Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo aurobindousa.com

Group: abyss

Discovered by ransomware.live: 2023-11-30

Estimated attack date: 2023-11-30

Description:

Aurobindo 3,7Tb uncompressed data


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • ironport.aurobindousa.com.
  • mx1.hc6719-49.iphmx.com.
  • mx2.hc6719-49.iphmx.com.
TXT Records
  • 8v499crs200nd906y3l20jvg0h0vqk1b
  • duo_sso_verification=SeMP1wcbKmJk131hhqPQImWSWcPBOv1q6t45PhHxRNs28NGmxtKD06OOXTxn2jML
  • MS=54DD06D9DA5A0D4BD5F177776A7AEA76E3AA7A68
  • MS=ms10592372
  • _uznwerpi06pmb5xgm42103g69tifqnn
  • v=spf1 +a +mx +ip4:67.20.116.98 +ip4:74.220.203.200 +ip4:63.139.103.91 exists:%{i}.spf.hc6719-49.iphmx.com +include:spf.protection.outlook.com +include:_spf.smtp.com +include:rp.oracleemaildelivery.com -all
  • 938spBBOHG9obQkeqTiayZjVHkzztxgdyNGYsO/NyU3rGMS2Utokk1VheqrdTrx6vpXRAxHJy+bQ2YATs/9SzQ==
  • pardot403982=e60beae40bbd6c5185233a172adb328a8429becf276c54a52a1a0a8272b9070d
Cloud / SaaS Services Detected
Microsoft 365 Salesforce Cisco Duo