NextGen
NextGen
Group: alphv
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-01-17
Description:
NextGen Healthcare provides customized solutions to fit the exact needs of ambulatory practices. Our solutions empower patients to take control of their health and enable clinicians to be more productive and engaged.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- iswadmin nextgen.com
MX Records
- nextgen-com.mail.protection.outlook.com.
TXT Records
- _46gi0uys72anart8cefi64go4nk5eyh
- _7gb65shd66k6q4dahqhxu79lrudol0v
- xj5qz1lb8tsfflx1w57bynh8yxgf3n5k
- 0d1mj29h3qcl8vc3b86kwljmt3bnf20t
- _em5des23gtccqu1rv0qm7trw8wv83d1
- pardot488571=e1fea396aaf1ad5ad7ecef2620b21f0162e4d439e43eb4281d7973bd585c865f
- RDGim08MeTJ8B+LCdJ6k7KPAGB6z11zb+kGVA/+g9WIRZzz8Fk7o+yihrFg+W/NTBUwFU1lJoxcgYA5FMJyucA==
- twilio-domain-verification=28cffa5f6a062d8a750fd317812b3e3b
- slng2mxrhdm9v19bz49s2lhnwwj37q5t
- amazonses:7+XYuLwFYyE6Zzp1IOKd4iAS30CSv9aW9QxAPIVefM4=
- 6swg0k444yl5tzhzsrjzpjdvwc0nj7r1
- 3m3ygynbpk4y128nfwf2r3pn1xtsc6tx
- qb4rz14kwnxhnx9j2s9f9tnvygzcg6rp
- 8bnx78kr51cnq76gsbhr45ddlqn5593j
- _fkjr3tcdwxszb15lo97t0zdqedxp8qh
- reachdesk-verification=4eMr8HcRCtKM0yMmtnoaW8UiuV54RO5fyIhqltHJP6ENHgC9ODpi7xs5uH7Uo5Gg
- _ui43vb182t6yyd7ypfhehtr771eyyxv
- mc-eb5cf51e-e2bd-4195-a1e1-b521f22b87ce-cd.azurewebsites.net
- atlassian-domain-verification=j8zPcgWo9ZsTAtrZ181Ge6PHN1rgL5cLKrmiOOong/7a72hUrg8b8wSGhMOSJwBI
- _wiucqr787wix3y7w9d3a11ebbq6u90z
- _yza38f3zr4b1r4lyfu4buaqg5trihx3
- v=spf1 include:aspmx.pardot.com include:spf.protection.outlook.com include:_spf.salesforce.com include:_spf.psm.knowbe4.com ip4:35.165.22.210 ip4:204.80.226.221 ip4:208.117.56.28 ip4:208.117.58.160 ip4:208.117.61.226 include:amazonses.com -all
- gp3kvcrxn5vwxx0drt0t4ypllzmblmbw
- CD44653A25NTA5MDY2Mw2#!5cn8t5p27i77en5c7i55" "_lsqrc9kj7vqjsfl4wnn0re7o6ny6n07
- miro-verification=affaf7d52c900e55f6a57ec512fa37602e7b4aa7
- _loapk60vc2edx00b3iw314bq44qx3gm
- Dynatrace-site-verification=8c15be56-fb2b-49c6-bbae-d90b13c6792e__12u4kcm2jfkg659ecni7e92ck6
- _hmyxiuttjsmmy43750odj1sr8v8xqcv
- sv5nrmhdnpp2n5qxl30tptm8jj7h24sj
- 52b1fygkfv7mktv0wzm1hzsznw57fhyj
- _g5aev3bfml436fr54p4opx9evidwvdg
- _euy8gxz2itylhvyxgolo7gf5skrscyd
- _sszbtk38ljhxb22rgamzyayzc1pv240
- 88xthdzcndmz9tcbgqx1xhkhzd2v13gm
- _ow0765lqixlwjc64907d9i2d14oc5lj
- xlph7ymlhnk5b4mbw9jq0n90wjy9q7ll
- 4r5nk2fp4s197g6jlx4hgjqjfqt9m609
Cloud / SaaS Services Detected
Atlassian
Amazon SES/WorkMail
Salesforce
Twilio
Miro
KnowBe4
Leak Screenshot:
