Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo remkes.nl

Group: cactus

Discovered by ransomware.live: 2024-02-23

Estimated attack date: 2024-01-29

Country: NL

Description:

Download link #1: https://***************.onion/REMKESBV/PROOFMirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/REMKESBV/PROOF 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • remkes-nl.mail.protection.outlook.com.
TXT Records
  • MS=ms64878828
  • v=spf1 a ip4:5.172.44.140 ip4:172.217.197.26 ip4:192.254.119.131 ip4:178.132.214.142 ip4:84.241.182.106 ip6:2001:1690:2:416::167 include:spf.protection.outlook.com include:spf.exclaimer.net include:sendgrid.net include:smtp.hroffice.eu include:_spf.salesf" "orce.com a:email.nmbrsapp.com ~all
  • bHosted.nl - http://www.bhosted.nl
Cloud / SaaS Services Detected
Microsoft 365 SendGrid

Leak Screenshot:

Leak Screenshot