Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Genesis
Discovered 2026-01-18 23:52 UTC
Est. attack date 2026-01-18
Country US

Description:

A flooring software provider.

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafetysupport.aws.com
  • 6f309f380027d317f1f77c884eb93c7bc997e6eaaddf88d06b454e75961c2285qfloors.com.whoisproxy.org
  • 6f309f380027d317f1f77c884eb93c7b7dc62bc14abb48ca3ecba8652a0b0f99qfloors.com.whoisproxy.org
  • 6f309f380027d317f1f77c884eb93c7b8d964ac64935a23e01d30b3853c0aae3qfloors.com.whoisproxy.org
  • 6f309f380027d317f1f77c884eb93c7b2d7a972c9ddbfaccc8d056f63f0ed992qfloors.com.whoisproxy.org
MX Records
  • exchanger.qfloors.com.
TXT Records
  • include:amazonses.com include:transmail.net ~all\
  • k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCr6KMgdxxgg7oT3ulMwPJs9RXgXDrI9UWU118pHEMohl3UbL3Jwp4oxp/9N3thh/3WCJnYV134zbEVolZwqaT3JsFEq/mQ/RpW/JnOZ3rnxqJPurb2bcfJol4SDxiWVObzHX31xnANzFcXnq1/5dMK5QvW4Jh7n0fm4+4ywqiy2QIDAQAB
  • \"v=spf1 include:relay.qfloors.com
Cloud / SaaS Services Detected
Amazon SES/WorkMail

Leak Screenshot:

Leak Screenshot