Ransomfeed

CARD INFO

Dominio: weizmann.ac.il
Registrar: N/A
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:

- Acronis: [harmless] clean
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated

Motori che NON classificano il dominio come harmless:

- 0xSI_f33d: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)

Analisi DNS

- Tipo: TXT, Valore: /wbEm7FFNg5XzMK8VUdrRXKJoQ2UmdzizTRsvbIQr2CRUWRV+zwB0yPRA4vJhP9W43tOJk7dAOQixUvD2CCUdA==
- Tipo: TXT, Valore: MS=CEFEA3DFE810515592A90F8037EEDA7E0B879066
- Tipo: TXT, Valore: 66a91e32-b367-4732-802e-64078881ffd9
- Tipo: NS, Valore: ns2.weizmann.ac.il
- Tipo: A, Valore: 132.76.150.110
- Tipo: TXT, Valore: v=spf1 a mx ip4:132.76.0.0/15 ip4:192.115.47.14 include:spf.protection.outlook.com -all
- Tipo: TXT, Valore: openai-domain-verification=dv-jMiq2xO96fjhIbRiVwsq8FOc
- Tipo: NS, Valore: ns1.weizmann.ac.il
- Tipo: TXT, Valore: miWr+1F++qlxm2TI8BtJ+3VN9Eum0P3mn51dpThgdQ0mlMk3a7RWo6BFhGaiHg6yCAdXoZ5NLUjjwhFZ1rFvBw==
- Tipo: NS, Valore: ns4.weizmann.ac.il
- Tipo: TXT, Valore: google-site-verification=gvbL6ri17Aa3gBHlvlyhwYOjqBzetn2-KrtBOHGwynE
- Tipo: MX, Valore: mx07.weizmann.ac.il
- Tipo: MX, Valore: mx08.weizmann.ac.il
- Tipo: SOA, Valore: ns1.weizmann.ac.il
- Tipo: TXT, Valore: atlassian-domain-verification=e27iLMW0pHmOFuOsPk38qAY1bs+F1JJd+vBYls7kBIWd3v6KdbhjyoAvvpQqi8tf

Certificato HTTPS

- Emesso da: GEANT OV RSA CA 4
- Intestato a: www.weizmann.ac.il
- Valido dal: 2024-07-17 00:00:00
- Valido fino al: 2025-07-17 23:59:59
- Algoritmo firma: RSA
- Versione: V3
- Serial number: d0d52b41c62349552da95d8820b96314

LEAKS NOTI e MALWARE Raw data by HudsonRock
Summary
🧠 Dispositivi infetti: 2380
🌐 Utenti compromessi: 2350
🧑‍💼 Utenti aziendali compromessi: 30
🔑 Password aziendali esposte: 56
🔑 Password users esposte: 3166
🧬 Stealer family e conteggio

RedLine: 1636
Generic Stealer: 356
Lumma: 735
Raccoon: 500
Azorult: 230
StealC: 234
Vidar: 186
UNKNOWN: 78
CRYPTBOT: 18
Taurus: 10
DarkCrystal: 4
KPOT: 2

🏢 Utenze aziendali compromesse (link/conteggio)

https://xmail.weizmann.ac.il/owa/auth/logon.aspx: 20
https://mail.weizmann.ac.il/my.policy: 16
https://mail.weizmann.ac.il/owa/auth/logon.aspx: 5
https://adfs.weizmann.ac.il/adfs/ls: 4
https://adfs.weizmann.ac.il: 4
https://••••.weizmann.ac.il/••••/••/: 2
https://•••••.weizmann.ac.il: 2
https://••••.weizmann.ac.il: 2
https://••••.weizmann.ac.il/: 1
https://•••••••-•••-•••.•••••••.weizmann.ac.il/•••••••••••/•••••/•••: 1
https://••••••••••••••.weizmann.ac.il/: 1
https://••••.weizmann.ac.il/•••/••••••/•: 1
https://•••••••.weizmann.ac.il/: 1
https://•••••••.weizmann.ac.il/•••••••/••••••••/••••-•••••••: 1
https://•••••.weizmann.ac.il/: 1
https://•••••.weizmann.ac.il/••••••••••.•••: 1
https://••••••••.weizmann.ac.il/•••••/••••••_••••••••.•••: 1
https://•••.weizmann.ac.il: 1
https://••••••••.weizmann.ac.il/••••••••/•••••••••.•••: 1
https://•-•••-••••.weizmann.ac.il: 1

🔐 Utenze users compromesse

🛡️ Antivirus rilevati

Windows Defender: 9
Not Found: 14
Avast Antivirus: 1
360 Total Security: 2