Ransomfeed ransomfeed
Watermark

CTI Telemetry

CARD INFO

VirusTotal Analysis

Dominio
workforcesoftware.com
Registrar
Network Solutions, LLC
Motori AV Recap
0
Malevolo
0
Sospetto
29
Non rilevato
63
Innocuo

Acronis [harmless] clean
0xSI_f33d [undetected] unrated
Abusix [harmless] clean
ADMINUSLabs [harmless] clean
Axur [undetected] unrated
ChainPatrol [undetected] unrated
Criminal IP [harmless] clean
AILabs (MONITORAPP) [harmless] clean
AlienVault [harmless] clean
alphaMountain.ai [harmless] clean
AlphaSOC [undetected] unrated
Antiy-AVL [harmless] clean
ArcSight Threat Intelligence [undetected] unrated
AutoShun [undetected] unrated
benkow.cc [harmless] clean
Bfore.Ai PreCrime [undetected] unrated
BitDefender [harmless] clean
Bkav [undetected] unrated
Blueliv [harmless] clean
Certego [harmless] clean
Chong Lua Dao [harmless] clean
CINS Army [harmless] clean
Cluster25 [undetected] unrated
CRDF [harmless] clean
CSIS Security Group [undetected] unrated
Snort IP sample list [harmless] clean
CMC Threat Intelligence [harmless] clean
Cyan [undetected] unrated
Cyble [harmless] clean
CyRadar [harmless] clean
DNS8 [harmless] clean
Dr.Web [harmless] clean
Ermes [undetected] unrated
ESET [harmless] clean
ESTsecurity [harmless] clean
EmergingThreats [harmless] clean
Emsisoft [harmless] clean
Forcepoint ThreatSeeker [harmless] clean
Fortinet [harmless] clean
G-Data [harmless] clean
GCP Abuse Intelligence [undetected] unrated
Google Safebrowsing [harmless] clean
GreenSnow [harmless] clean
Gridinsoft [undetected] unrated
Heimdal Security [harmless] clean
Hunt.io Intelligence [undetected] unrated
IPsum [harmless] clean
Juniper Networks [harmless] clean
Kaspersky [harmless] clean
Lionic [harmless] clean
Lumu [undetected] unrated
MalwarePatrol [harmless] clean
MalwareURL [undetected] unrated
Malwared [harmless] clean
Mimecast [undetected] unrated
Netcraft [undetected] unrated
OpenPhish [harmless] clean
Phishing Database [harmless] clean
PhishFort [undetected] unrated
PhishLabs [undetected] unrated
Phishtank [harmless] clean
PREBYTES [harmless] clean
PrecisionSec [undetected] unrated
Quick Heal [harmless] clean
Quttera [harmless] clean
SafeToOpen [undetected] unrated
Sansec eComscan [undetected] unrated
Scantitan [harmless] clean
SCUMWARE.org [harmless] clean
Seclookup [harmless] clean
SecureBrain [undetected] unrated
SOCRadar [undetected] unrated
Sophos [harmless] clean
Spam404 [harmless] clean
StopForumSpam [harmless] clean
Sucuri SiteCheck [harmless] clean
ThreatHive [harmless] clean
Trustwave [harmless] clean
URLhaus [harmless] clean
URLQuery [undetected] unrated
Viettel Threat Intelligence [harmless] clean
VIPRE [undetected] unrated
VX Vault [harmless] clean
ViriBack [harmless] clean
Webroot [harmless] clean
Yandex Safebrowsing [harmless] clean
ZeroCERT [harmless] clean
desenmascara.me [harmless] clean
malwares.com URL checker [harmless] clean
securolytics [harmless] clean
Xcitium Verdict Cloud [harmless] clean
ZeroFox [undetected] unrated

0xSI_f33d undetected (unrated)
Axur undetected (unrated)
ChainPatrol undetected (unrated)
AlphaSOC undetected (unrated)
ArcSight Threat Intelligence undetected (unrated)
AutoShun undetected (unrated)
Bfore.Ai PreCrime undetected (unrated)
Bkav undetected (unrated)
Cluster25 undetected (unrated)
CSIS Security Group undetected (unrated)
Cyan undetected (unrated)
Ermes undetected (unrated)
GCP Abuse Intelligence undetected (unrated)
Gridinsoft undetected (unrated)
Hunt.io Intelligence undetected (unrated)
Lumu undetected (unrated)
MalwareURL undetected (unrated)
Mimecast undetected (unrated)
Netcraft undetected (unrated)
PhishFort undetected (unrated)
PhishLabs undetected (unrated)
PrecisionSec undetected (unrated)
SafeToOpen undetected (unrated)
Sansec eComscan undetected (unrated)
SecureBrain undetected (unrated)
SOCRadar undetected (unrated)
URLQuery undetected (unrated)
VIPRE undetected (unrated)
ZeroFox undetected (unrated)

TXT status-page-domain-verification=kvpj13kf0vgl
TXT atlassian-sending-domain-verification=1796a254-c089-4225-a217-53608e7660cd
TXT google-site-verification=RuNMrV_ys8ws_KMZBLc8TjVBywHNKMn00Kue4zyLDUU
TXT vXPcqDYGZV0pJGQuB3RMBJmpKrO8w9MSdvRzdzYNRMfRPweQ2iUptM8UUvp2YuS57x8rnFf0jbX6h7KRc4SwFQ==
TXT PD3Xm3yiJmrG/vaPUkzA7Gh0JWiCliiXLLenUIsuEdGQT+TMa0uoyaSCrRJwjT71AIjsFhU4s3grGgFDD3VABw==
NS ns4.workforcesoftware.com
TXT status-page-domain-verification=v2hv5n4w8ybk
A 141.193.213.21
TXT atlassian-domain-verification=ANiLig3RBrl7g2pUxFNLUeMYagL9whdXruCpz2LQW7yTbrQmHD1nhwNAltzprnq4
NS ns2.workforcesoftware.com
TXT miro-verification=64dc31688e02326525402fc3b986e77752e0a3d6
NS ns3.workforcesoftware.com
TXT 6d52a947-c627-4438-8a00-db3bd4fd1b61
TXT docusign=b35bec67-37b4-4c08-a9e8-4b24c4a14f61
NS ns0.workforcesoftware.com
TXT 91eao1e04nilsgbdglpn3l7v0g.
TXT bw=6eccwH8crBXkU59dUk0rs0JviSwYPSwCgZD1o8A2bDRJ
TXT ca3-cfd047edc7174f5297c0a82dd277e4ed
TXT pardot_213062_*=0d63131e6c99450aac0c04911d6b297697a09cfbfb2f6ab050f1abdb4d87e80d
TXT logmein-verification-code=33397018-3b42-4b09-b43f-3032f1078fc3
TXT google-site-verification=H3PGgMk99iphmqTxFnIBjanCyTur_CxYY1THLpvGAM0
TXT miro-verification=b71272618995b93a5d7e94a084288b3870a5945d
TXT google-site-verification=2W-l9MnLJrc12JSzL2rQCBEG9Hv6gyRdPM5amnwOOSY
TXT v=spf1 ip4:62.32.112.160/27 ip4:129.146.91.38 ip4:110.175.9.230 ip4:74.122.248.0/21 ip4:77.107.114.86 include:docebosaas.com include:stspg-customer.com include:spf.protection.outlook.com Include:et_spf.pardot.com Include:_spf.salesforce.com include:relay
TXT 9l8VUUgHmz8Lo/ofeR++qTghAUdTjem7cBL9SNsRF+nSfczozYPygZxGmTYal6ZuF8gRw26wxDNMSpEZzMWFkw==
MX workforcesoftware-com.mail.protection.outlook.com
TXT google-site-verification=PxIYUIEoWed2qZ7SifyK0wvg8sQC56ZAwqbN51EIjNk
TXT onetrust-domain-verification=4852ca1587b649b886a44cfe2aa0ad4b
TXT Dynatrace-site-verification=e5a9cfc6-5e80-4a78-bd53-5f293d1b314e__nbhg6mekoggfc63fv82oogj2g1
TXT ipg3vfsqgt0hteud51cikt2efm
TXT apple-domain-verification=6opfhY6oar2qe1OO
TXT slack-domain-verification=ruDb0ZXofNddSi5quXvxf3bUOWk8GR7IcuYRJy7H
A 141.193.213.20
SOA ns10.digicertdns.com
NS ns1.workforcesoftware.com

Emesso da:
WE1
Intestato a:
workforcesoftware.com
Valido dal:
2026-01-09 14:49:58
Valido fino al:
2026-04-09 15:49:52

Infostealer analysis by HudsonRock

24
🧠 Dispositivi infetti
23
🌐 Utenti compromessi
1
πŸ§‘β€πŸ’Ό Dipendenti compromessi
0
πŸ”‘ Password aziendali
26
πŸ”‘ Password users

Lumma 13
RedLine 10
Raccoon 4
Azorult 4
Vidar 4
Generic Stealer 2
UNKNOWN 2

https://fs.workforcesoftware.com 1

https://careers.workforcesoftware.com/talentcommunity/login 9
https://careers.workforcesoftware.com/talentcommunity/apply/401865000 6
https://partners.workforcesoftware.com/English/recover_password.aspx 3
https://careers.workforcesoftware.com/talentcommunity/apply/379356700/ 1
https://careers.workforcesoftware.com/talentcommunity/apply/474202500/ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’/ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’/ 1
https://β€’β€’.workforcesoftware.com/ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’ 1
https://β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’ 1
https://β€’β€’β€’β€’β€’β€’β€’.workforcesoftware.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’ 1

Windows Defender 1