Willamette Falls
Willamette Falls
Group: alphv
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-05-04
Description:
- company's sensitive data (audit, payments, budgets. contacts, vendors, etc) - employees sensitive data (contracts, contacts, address, payrolls, taxes, etc) - plant data (blueprints, schemes. floorplans, mill data, etc)
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- smtp.google.com.
TXT Records
- v=spf1 include:spf.protection.outlook.com a:wlinpco.com ip4:65.144.159.216/29 ~all
- hbohdqvp0ajgrfe0mns58vqhlg
- 2kvlautl0g7c40kd6u0ckgh17t
- MS=ms83366501
- l8slvdl1momktgen9bic5ef0d5
- Qbq+8JbFSJR6DDgjr/ZYpZBZ+ggsR/9xjJdC3y4fnBzulxUMkb68LYCr2VHskW3+gpmkxmLIzxSAJXw5jzsGSA==
- google-site-verification=Yk1hfPgE6vhQiQuwjm-DzQHAg-MUonNRTOftrf6dlio
- MS=A5C0A016C65272FD42593884DBA7CCCEA7D437F7
Cloud / SaaS Services Detected
Microsoft 365
Leak Screenshot:
