Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Xerox Corp

Group: incransom

Discovered by ransomware.live: 2023-12-30

Estimated attack date: 2023-12-29

Country: US

Description:

Xerox Corporation provides document management solutions worldwide. The companys Document Technology segment offers desktop monochrome and color printers, multifunction printers, copiers, digital...


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • mx2.xerox.iphmx.com.
  • mx1.xerox.iphmx.com.
TXT Records
  • webexdomainverification.4C675B8BD27DB136E053AB06FC0A3F65=f46c9f8f-27fe-4399-a063-46798885439c
  • h1-domain-verification=u798srhkHsguWuuKJ9jEF7jaY8rMRvo1jEGp3jAG83kBZdZN
  • 6ZpwCG3DkW/sI5iW0PrECx4iSQF1Yj2rC2USrsT7LaZ0wVbb70bfJXyLDVRZEDRwMRPij/duzfFcwX9EjJ1Ylw==
  • webexdomainverification.4d2abde4da5011c7e053ad06fc0ab17f=1023409a-d0d8-4e32-aa93-c802970feb53
  • amazonses:BbvpRIWAvvVQijs0zvbkm5hWu9pJ9sRS/R3fnguzUp4=
  • cisco-ci-domain-verification=5189f93c6104ca078b704b53bbda5c79ee635e479431967841b7f1ceed59577e
  • globalsign-domain-verification=404484575de68de025ead67e61bdd594
  • google-site-verification=AG7vu8mYz2Mjd2OxV2jMmHRT5RLlI3vfZ4Pwzx_eXyo
  • CKIOJONMZT._autotask.xerox.com
  • google-site-verification=FTZ_4d8T6qx3IXTiRaK4xnIRRe3k23DJhm802IUTlhM
  • webexdomainverification.4C675B8BD27FB136E053AB06FC0A3F65=e072993c-c14a-4a6f-8942-47788297c063
  • google-site-verification=SqEDLxkH1C2tIoVfcgUK5IPPplF7H9Q4PDXSLBQ_mSY
  • v=spf1 include:_iphmx.xerox.com include:_iphmx2.xerox.com include:spf.protection.outlook.com include:spf.constantcontact.com include:_spf.salesforce.com include:nw026.com include:mail.zendesk.com include:autotask.net ~all
  • google-site-verification=_TXJIUt1VESW6hNVUMWXjP6LY2Rhm3KXDqG622PjcsQ
  • google-site-verification=Ggk7Rg_jFyfh5yiNssP4KvydqZZIYntXYGsDmCyHUQg
  • jamf-site-verification=06aiArdDOtB10ORj1dSClQ
  • umacf5dltsUy81OlT14W8R76dh5dLxGs/B3p3YRVQGsuDXbu/pIu9MWmZ9TJgM9tWwYaPwl8Ndrf6Hqqed4Lew==
  • monday-com-verification=RTIiflOQpEiCwByU2cwHWjvvaCVVwNjprLV1vSDuM-U
  • pandadoc-domain-verification=GTffXF2BZ7C9TzT2TMPfVR
  • atlassian-domain-verification=xNjY3El5LXbHIIFbfZKQaBxidFMyigI0zC9hFFF72Bqc7gEndCemG9Tmkuv2AisI
  • Dynatrace-site-verification=2c111e48-3773-4f10-bacd-ef1aac74947b__pqs79pq5uhf5sf2mm83lal92o6
  • apple-domain-verification=yGDgIeYqDyfSbtrX
  • MS=ms69937247
  • google-site-verification=i70agOHhpDybanmNYjbgvtz68pnSNAVNhCoq8sOnPDA
  • atlassian-domain-verification=iHnC7jWGpEexY0C6pniDayOYavXl51LXTWY8Qz2GS8ZA02Y7crYUu7y8Gy2WLcWK
  • google-site-verification=gIiGv288UuyOWc6MRrRJNI9ZX96wxqBbsdxIv3gAGZQ
  • globalsign-domain-verification=cce2fca7f88257f0e256f0c3ef70177f
  • globalsign-domain-verification=91E33A0C7638872C1CF950E2A564F01F
  • webexdomainverification.LS2L=3821c6b9-1edb-4162-9305-cf6fac2d2d9a
  • adobe-sign-verification=eca014782328d616b400ba2dc33ee480
  • docusign=5b38208c-1f25-41e8-a5bd-9acc7050060b
  • google-site-verification=6XsB1W-0Zx4r_yjEzo7NYJ6EbSkrsOMucak3mRPj2P4
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Microsoft 365 Salesforce Zendesk JamF Cisco DocuSign Cisco Webex

Leak Screenshot:

Leak Screenshot