Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo wuppermann.com

Group: lockbit3

Discovered by ransomware.live: 2023-05-11

Estimated attack date: 2023-05-11

Description:

Produces hot-dip galvanized tubes and profiles with particularly high corrosion protection, especially for applications in the photovoltaic, construction and automotive industries.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse ascio.com
MX Records
  • mailrelay.wuppermann.com.
  • de-smtp-inbound-2.mimecast.com.
  • de-smtp-inbound-1.mimecast.com.
TXT Records
  • 0ed1fe018a4409dfce310740de917f3edafebc36d1
  • MS=055E80AC968D9DDC3BA92323C11E1A4912107283
  • cisco-ci-domain-verification=14cfd7b27fe18b3449cd31d3879b18af0aa322b977a311c8fed264dabb124245
  • v=spf1 ip4:80.121.206.64/27 a:mgw-01.sagedpw.at a:mgw-02.sagedpw.at a:b.spf.service-now.com a:c.spf.service-now.com a:d.spf.service-now.com include:de._netblocks.mimecast.com include:spf.protection.outlook.com -all
  • cmormvchr3vfs3kvhc6v4rjv0s
  • apple-domain-verification=JbC4x1RRxjfybxc4
  • MS=ms18365771
  • OSIAGENTREGURL=https://mdm.wuppermann.com/MobileEnrollment/Symc-iosenroll.aspx
  • android-mdm-enroll=https://mdm.wuppermann.com/MobileEnrollment/Symc-androidenroll.aspx
  • c8t26ejpt8llhekr8lthem43it
Cloud / SaaS Services Detected
Apple Microsoft 365 Cisco Mimecast ServiceNow

Leak Screenshot:

Leak Screenshot