VALMET.COM
VALMET.COM
Group: clop
Discovered by ransomware.live: 2023-07-17
Estimated attack date: 2023-07-17
Description:
Valmet: technologies, services and automation to pulp, energy and paper industries
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- valmet-com.mail.protection.outlook.com.
TXT Records
- atlassian-domain-verification=YqDHUHIYsR9IjCxOSjeVjmDOpZURal2l4qhWn7j3IXMCaKcMi0Y7ehdnWrfawGQ2
- pardot696113=79ab66ab7ba5b52fbb07a6663f65e2dd0836221f84b7dec6c9d706e0ae80b57d
- infor-cloudsuite-domain-verification=24LWVLT94FC4HC7TZQWCZMG3NWYEY2LNAJ4ADZMWET98G3G4U35TMHUHYY5LUPCP
- MS=ms54773683
- pardot696113=fc139e39efcc44c42fa7c54f8702380e7252cdd072fcfd3995af0a3072b0b86f
- MS=ms99883211
- adobe-idp-site-verification=6cdce37e-5c76-4633-83df-7e4a5779c965
- have-i-been-pwned-verification=dweb_qy5bldlqkrpb373zksz11gjv
- adobe-sign-verification=cc7e6f5310edc7dfcf121ff0d9e65a94
- nM639mZB/ZD6hn+0wBLzhCzlucwNcFfKjrLq7eBiB+k30PXPGkbDLESjeMW71R8QbBRnG/22N4/4+Q1xh12rsA==
- adobe-sign-verification=41e12c1acb5c2e1e74e6aa2b450086c8
- 00d58000000hp8ieas
- pardot711061=1caa8b8016f07f1609f2cb11c363ee9a64f317e1f23b60dabad66e55716a97b6
- google-site-verification=SP3G8fzKvK6eYWX9ovZjhvo6XfEx51JXl1D7ijTR93A
- adobe-sign-verification=955e657bd0e26be0b788b638c429d07b
- teamviewer-sso-verification=9d2d43364b4d4b86b3ea639328928a3c
- v=spf1 include:spf.mailjet.com include:spf.protection.outlook.com include:_spf.questback.net include:_spf.salesforce.com include:spf.a.valmet.com include:amazonses.com include:et._spf.pardot.com include:spf.lianamailer.com include:_spf.tivian.com ip4:16.1" "6.164.185 ip4:51.21.35.155 -all
- msfpkey=4wjqvdmf9rs1x83e95cbmq9bi
- pardot684403=09917707e428886cf97d7e5ae0848f3356f1ab9936d119f9755d58dac03462d7
- cisco-ci-domain-verification=798c29d7cf5bf74c672e32cab6cb83af39fd0c67b787566f8fa327eb1703ebbb
- adobe-sign-verification=c6ada57022c043dab75c1da9693a677f
- Jr1N6wgjMnyUGcwA7nO0pY8SdAKfBI2mAUtJMJBv3mhkevLnzT8nKzhwj5U1mPCRP07MkUyvCdRIwxe9yLmKWw==
- pardot711061=ff7f162946038f589d2d17fa48dee1d581708ed5d30443361749e3586d5a046d
- ibmid=e6a53354-c2cf-435b-91b6-d328cd0386c4
Cloud / SaaS Services Detected
Adobe
Atlassian
Amazon SES/WorkMail
Microsoft 365
Salesforce
Teamviewer
Cisco
Mailjet
Have I Been Pwned
Leak Screenshot:
