ema-eda.com
ema-eda.com
Group: lockbit3
Discovered by ransomware.live: 2024-05-16
Estimated attack date: 2024-05-16
Country:
Description:
445gb
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 20
Third Party Employee Credentials: 3
External Attack Surface: 1
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- emaeda-com0i.mail.protection.outlook.com.
TXT Records
- google-site-verification=kxTDU4sEPYW8nN3ZglvVZ4cUQAJ4P0nCYWuPzICreno
- v=spf1 include:spf.protection.outlook.com include:auth.msgapp.com include:spf.mandrillapp.com include:_spf.sendergen.com include:45617798.spf01.hubspotemail.net include:autotask.net ip4:34.198.193.174 ip4:104.130.67.124 ip4:52.114.128.99 ip4:34.202.174.18" "8 ip4:34.199.167.230 ip4:52.203.5.138 ip4:3.91.171.64/28 ip4:3.219.176.96/29 ip4:3.222.0.112/29 ip4:3.222.0.24/29 ip4:3.222.0.88/29 ip4:3.235.255.160/29 ip4:52.114.128.68 ip4:52.114.159.40 ip4:52.114.128.18 ip4:52.114.159.41 ip4:104.47.73.49 ip4:52.114.13" "3.7 ip4:23.253.32.145 ~all
- 1saphe9dhrnshf1mvp439lfk0s
Cloud / SaaS Services Detected
HubSpot
Mandrill
Leak Screenshot:
