Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Prima Power

Group: akira

Discovered by ransomware.live: 2025-04-02

Estimated attack date: 2025-04-02

Country: IT

Description:

Prima Power provides businesses of all sizes with targeted dynami c technologies that enhance profitability in sheet metal working. We are ready to upload a lot of essential corporate documents suc h as: corporate NDA’s, financial data (audits, payment details, r eports), etc.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 7

Third Party Employee Credentials: 18

External Attack Surface: 4

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse register.it
MX Records
  • esvaeu2.primaindustrie.com.
  • esvaeu.primaindustrie.com.
TXT Records
  • teamviewer-sso-verification=ce5f8d1819174352981a7348a8903771
  • v=spf1 ip4:213.215.244.194 ip4:213.215.229.37 ip4:213.215.229.124 ip4:193.229.0.46 ip4:217.77.192.129 ip4:217.77.193.9 ip4:217.77.192.9 ip4:52.169.124.26 ip4:208.185.229.0/24 ip4:208.185.235.0/24 ip4:18.180.127.81 ip4:54.64.30.13 ip4:148.59.108.0/23 ip4:1" "48.59.106.0/23 ip4:88.99.254.228 ip4:66.180.72.0/21 ip4:199.122.112.0/22 ip4:95.175.113.181 ip4:62.236.116.67 ip4:209.85.167.176 ip4:209.85.210.47 ip4:209.85.167.175 ip4:209.85.210.44 ip4:93.63.176.10 ip4:35.156.80.209 ip4:149.72.91.62 ip4:168.245.57.151 " "ip4:91.196.64.110 ip4:18.168.51.200 ip4:20.23.231.92 ip4:156.54.124.98 a:mailrelay114.isp.belgacom.be include:aspmx.pardot.com include:spf.lianamailer.com include:sendgrid.net include:spf.protection.outlook.com include:mail.zendesk.com include:spf.esvaclo" "ud.com include:_spf.salesforce.com include:spf.zohomail360.eu -all
  • google-site-verification=V4fHXRBv_B2hOjiKgc18kFyKTjxwenqnX54W1Yp5cJc
  • cisco-ci-domain-verification=794541261dafa277d5122305a967d08186c1c1cb09f4a2278fb96f7058a821c0
  • have-i-been-pwned-verification=dweb_2u7hni0xqt25lq8rlqiny63b
  • MS=6AE6E98D5DE0A6D8B8AA3D7FF03265D4181A25EC
  • facebook-domain-verification=o2wl3y0010lmc8vvkm9ectltpu1qtg
  • include:spf.zohomail360.eu ~all
  • apple-domain-verification=vITmo5Av3nkLdjTg
  • google-site-verification=7PBcDWZSIA6_5cubqZSA6WkD3NIeG3cde9Yp-Sd57Z0
  • openai-domain-verification=dv-tcOegkQMP75CQUz5J1DXJqMK
  • atlassian-domain-verification=4aCuxyJBAay2JvJ9BZranet1u8csf0KLfwVWRFBiuT9DRKangXlYhHJpl22D3fTK
  • zoho-verification=zb15395989.zmverify.zoho.com
  • have-i-been-pwned-verification=5235211c95c16c5be2117ed6fecaec0b
  • have-i-been-pwned-verification=dweb_8e167iqzd2j4sgdd2p48hqgi
  • MS=ms83236736
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365 Salesforce Zendesk Teamviewer Zoho Campaigns Cisco SendGrid Have I Been Pwned