw5ZUY0
- domain-verification=a6062981-3840-2b5c-5034-4364a5614e2d
- M6YW3LMZ0IOR5LS9H6NQA23L4EHG34F6LUFK8FG8Q
- domain-verification=4f0fa628-2b17-23a1-f101-928bc9e03e8a
- UBKwJvdCr7pF3srvHIkZNfjX4TrUdcNbPM5SwFPgMrswspetjHTvfq3J4cANxMJBNZIi1eyLeng0DYNpevhkaQ==
- jamf-site-verification=X_LLsloLLMuP1QHDr6PbAg
- google-site-verification=CYMnsPYjGiHFAiq5QaGQ2AADBsaceK5gXKTyqXAENt0
- g6qFzynOWoYbqvTZI4unv1bW1cySTS8GGd/pA2YGqXedMe3ObRl4XwkP9d93K1Az6PG6FHwjoAlUcLJxzvAKBQ==
Cloud / SaaS Services Detected
Apple
Microsoft 365
JamF
KnowBe4
Leak Screenshot:
