Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo mcalvain.com

Group: cactus

Discovered by ransomware.live: 2024-04-04

Estimated attack date: 2024-02-27

Country: US

Description:

Download link #1:  https://***************.onion/MCO/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/MCO/PROOF/DATA DESCRIPTIONS: Сonfidential personal identification data, private information, financial data, construction projects, agreements, drawings, corporate correspondence, accounting, operational data, top managers and key employees' personal folders and much more. 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mcalvain-com.mail.protection.outlook.com.
TXT Records
  • pandadoc-domain-verification=bQjcCminrSTi2Q5DpJtqU4
  • iqf7j44enfiqtktlpfuenjt5sk
  • figma-domain-verification=9ff5194a2cb02c3a038e75725995576c43b8902fdfe3eedf70fed502e21277b0-1752699226
  • v=spf1 include:spf.protection.outlook.com include:spf.US.exclaimer.net include:spf.turbo-smtp.com ~all
  • MS=ms86854257
  • lucid-verification=per6ecq!qkr-PNR6htd?
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot