Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Sun Pharmaceutical Industries Ltd

Group: alphv

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2023-05-16

Description:

enjoy!


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • sunpharma-com.mail.protection.outlook.com.
TXT Records
  • box-domain-verification=9d39c787ac48b9d496a14853d1e093e70c6eb2f4534d397847d2389dddc5d852
  • google-site-verification=wYw8F9iGT6EXs2vzspx30IShSYWyD9N62zhXjThsiFk
  • google-site-verification=cBR9gdTq-m_FeqaEytUp8Nm_DcYg-uSV6IJqyzHoMS4
  • MuxCaWVbhlmWhXBP9KWU/F5qOZkIUHUblQbNgMNcSQg=
  • OO2ReTDMVbzk6uJH5L4TYqckHEo87d5WJHqdubK1Xm8=
  • globalsign-domain-verification=i_HSpgNZSQ6OOqmramHmekJ96g_b5fXt5iFNutPzVw
  • xpPLRgPx6uq+PXwF9jPUMfHZgpn7U8Yf3hXVY5dwgD8=
  • facebook-domain-verification=ab3jn71n3jgylb10cx5f101p20eslx
  • zsLkUSYbIq2Vh7QR2JmEta1mRKG9bfXzEkJ41o2SDj4=
  • +zDE7P0U4oAVLouLnR2OY+daihlwxbPq/KomiKC//Fc=
  • 5rsso2Vu8Ke6GEY5W51wwPPMqKZJowXQCeazKsNeNuZd0nFJXdaObcM+BBnd7+h19Law4arQCXBWmJ2sz1LQ3Q==
  • google-site-verification=58JIb2RZ9feK9IPIup1SrQ1dUsIozyfh6tw8MVSOkpE
  • google-site-verification=qHrQfXd5i-MMySwhMtiW8mXpM2MU3VEkXldmW9n5oNo
  • 6Fx9I56iklsddf6giCWA4ntC9P7ngmwUoEIpst5BZXs=
  • openai-domain-verification=dv-xTOzF4ikzPeXRRQs2g2RIE6u
  • MS=ms42989051
  • google-site-verification=fsL7AAiwAeeReKaYA5_X9R448x3DmbxcJs_bt5oQcQg
  • MS=ms30900244
  • docusign=7a67d773-3b86-4d10-8cc5-950d65bc2f9d
  • v3zZUf3GO2ji52NMJ1ILNGfWZprDHUYX8wsEpYUJrS0=
  • qMuM0VSiWpE+C42xUxml6vt84RqFC/9SxE1OapXEKsw=
  • apple-domain-verification=AAk4dy5h0BisxYnR
  • oz7wK792UC3mZWkCFpQnWQZnHesE4SwPdQasZy8cHEM=
  • HOuCXfIxID2k7RaC7FH3yHmS+qreYscwnNehM7L+mfo=
  • /ViEavP++r5SWE4nDrqsboiqHlyH6DSZ8V3Qfg99D1o=
  • google-site-verification=oNDhI3Wy-3pGPIzBfR99St4vOzLIBs_9-u8ZwAk3LcM
  • google-site-verification=jC1cQObI1dSDLRQWC2RacfNxIgGxJ04GdWzjV7o3HkY
  • NK/qopGniuvfCOd6RHQSmfwc4+TpgThLp6Kx6cjMJbM=
  • google-site-verification=YSGV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiQQKhoKU
  • globalsign-domain-verification=zN0pAfJxsUALo3mtVbrJrqy6g5MBvjEEnDt3o3XFVT
  • SIjy44qeIS6p3MaqH0jqnOyUz0PfCKtfr9LTskh8IBM=
  • successfactors-site-verification=NTNkMTExNWViMzRhNjliOTI0MWYyNDgyNmRlMTI5MzRiZGUzMjUwZGI0MTRiZTE4YjhjOTgxYzY4Mzc5MTEzNw==
  • logmein-verification-code=64142804-5dbb-4f52-8df1-7c1f0ffbd59d
  • gV/JXNEPqSFZjTwZxhJirEXWFujuN5S2UCnKgA9R4AjQUAhq6zxjUTnvzwWjbGnSF1XWXQ5qqzgxvLkUJeSSBA==
  • g6WCHIghGJwBft6o4dpH37v6GEqjFwai1WdGuJgMlK0=
  • JGbwZvUw95O3q4j7HNOKsX0cVjxc8h+MM0MKCX6EtP4=
  • MS=ms28236131
  • google-site-verification=CQ1-5wCIYkezNuspd-e3gKcLLKeZojS-HcJJxB7EIUY
  • cisco-ci-domain-verification=54be29447f320646ce744317aac8466ca527cf245ba74a4693c35ab3593e01c1
  • globalsign-domain-verification=wuzEgqPKZl_0isti--3zPBXE7pAaZynREfQlC9qgA4
  • v=spf1 ip4:65.1.217.64 ip4:202.3.64.28 ip4:202.3.64.130 ip4:202.3.64.3 ip4:67.132.78.87 ip4:67.132.78.88 ip4:52.172.190.219 ip4:164.70.8.234 ip4:164.70.5.142 ip4:20.231.93.57 ip4:4.227.246.200 ip4:20.212.195.198 ip4:20.212.194.147 ip4:52.172.237.154 ip4:2" "0.193.229.182 ip4:35.240.151.59 ip4:34.142.221.122 ip4:15.206.65.24 ip4:18.132.222.32 ip4:20.5.80.155 include:ncapp02.com include:sendgrid.net include:_spf.qualtrics.com include:servers.mcsv.net include:spf.protection.outlook.com includ" "e:mktomail.com include:_spf-dc44.sapsf.com include:spf-prod.gps.ihost.com -all
  • google-site-verification=S7V1GV9Jm2u7rmsCe65wKzPTw5jtS38n2tVEGiQCeaw
  • smartsheet-site-validation=2U4bVaHWq2jB2eghKKek6340shwfnEuT
Cloud / SaaS Services Detected
Apple Box Microsoft 365 Marketo LogMeIn Cisco SendGrid DocuSign

Leak Screenshot:

Leak Screenshot