Valley Mountain Regional Center
Valley Mountain Regional Center
Group: karakurt
Discovered by ransomware.live: 2023-08-31
Estimated attack date: 2023-08-31
Description:
Valley Mountain Regional Center is a private company that serves children and adults with developmental disabilities. Data: 147GB (medical record, passports, SSNs, accounting, financial documents).Soon.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mx2.hc5485-1.iphmx.com.
- mx1.hc5485-1.iphmx.com.
TXT Records
- klebcf3om3lj1b4rpo71inj17n
- MS=2AB457CF1C5671DE0FEDCD326291BA7EF972C9E1
- MS=ms52044752
- sophos-domain-verification=f54f5f8ff874760da06b865775998d5aff716ce5fd4ab1c10463dc075bd19dc3
- docusign=9001b73a-6e17-4a86-a822-29165bf9f47f
- lMqiXpDTM4UIQHr/DOk3mHF/bVDjx3TCqs5p4aKpbaNtyXJlgRv+hRq3emi0ETUfSU0+yyyD+XZlziuDIRLUFA==
- v=spf1 a mx include:spf.protection.outlook.com include:mail.zendesk.com exists:%{i}.spf.hc5485-1.iphmx.com ip4:207.38.124.248 ~all
- OVq4uQKT5XnuAv6BzF3Er8t56rHFWaG5r/1VLt0N9hx6iFaQiikCFTSqxEYPh6GU5vnSFbNT96Br2EGTYj42yQ==
- MS=lK1gKhCzy+A+EiU1QXejoTcz14ie2XVD9ebgxLgvmE3YdT9DDSyxEoTjljSiWQxzmFZZdQ2TQukNnpU0G9pLCQ==
- 9jmh56ime6rq302fn7d3e15bmh
- apple-domain-verification=Kyb2smFoAwumbzuo
Cloud / SaaS Services Detected
Apple
Microsoft 365
Zendesk
DocuSign
Sophos
Leak Screenshot:
