coop.se
coop.se
Group: cactus
Discovered by ransomware.live: 2023-12-29
Estimated attack date: 2023-12-21
Country:
Description:
Download link #1: https://***************.onion/KONSUM/PROOF
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- coop-se.mail.protection.outlook.com.
TXT Records
- xpbyhts18bmyb8x6jyr61p78nhwg2lsm
- sh3gydd4fcw5npvg5fwx31d70npcycsg
- D1EAB5B6B8842B49D25701A16F9EC25E862304DBD54BFCD1080E55452CD112B2
- google-site-verification=MoWPuTNkxwk7Ipa1XfOBjI4RrZamJApR1mN3lgPdyrI
- xsxtp9k8nv2d80nwrx7f10gr43msy5kz
- MS=ms72588999
- 6dz6NlA+paCe0KK84nMx/7WY3dmCA3Fv4oq81mS8YIfgwXKvYcAtVRMw8/M0iWBXia+CCavBQQS36sdU0ve0Zw==
- 904xtdjyvphr4j6lwqxs8s89xnbkctpc
- 26tqn8os7jks2b3b7br08h43so
- atlassian-domain-verification=tAdHDRHcnxH7kQLCVaQ3qpNdorgpepcWj6Pqw/OWhxqYxMMjN84hH5PMkbXBTmNo
- fxrw51c3sd7h3hz70cccz21fk8y8kls6
- sipiu9bpeH/vIJvSu0nC1mUhPEpDf2COImoj5+G/Q2+n4hNZ8HAiZgDQKS1j00kErk+77CgfM9L38yVj/c8xTA==
- atlassian-sending-domain-verification=c861d5f2-00fa-413e-a5e3-58db1c17026a
- m4ylg9kfgt25khfhtwzklr01d6n1rzhg
- _emt7sq0ex3ehv43oi78bw63v4q5792r
- v=spf1 ip4:213.180.69.22 include:_s00535498.autospf.email include:spf.mailjet.com include:spf.mandrillapp.com -all
- _wrt19fxwvy9ir9mtriw69ycvsumj7fn
- msfpkey=2lzom8866kaoxjwwiiemdz1oo
- fr6rjjgmypns2qqyrl6f9jjnpjf3jng6
- google-site-verification=aHFLARJDp4XTjoFQ3IO-s_PyMsrSy3S6RIv2E4yuek4
- m0kvvvb0j4zkczn4jnw3c7f2m5794pqs
- jqcj2w63t17v8r7b6dpwm7sh9dnmd6nm
- n0gn9wlnf84fhpcfvt2dbfr9p5dfzhq9
- google-site-verification=30I65LdhX9JCj66iqfcT6gHqzyvsZ6L-rrqxyPeYHsA
- i4qm56k669lvkedj4dud3nh6sg
- dprdqk7tgk7gd3ch9t5g76n7jp412pfh
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Mandrill
Mailjet
Leak Screenshot:
