Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo regulatormarine.com

Group: cactus

Discovered by ransomware.live: 2024-04-15

Estimated attack date: 2024-03-19

Country: US

Description:

Download link #1:  https://***************.onion/BOATS/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/BOATS/PROOF/DATA DESCRIPTIONS: Thousands of engineering documents and drawings, administrative docs, corporate correspondence, employees and executive managers personal data, Personal Identifying information, database backups\exports, etc 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx2-us1.ppe-hosted.com.
  • mx1-us1.ppe-hosted.com.
TXT Records
  • v44qmvkirh666ijqq7ot741rof
  • v=spf1 a:dispatch-us.ppe-hosted.com include:mailgun.org include:spf.protection.outlook.com ~all
  • 55p78m451u89lvc9tqnui5fudd
  • ouaisikfp3m3nidd991sm8ugs4
  • regulatormarine.azurewebsites.net
Cloud / SaaS Services Detected
Mailgun Proofpoint Essentials

Leak Screenshot:

Leak Screenshot