Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo USWELLNESS.COM

Group: clop

Discovered by ransomware.live: 2023-03-16

Estimated attack date: 2023-03-16

Description:

Employee Health & Wellness Portals - Biometric Screening - US Wellness


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • pardot1025193=88ee29a938521b503747c76edf00b0da2c99490f9f1102b227900fd0c116c70c
  • ppe-fdc6b0136a46f92cb807808a14ffb7538f4b3855
  • sending_domain1025193=7cac68c918291ab4b340e1df046769865a2bc909875ee3da7b5c10a00f0b6ef0
  • v=spf1 ip4:69.84.129.224/27 ip4:208.70.208.0/22 ip4:69.84.129.224/27 ip4:208.70.208.0/22 include:reflexion.net include:spf.cernerasp.com a:dispatch-us.ppe-hosted.com include:reflexion.net include:spf.cernerasp.com include:spf.protection.outlook.com ~all
  • apple-domain-verification=PsbTKifQbCjar5YH
Cloud / SaaS Services Detected
Apple Salesforce Proofpoint Essentials

Leak Screenshot:

Leak Screenshot