Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo dilweg.com

Group: Blackbasta

Discovered by ransomware.live: 2024-02-22

Estimated attack date: 2024-02-08

Country: US

Description:

At Dilweg, consistent refinement of our practices has created unparalleled results. Today, our adaptable strategy and exceptional service are defining the future of real estate investment. Read below to discover what we are made of. To adapt to the contemporary economy, we have deliberately focused our recent efforts on acquiring properties in the Dallas, Atlanta, Tampa, Charlotte, and Raleigh-Durham metropolitan areas. By centering on middle-market assets, we’ve developed lucrative opportunities for purposeful investors throughout the Southeast. Services: asset enhancement, property management, construction management, brokerage & leasing, tax & accounting, marketing & communications, capital markets and investor relations.SITE: www.dilweg.com Address : Corporate Office 5310 South Alston Avenue, Suite 210 Durham, NC 27713 PHONE: (919) 402-9100ALL DATA SIZE: ~DW:453gbgb 1. Financial data 2. Scans 3. Accountings, QBooks 4. Personal users files, documents 5. Onedrive Data and etc…


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx2-us1.ppe-hosted.com.
  • mx1-us1.ppe-hosted.com.
TXT Records
  • v=verifydomain MS=3426592
  • ppe-e9c674441e8c2b13c3c105aac619472c2e44f920
  • v=spf1 include:spf.protection.outlook.com include:spf.constantcontact.com include:asp-spf1.yardi.com include:asp-spf2.yardi.com ip4:207.58.147.64/28 ip4:216.22.15.224/27 ip4:43.228.184.0/22 ip4:103.47.204.0/22 ip4:103.2.140.0/22 ip4:203.31.36.0/22 ip4:198" ".74.56.28 include:mailgun.org v=spf1 a:dispatch-us.ppe-hosted.com -all
Cloud / SaaS Services Detected
Microsoft 365 Mailgun Proofpoint Essentials

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.