Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo UMASSMED.EDU

Group: clop

Discovered by ransomware.live: 2023-07-10

Estimated attack date: 2023-07-10

Country: US

Description:

UMass Chan Medical School


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • umassmed-edu.mail.protection.outlook.com.
TXT Records
  • pardot655953=e0c7072dd495a39aefafc325342eb0d9c2112de78a0f04e01cd49b30e88a5ac3
  • ZA=tTGJMv8TGFCDk8qRctCgpA==
  • globalsign-domain-verification=5eNnnT7arXPY3x_UiF5i8VGEhoct8ZfFx4gxI4LE4K
  • docusign=dbff9274-f0f8-4c91-858f-4358d55a0748
  • pardot1017032=e5cbfbd0963feb195599e55b9cb6f25b0b56747f370f92040c036b83b7087b05
  • teamviewer-sso-verification=053c8c70f4aa4915bcc218baee6b59a4
  • Foxit-domain-verification=a7b11dbb4aad5dc89384ea2f277015f8
  • docusign=9315e7ea-e93e-4c29-a1ce-af281ec8a570
  • hcp-domain-verification=4f23706fd1b63da921894138ef08596ce7d61c2c777973c6e5ad795f4dd9c70d
  • v=spf1 include:spf.protection.outlook.com include:mail2.netronixcorp.com include:spf2.umassmed.edu exists:%{i}._spf.mta.salesforce.com include:aspmx.pardot.com include:_spf.qemailserver.com mx:massbiologics.org ~all
  • docusign=67dd6d83-c9a3-40ba-8f23-a51a8b2cf7bb
  • pardot184882=ceea0b42f2ffe116caae9ef0f28696ade36edc1e4092340ff8c785595676cabe
  • 2/Vp1gGMGlkMiFcy4cNt+w4Hd8/u99mSu5ldTedcxJRi+d89RanC+sAHfcKBA27JhmQ4qAMvj7GqDbxnI5SV6g==
  • apple-domain-verification=llJye063C1sbflkW
  • smartsheet-site-validation=fQxugLQ6HW6ydjUlm0vhDe0xQzkRkdaU
  • atlassian-domain-verification=Lg/1Aihq0Z3fb9YOXoMjb8xrwjfLPVuLKW0mhB0z/3R31lzw2Cnh5Ek3rWL7uwpi
  • smartsheet-site-validation=OJB6q3TvzNBvX0S26pGT5SqTZjJwmy5X
  • _f03e658f47df85fa53edd9f7686f0f7a.gfjzbhpkrq.acm-validations.aws.
  • quickbase-site-verification" "7b8b2a0beab53987ee05b74caaa97b9ada0ea7ac
  • smartsheet-site-validation=DcLS_a0u5gS8zGRPFIhDdL4p4RSx27ex
  • _globalsign-domain-verification=m45dqN23I_ulTJJACHqozmhefY2vQ7Ru7Pe9CPGw2x
  • sending_domain655953=209f94b2babb0002a02136a048f3f38c8ee9aaf5b53eb859fa564508ab71f964
  • _globalsign-domain-verification=q-yxTA96VRygfuzwCT6Yg43yttBVbAnWIgmw4oIpcl
  • brevo-code:4b1d185c9523152bc988b279334260c8
  • 9voeolhoa7ngpih5o00vud3br1
  • _globalsign-domain-verification=04ti1JpnkLb74YP2wpfn69HstDSgeMg1VQQElEAbUa
  • sending_domain184882=62455c46885b30ac3a8532264df771d61900c58e71f6d4d8cbb3a317d4494b22
  • hAelFO60Q5SaOzSvWbAClqiOybOWvu20pAR8QeWpZBM=
  • _globalsign-domain-verification=5eNnnT7arXPY3x_UiF5i8VGEhoct8ZfFx4gxI4LE4K
  • sending_domain1017032=b2a370d85e1cfd77cbd80f33544f9a9cecdbd13b7b004b45903346e6ccb2ff6c
  • _042b9e81ea1967be424ce3d5565c995b.hpcportal.umassmed.edu
  • pardot918953=803bcafc88055d8dc713f88691858427d6c9d6d4c5eb97d7a9b314ac35fe6019
  • adobe-idp-site-verification=970900d3b202772ce8427bc1a50768bb1d61ff4f82cda78426a0b698076e6d4e
  • pardot655953=b1a081fa5ef68f000b5c2ac5d0bed72da968c202ef74666146955a59c8a17546
  • e1995mjp3mrrdj6icjgs0eb2ga
Cloud / SaaS Services Detected
Adobe Apple Atlassian Salesforce Teamviewer DocuSign

Leak Screenshot:

Leak Screenshot