Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Saglobal.com

Group: redransomware

Discovered by ransomware.live: 2024-03-28

Estimated attack date: 2024-03-05

Country: BE

Description:

sa.global is the leading Microsoft global implementation partner for project-based cloud ERP solutions that leverage the Microsoft Cloud

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 5

Third Party Employee Credentials: 6

External Attack Surface: 10


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • saglobal-com.mail.protection.outlook.com.
TXT Records
  • google-site-verification=mljLk2j_rVPik-9x4dAz51pBb_fYe-L6Msl2MOQAs_k
  • atlassian-domain-verification=TvJNah6diaA0nfio+Y0BD0q90JdygcMG6FzfHKFFME+v6AHVocCLqkvkgvumm6QP
  • d365mktkey=4ojy2fetlmp7optjk8dr5g3et
  • msfpkey=38qj4tskm3e62rmco9cicg1dr
  • v=spf1 mx include:auth.msgapp.com ip4:13.67.179.189 ip4:79.175.105.50 include:spf.protection.outlook.com include:exponential-e.net -all
  • v=verifydomain MS=6018761
  • v=verifydomain MS=6485077
  • d365mktkey=7zezyxzdtt0sy446GDohxx4nyysEatOzjuWR5Fytr20x
  • d365mktkey=fOkINMEWztV5PwxIsES7jJReMxOw6D5aA9pU4Sziesox
Cloud / SaaS Services Detected
Atlassian