Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.prival.com

Group: kraken

Discovered by ransomware.live: 2025-06-28

Estimated attack date: 2025-02-15

Country: CA

Description:

Banking · Panama http://[redacted].onion...


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • inbound-smtp.us-east-1.amazonaws.com.
  • aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • alt3.aspmx.l.google.com.
  • alt4.aspmx.l.google.com.
TXT Records
  • jXNzlRtd0pCgwEdKOERLBQ3FraHuFsgy+MV6S0Ifo0I=
  • v=spf1 ip4:186.73.192.116 ip4:136.147.62.213 ip4:136.147.62.214 ip4:136.147.62.221 ip4:136.147.62.222 ip4:186.72.81.1 ip4:52.16.49.62 ip4:64.178.213.23 ip4:64.178.213.28 ip4:52.1.255.42 include:_spf.google.com include:_spf.salesforce.com include:docebosaa" "s.com include:spf.zohomail360.com ~all
  • MS=ms97742442
  • google-site-verification=MNq60trEyttw7WKBxrLFEE3HF0Wk5fICwtV5hlQpgXM
  • google-site-verification:7j9-jcwLcbByy0Tufucrewenp40MOnVE0JbIFIj8k3A
  • globalsign-domain-verification=75FC8364AC16F3DAA1C2E482DA86EAAF
  • C2lEs8lfb2u4AUcEc8Osl5P3z3MgY38bET/uvRKXBBQ=
  • docusign=8d3b6e18-22ab-42c5-9ccc-080797c45413
  • ca3-e55e48c31ea845549a3d97b03d38184d
Cloud / SaaS Services Detected
Microsoft 365 Salesforce DocuSign

Leak Screenshot:

Leak Screenshot