Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Westside

Group: royal

Discovered by ransomware.live: 2023-05-22

Estimated attack date: 2023-05-22


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • westside--health-org.mx1.arsmtp.com.
  • d49679a.ess.barracudanetworks.com.
  • d49679b.ess.barracudanetworks.com.
  • westside--health-org.mx2.arsmtp.com.
TXT Records
  • v=spf1 include:spf.edgepilot.com a ip4:75.126.24.87 ip4:72.16.226.90 ip4:72.16.226.68 ip4:72.18.226.77 include:spf.ess.barracudanetworks.com ~all
  • s0jxky5vpf6xpfln2c40gfzq5nbbhg55
  • R/tGtJHDJjnJb/cUudJDb3cE8BJAaB2A/KwmlAhNGU7MuLrb2fw78mGbOBwDMl1LJceS8fNp6C/eF6mXjLxp8Q==
  • _l5ojdq0hasf1h2h7w2u5trrpvor62dg
  • m4r2gv29yx5x1k7ft9q68tg3ycx0l018
  • logmein-verification-code=1bf9808c-9d75-460d-b6d9-fcfa8715b778
  • d162b4ac559a453dbbbe2a32d2bf6c1c
  • g6w2k0yt78hc7xvgxcd2l0nny0b6tvvn
  • 455b497c-4cfa-4803-b8cb-3e0fd7a01875
  • _globalsign-domain-verification=gGdWxCV-81Uh5NDeHc-3k7qQ8lScp5r-z2a2c6r5Yg
  • _dvearvb6zlhl286phajdpi7oeypytoa
  • zone-ownership-verification-423be30dde8a2387dcd43f79eba3151614072b9b900af6def5dc570c3e63075b
  • logmein-verification-code=443f38a1-5c95-47f0-807d-bfd6a4785477
Cloud / SaaS Services Detected
LogMeIn

Leak Screenshot:

Leak Screenshot