Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Pierre Fabre

Group: revil

Discovered by ransomware.live: 2021-03-31

Estimated attack date: 2021-03-31

Country: FR

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 38

Compromised Users: 289

Third Party Employee Credentials: 79

External Attack Surface: 57

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • legal safebrands.com
  • info domain-contact.org
  • clientele safebrands.com
MX Records
  • pierrefabre-com01e.mail.protection.outlook.com.
TXT Records
  • l2lyZrP+0E5k5hQpAsYR89gTOWsZa/J9kblfk3ntnm81Ah+Iu2KbvQ4Zv5DdhPymJpJWqWgRKrNgMfpwvUSnDg==
  • ca3-8b7966547bfd4663bd9844ee535cf137
  • MS=ms21331853
  • docusign=4438b62c-66a9-4677-961d-a3912b2b82be
  • docusign=122a0b43-c8b1-40fb-b1b2-08f2463261d0
  • apple-domain-verification=TcoX95cxIBMupo4w
  • 9Iw0nBxM2/fP+Wvf8X0I9UMKJCZppVj96XRXaY8T7Go=
  • adobe-idp-site-verification=21adc753-2c73-4a77-b4b5-76b707f8989e
  • asv=35a52a8389752094178fff858a80e203
  • v=spf1 include:spf.protection.outlook.com ip4:212.2.32.150 ip4:212.2.32.128 ip4:213.190.76.3/32 ip4:167.89.26.120/32 ip4:91.238.150.104 ip4:91.195.207.253 ip4:213.199.154.23 ip4:80.94.183.28/31 ip4:195.144.18.204 include:spf.webcrm.com ip4:62.109.128.67 i" "p4:46.105.79.115 ip4:37.187.24.213 ip4:188.165.41.33 ip4:195.188.87.55 ip4:194.187.224.14 ip4:94.186.148.156 include:sendgrid.net ip4:5.249.132.140 ip4:5.249.132.141 ip4:5.249.132.142 ip4:77.81.239.206 ip4:77.81.239.207 ip4:94.186.148.172 ip4:80.12.14.1 i" "p4:217.13.56.5 ip4:185.7.39.7 ip4:185.7.39.6 ip4:46.105.39.121 ip4:178.33.237.19 ip4:184.72.194.240 ip4:195.82.66.140 ip4:85.13.156.251 ip4:54.246.89.35 ip4:194.187.224.13 ip4:185.93.39.69 ip4:217.125.89.218 ip4:185.21.152.19 ip4:185.21.152.22 ip4:81.201." "112.21 ip4:81.201.112.22 ip4:61.8.194.11 include:spf.mandrillapp.com include:_spfeu.qmarkets-dns.org ip4:61.8.194.114 ip4:193.201.39.111 ip4:91.238.151.76 ip4:188.93.22.222 ip4:84.39.36.4 ip4:176.111.246.128 ip4:91.238.151.100/31 ip4:91.238.151.92 ip4:54." "229.96.1 ip4:54.229.96.23 ip4:54.229.96.27 ip4:54.229.96.36 ip4:54.229.96.53 ip4:54.229.96.66 ip4:83.219.80.5 ip4:212.36.72.16/28 ip4:217.13.56.7 include:_spf.salesforce.com ip4:91.238.151.104 ip4:185.154.21.21 -all
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365 Salesforce Mandrill SendGrid DocuSign