Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo West Monroe

Group: play

Discovered by ransomware.live: 2024-03-27

Estimated attack date: 2024-03-27

Country: US

Description:

United States

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 1

External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse easydns.com
MX Records
  • westmonroe-com.mail.protection.outlook.com.
TXT Records
  • docusign=eb769107-c107-4bb4-8f60-eb77af6aac88
  • docker-verification=70bd58a0-28ee-446a-996f-5b8517431e32
  • smartsheet-site-validation=s2D8IQPPW4JHvJ2Z13CwDtMDukyAfZOw
  • v=spf1 ip4:216.36.219.2 ip4:199.91.136.26 ip4:136.147.176.41 ip4:199.91.140.26 ip4:208.185.229.0/24 ip4:208.185.235.0/24 include:spf.protection.outlook.com include:et._spf.pardot.com include:_spf.salesforce.com include:service-now.com include:amazonses.co" "m ~all
  • box-domain-verification=c5746bc0f1dc3f5a849a1e8277df0cdac4af2fff23ad45af1fe74529d6429604
  • nbcn=9E105010-08F6-11F0-885B-931E0D6E16E2
  • jamf-site-verification=c5IuX3nnBCzMGWZOJf92aQ
  • 2943492
  • canva-site-verification=7WHV1vtUPnFfWs4MfgvwLA
  • apple-domain-verification=NwsnxLDC4BwJcK51
  • miro-verification=8961b1a55a712fb55464c1d998c8a804b837f2b9
  • google-gws-recovery-domain-verification=38458186
  • bcn=545A8CC2-0F2E-11F0-B619-C51789203F3D
  • prodpad-domain-verification=AQIrqCELgnd/IIBucpAKhEFCWNWGukQFIhg7O3HSNjc=
  • paloaltonetworks-site-verification=bd7694c4565205bffa89b7fc857036e216d4c59a4a99526a029479f4350b7c70
  • pardot736603=e4cec72ccb6cd3f64ba6ad07745f0c8544e88c26d67d988ae9acc37d759d9d12
  • 3p8sffssbjx84w62m5dmn7tmm97x0lsn
  • qxc7gn8lh9d7r9py0h1ks902v4145zwt
  • flvs3hcjf8yxbf38g4n2twrbbzrbkjtv
  • atlassian-domain-verification=5yjtAcC7Ie3qDNjlhf1ldriUFwNmHqzUJR9F1rLjpl3nXXh9x5fjHEKcIBCN7aNE
  • MS=ms44765449
  • pardot166592=6d026504a89d80b9cb92e4e2e7acaf4827ade7fbdf50fee229d20e5dc25f2461
  • pardot562251=2548c25f37aa22d96537e38d3806ec4eff2b6314447bc83715cb8f783dc040d2
  • 0dsrzhz0lp8m7y2qvzn4cwxjfybnv7pl
  • _e0t4a457qdxgjrdtmuw124htmd4sgup
  • google-site-verification=DO9ujoDa6By3Tiqy5x2mhyMk7M1HX_IcVAl0fg-3vnQ
  • qjy23lm1nqw8jkr2g7p0pxzw2cmc39r8
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Box Microsoft 365 Salesforce Miro JamF DocuSign

Leak Screenshot:

Leak Screenshot