Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo SMA.DE

Group: clop

Discovered by ransomware.live: 2023-07-10

Estimated attack date: 2023-07-10

Country: DE

Description:

Willkommen bei SMA! - SMA Solar


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • sma-de.mail.protection.outlook.com.
TXT Records
  • teamviewer-sso-verification=23bfc4aad8d741498160f0a7d1414d73
  • google-site-verification=AG2nkY4-jSZ2LFJaGDp0mCph4V1cl-jPJTQAUoBdUtU
  • 1mh772v8hmfzg3j3h36zdpp1nvslytlp
  • globalsign-domain-verification=885846963F18B22FB7973A817C191EF8
  • successfactors-site-verification=ZDE4MzJhMTI1ZTBiODMxYjUyZWE2MGM5NDYzMDcwMjI1YjdmMmUzNDNiYTk1ZWVkZWVhZmZkNTg5NDdkNmM4Zg==
  • v=spf1 ip4:52.137.61.15 ip4:20.123.164.91 ip4:62.157.91.9 ip4:76.14.140.26 ip4:62.157.182.115 ip4:54.240.4.4 ip4:194.176.121.23 ip4:82.135.58.65 ip4:82.135.58.28 ip4:185.38.116.10 ip4:185.38.116.11 include:_spf.salesforce.com include:mailing.eqs.com inclu" "de:spf.protection.outlook.com include:successfactors.eu include:spf.sma-de.cloud.nospamproxy.com ~all
  • sendinblue-code:20c4627159446ea5a62af7d8d0213fdb
  • atlassian-domain-verification=+vSaANYvjjZahPwtX1JTsAhXJtxPhegFRnDmzOcf+bsRGNsIlLMGfZtrcVGY8cN7
  • docusign=68b95516-5c11-43da-8927-8bcb4d8c35c6
  • MS=ms29961777
  • webexdomainverification.4C675B8A82B0B136E053AB06FC0A3F65=3c36b608-af9e-44af-9693-115b8b1638ad
  • d4c26sh0xz0fkqpssq09czplh68cd3y9
  • 1cTa5dOXBddwyETGbEq0V7tu+5JsRY/jLGAttMuCMWw=
  • 2FE3CB24AC2B748A46AD4DB5C3D34FD9C3734D0F7F7A1D407E7C51C4E3EC3863
  • cisco-ci-domain-verification=291106606f5f6a699b4a7908b490eb92ce07acec23d6afadba32a25487cf15d0
  • w1IZYE/d2BvSkENKzT9jpZKZfQ5Q3YRPrbW4Aw7tVRF//ESVnB9PwVCUQEptL6ADudGdf4hJx2UyLlETHwy7gg==
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Salesforce Teamviewer Cisco DocuSign Cisco Webex

Leak Screenshot:

Leak Screenshot