Ransomfeed ransomfeed
Watermark

CTI Telemetry

CARD INFO

VirusTotal Analysis

Dominio
checkcity.com
Registrar
GoDaddy.com, LLC
Motori AV Recap
0
Malevolo
0
Sospetto
30
Non rilevato
64
Innocuo

Acronis [harmless] clean
0xSI_f33d [undetected] unrated
Abusix [harmless] clean
ADMINUSLabs [harmless] clean
Axur [undetected] unrated
Criminal IP [harmless] clean
AILabs (MONITORAPP) [harmless] clean
AlienVault [harmless] clean
alphaMountain.ai [harmless] clean
AlphaSOC [undetected] unrated
Antiy-AVL [harmless] clean
ArcSight Threat Intelligence [undetected] unrated
AutoShun [undetected] unrated
benkow.cc [harmless] clean
Bfore.Ai PreCrime [undetected] unrated
BitDefender [harmless] clean
Bkav [undetected] unrated
Blueliv [harmless] clean
Certego [harmless] clean
Chong Lua Dao [harmless] clean
CINS Army [harmless] clean
Cluster25 [undetected] unrated
CRDF [harmless] clean
CSIS Security Group [undetected] unrated
Snort IP sample list [harmless] clean
CMC Threat Intelligence [harmless] clean
Cyan [undetected] unrated
Cyble [harmless] clean
CyRadar [harmless] clean
DNS8 [harmless] clean
Dr.Web [harmless] clean
Ermes [undetected] unrated
ESET [harmless] clean
ESTsecurity [harmless] clean
EmergingThreats [harmless] clean
Emsisoft [harmless] clean
Forcepoint ThreatSeeker [harmless] clean
Fortinet [harmless] clean
G-Data [harmless] clean
GCP Abuse Intelligence [undetected] unrated
Google Safebrowsing [harmless] clean
GreenSnow [harmless] clean
Gridinsoft [undetected] unrated
Heimdal Security [harmless] clean
Hunt.io Intelligence [undetected] unrated
IPsum [harmless] clean
Juniper Networks [harmless] clean
Kaspersky [harmless] clean
Lionic [harmless] clean
Lumu [undetected] unrated
MalwarePatrol [harmless] clean
MalwareURL [undetected] unrated
Malwared [harmless] clean
Mimecast [undetected] unrated
Netcraft [undetected] unrated
OpenPhish [harmless] clean
Phishing Database [harmless] clean
PhishFort [undetected] unrated
PhishLabs [undetected] unrated
Phishtank [harmless] clean
PREBYTES [harmless] clean
PrecisionSec [undetected] unrated
Quick Heal [harmless] clean
Quttera [harmless] clean
SafeToOpen [undetected] unrated
Sansec eComscan [undetected] unrated
Scantitan [harmless] clean
SCUMWARE.org [harmless] clean
Seclookup [harmless] clean
SecureBrain [undetected] unrated
SOCRadar [harmless] clean
Sophos [harmless] clean
Spam404 [harmless] clean
StopForumSpam [harmless] clean
Sucuri SiteCheck [harmless] clean
ThreatHive [harmless] clean
Threatsourcing [harmless] clean
Trustwave [harmless] clean
Underworld [undetected] unrated
URLhaus [harmless] clean
URLQuery [undetected] unrated
Viettel Threat Intelligence [harmless] clean
VIPRE [undetected] unrated
VX Vault [harmless] clean
ViriBack [harmless] clean
Webroot [harmless] clean
Yandex Safebrowsing [harmless] clean
ZeroCERT [harmless] clean
desenmascara.me [harmless] clean
malwares.com URL checker [harmless] clean
securolytics [harmless] clean
Xcitium Verdict Cloud [undetected] unrated
zvelo [undetected] unrated
ZeroFox [undetected] unrated

0xSI_f33d undetected (unrated)
Axur undetected (unrated)
AlphaSOC undetected (unrated)
ArcSight Threat Intelligence undetected (unrated)
AutoShun undetected (unrated)
Bfore.Ai PreCrime undetected (unrated)
Bkav undetected (unrated)
Cluster25 undetected (unrated)
CSIS Security Group undetected (unrated)
Cyan undetected (unrated)
Ermes undetected (unrated)
GCP Abuse Intelligence undetected (unrated)
Gridinsoft undetected (unrated)
Hunt.io Intelligence undetected (unrated)
Lumu undetected (unrated)
MalwareURL undetected (unrated)
Mimecast undetected (unrated)
Netcraft undetected (unrated)
PhishFort undetected (unrated)
PhishLabs undetected (unrated)
PrecisionSec undetected (unrated)
SafeToOpen undetected (unrated)
Sansec eComscan undetected (unrated)
SecureBrain undetected (unrated)
Underworld undetected (unrated)
URLQuery undetected (unrated)
VIPRE undetected (unrated)
Xcitium Verdict Cloud undetected (unrated)
zvelo undetected (unrated)
ZeroFox undetected (unrated)

TXT /AI65D5+2f95mf219iJ1+TVbNIgd/+8bL/KmTxxLhiLVgsZnZjS+ywQDQpN6y19GrZp8EmyROqHkKlyt4JjGxA==
TXT brevo-code:189ddaecb20b43f11f38a4a0064acc53
SOA brodie.ns.cloudflare.com
A 18.211.166.153
NS paris.ns.cloudflare.com
A 54.243.86.28
A 34.202.203.47
NS brodie.ns.cloudflare.com
TXT google-site-verification=fVIMe12dNviUpOwnUnp-4LFvVb0qOBWTL-AcA1qQPBY
TXT globalsign-domain-verification=E4621497F472695A0359329AC591C7CC
TXT MS=ms17916119
TXT globalsign-domain-verification=D2AE42B6063A98A47707D6AEE4E883C3
MX checkcity-com.mail.protection.outlook.com
TXT v=spf1 include:spf.protection.outlook.com include:icpbounce.com include:spf.brevo.com include:spf.mandrillapp.com ip4:192.41.35.0/24 ip4:69.163.66.128/26 ip4:216.241.51.194 ip4:198.2.128.0/17 ~all
TXT logmein-verification-code=2c27438f-f456-4594-bcfb-5c1eca5a5604

Emesso da:
R11
Intestato a:
checkcity.com
Valido dal:
2025-03-15 19:18:41
Valido fino al:
2025-06-13 19:18:40

Infostealer analysis by HudsonRock

390
🧠 Dispositivi infetti
389
🌐 Utenti compromessi
1
πŸ§‘β€πŸ’Ό Dipendenti compromessi
17
πŸ”‘ Password aziendali
626
πŸ”‘ Password users

RedLine 130
Generic Stealer 100
Lumma 59
Raccoon 52
Azorult 33
Vidar 5
UNKNOWN 5
StealC 1
CRYPTBOT 1

https://adfs.checkcity.com/adfs/portal/updatepassword 6
https://members.checkcity.com/LoginLMS.aspx 4
https://lms.checkcity.com 4
http://reports.checkcity.com 3

https://members.checkcity.com/memberlogin.aspx 268
https://members.checkcity.com 99
https://members.checkcity.com/apply.aspx 97
https://members.checkcity.com/MemberLogin.aspx 60
https://members.checkcity.com/Member_Login.aspx 23
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 19
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’-β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 12
https://β€’β€’β€’.checkcity.com/ 9
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 6
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 6
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 6
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/ 5
https://β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 5
https://β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 4
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 4
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 3
https://β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 2
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’_β€’β€’β€’β€’β€’β€’β€’β€’_β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 2
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’_β€’.β€’β€’β€’β€’ 2
https://β€’β€’β€’.checkcity.com 2
https://β€’β€’β€’β€’β€’β€’β€’.checkcity.com/β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’β€’.β€’β€’β€’β€’ 1

Not Found 1