Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo STIWA.COM

Group: clop

Discovered by ransomware.live: 2023-06-16

Estimated attack date: 2023-06-16

Description:

Automationstechnik & Automationslösungen vom Hersteller - STIWA - STIWA


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • email.stiwa.com.
TXT Records
  • MS=8AA5C491BFEB0A1D8F20FFE443FD3351BFE5CC58
  • v=spf1 a:email.stiwa.com ip4:193.104.82.0/24 ip4:212.183.16.200/32 ip4:212.183.16.201/32 ip4:212.183.0.26/32 ip4:83.164.137.22/32 include:spf.siwa.at include:spf.protection.outlook.com include:145810932.spf05.hubspotemail.net -all
  • amazonses:SnvqbQQSfa4nFTLjnJpMKUg+csLEWexxFC1ZanpGrxI=
  • spycloud-domain-verification=a265e4d4-dbfe-4a00-87c8-d831446ba2c9
  • apple-domain-verification=uESVHlP3RMhCv6vz
  • SqD4Iat5jwwLqNwMhi4ybGLlNl3J4I7cenyFAsRfVk01vW+vmV2829/66HDFLI28khtqEgWlfQxTaoDOY12guw==
Cloud / SaaS Services Detected
Apple Amazon SES/WorkMail HubSpot

Leak Screenshot:

Leak Screenshot