Ransomfeed ransomfeed
Watermark

CTI Telemetry

CARD INFO

VirusTotal Analysis

Dominio
nch.com
Registrar
Network Solutions, LLC
Motori AV Recap
0
Malevolo
0
Sospetto
34
Non rilevato
60
Innocuo

Acronis [harmless] clean
0xSI_f33d [undetected] unrated
Abusix [harmless] clean
ADMINUSLabs [harmless] clean
Axur [undetected] unrated
ChainPatrol [undetected] unrated
Criminal IP [harmless] clean
AILabs (MONITORAPP) [harmless] clean
AlienVault [harmless] clean
alphaMountain.ai [harmless] clean
AlphaSOC [undetected] unrated
Antiy-AVL [harmless] clean
ArcSight Threat Intelligence [undetected] unrated
AutoShun [undetected] unrated
benkow.cc [harmless] clean
Bfore.Ai PreCrime [undetected] unrated
BitDefender [harmless] clean
Bkav [undetected] unrated
Blueliv [harmless] clean
Certego [harmless] clean
Chong Lua Dao [undetected] unrated
CINS Army [harmless] clean
Cluster25 [undetected] unrated
CRDF [harmless] clean
CSIS Security Group [undetected] unrated
Snort IP sample list [undetected] unrated
CMC Threat Intelligence [harmless] clean
Cyan [undetected] unrated
Cyble [harmless] clean
CyRadar [harmless] clean
DNS8 [harmless] clean
Dr.Web [harmless] clean
Ermes [undetected] unrated
ESET [harmless] clean
ESTsecurity [harmless] clean
EmergingThreats [harmless] clean
Emsisoft [harmless] clean
Forcepoint ThreatSeeker [harmless] clean
Fortinet [harmless] clean
G-Data [harmless] clean
GCP Abuse Intelligence [undetected] unrated
Google Safebrowsing [harmless] clean
GreenSnow [harmless] clean
GreyNoise [undetected] unrated
Gridinsoft [undetected] unrated
Guardpot [undetected] unrated
Heimdal Security [harmless] clean
Hunt.io Intelligence [undetected] unrated
IPsum [harmless] clean
Juniper Networks [harmless] clean
Kaspersky [harmless] clean
Lionic [harmless] clean
Lumu [undetected] unrated
MalwarePatrol [harmless] clean
MalwareURL [undetected] unrated
Malwared [harmless] clean
Mimecast [undetected] unrated
Netcraft [undetected] unrated
OpenPhish [harmless] clean
Phishing Database [harmless] clean
PhishFort [undetected] unrated
PhishLabs [undetected] unrated
Phishtank [harmless] clean
PREBYTES [harmless] clean
PrecisionSec [undetected] unrated
Quick Heal [harmless] clean
Quttera [harmless] clean
SafeToOpen [undetected] unrated
Sansec eComscan [undetected] unrated
Scantitan [harmless] clean
SCUMWARE.org [harmless] clean
Seclookup [harmless] clean
SecureBrain [undetected] unrated
SOCRadar [undetected] unrated
Sophos [harmless] clean
Spam404 [harmless] clean
StopForumSpam [harmless] clean
Sucuri SiteCheck [harmless] clean
ThreatHive [harmless] clean
Trustwave [harmless] clean
URLhaus [harmless] clean
URLQuery [undetected] unrated
Viettel Threat Intelligence [harmless] clean
VIPRE [undetected] unrated
VX Vault [harmless] clean
ViriBack [harmless] clean
Webroot [harmless] clean
Yandex Safebrowsing [harmless] clean
ZeroCERT [harmless] clean
desenmascara.me [harmless] clean
malwares.com URL checker [harmless] clean
securolytics [harmless] clean
Xcitium Verdict Cloud [undetected] unrated
ZeroFox [undetected] unrated

0xSI_f33d undetected (unrated)
Axur undetected (unrated)
ChainPatrol undetected (unrated)
AlphaSOC undetected (unrated)
ArcSight Threat Intelligence undetected (unrated)
AutoShun undetected (unrated)
Bfore.Ai PreCrime undetected (unrated)
Bkav undetected (unrated)
Chong Lua Dao undetected (unrated)
Cluster25 undetected (unrated)
CSIS Security Group undetected (unrated)
Snort IP sample list undetected (unrated)
Cyan undetected (unrated)
Ermes undetected (unrated)
GCP Abuse Intelligence undetected (unrated)
GreyNoise undetected (unrated)
Gridinsoft undetected (unrated)
Guardpot undetected (unrated)
Hunt.io Intelligence undetected (unrated)
Lumu undetected (unrated)
MalwareURL undetected (unrated)
Mimecast undetected (unrated)
Netcraft undetected (unrated)
PhishFort undetected (unrated)
PhishLabs undetected (unrated)
PrecisionSec undetected (unrated)
SafeToOpen undetected (unrated)
Sansec eComscan undetected (unrated)
SecureBrain undetected (unrated)
SOCRadar undetected (unrated)
URLQuery undetected (unrated)
VIPRE undetected (unrated)
Xcitium Verdict Cloud undetected (unrated)
ZeroFox undetected (unrated)

TXT ryj3mtcbx1lbgc9jy8tkc2j51k2qxd1g
TXT MS=ms67842292
TXT Sendinblue-code:403b1e68a4a53d3f49f038a882cf2ede
MX mailscan01.nch.com
TXT SFMC-K20idK-k89hDVvevsccUqS7iS_Ta2hMS5gjynFP_
A 176.74.17.206
TXT MS=D24B84391CF0CC1E5CDEE3507D4CDFEAD3B70748
TXT MS=ms62811781
NS ns.nch.com
SOA ns.nch.com
MX mxa-0004a701.gslb.pphosted.com
NS ns1.nch.com
TXT v=spf1 mx a ip4:52.200.252.231 ip4:52.21.224.229 ip4:52.6.190.122 ip4:209.126.68.111 include:spf.sendinblue.com include:notifications.issuetrak.com include:_spf.salesforce.com include:spf.protection.outlook.com include:spf-0004a701.pphosted.com ~all
TXT 28yhw327shn65y4mzgs8z5gmb06lkr6z
MX mxb-0004a701.gslb.pphosted.com
TXT apple-domain-verification=JuMWJCOEOaCszMS6
TXT cisco-ci-domain-verification=5a9975d215ae66a0501ac36406f14785d12cdf8a072428c99778ea26efd4f19c
TXT 0zWfIJi8bkRO/NoOJlZomjMXu4btcekEiIKL8qFeVe6mxRaa+NjdPtxVN9bXBHvYn/QlH7QomLKpunNhYqQ97g==
TXT GZyIdL0dZ2tBRgp0i0JGRHz1gfHAiLoDewQJz8xyFR8lySOZiBLGZIVV0UREqmWc2CteAuFEYHtME0qMtrQrxw==
TXT _5f27ds6y3tq9fqf437sx7mlragxdbyb
NS ns2.nch.com

Emesso da:
E7
Intestato a:
www.nch.com
Valido dal:
2026-01-16 23:14:55
Valido fino al:
2026-04-16 23:14:54

Infostealer analysis by HudsonRock

88
🧠 Dispositivi infetti
26
🌐 Utenti compromessi
62
πŸ§‘β€πŸ’Ό Dipendenti compromessi
218
πŸ”‘ Password aziendali
127
πŸ”‘ Password users

Vidar 5
Raccoon 10
UNKNOWN 4
Generic Stealer 27
RedLine 25
Lumma 13
StealC 1
Azorult 1

https://apm.nch.com/my.policy 28
https://owa.nch.com/owa/auth/logon.aspx 24
https://owa2.nch.com/owa/auth/logon.aspx 23
https://ukowa.nch.com/owa/auth/logon.aspx 19
https://adfs.nch.com/adfs/ls/idpinitiatedsignon.aspx 12
https://***.nch.com 12
https://**************.nch.com 9
https://***.nch.com/*******/*****.**** 9
https://*******.nch.com/*****/***** 8
https://**********.nch.com/*****/***** 8
https://***.nch.com 8
https://**************.nch.com/ 6
https://******.nch.com/**.****** 6
https://********.nch.com/*******/**************.*** 6
https://***.nch.com/*******/*****.**** 5
https://***.**.nch.com/****/******/***** 5
https://*****.nch.com/***/****/*****.**** 4
https://*****.nch.com/***/****************/********.**** 4
https://****.nch.com/****/** 3
https://****.nch.com/****/**/ 2
https://****.nch.com 2
https://*****.nch.com/***/****************/********.**** 2
https://***********.******.nch.com 2
https://********.nch.com 2
https://**************.nch.com 2
https://****.nch.com 2
https://***.nch.com/ 1
https://***.nch.com 1
https://*******.nch.com 1
https://***.nch.com/***/****.*** 1
https://****.nch.com/***/****.*** 1
https://************.nch.com 1
https://****.nch.com/***/****************/********.**** 1
https://*****.nch.com/***/****.*** 1
https://***.nch.com/******/********* 1

https://ebsnprod.nch.com/OA_HTML/AppsLocalLogin.jsp 13
https://live.nch.com/login.aspx 10
https://changepassword.nch.com/ 9
https://ebseprd.nch.com/oa_html/oa.jsp 9
https://apm.nch.com/my.policy 9
https://*********.nch.com/***/********.*** 7
https://********.nch.com/*******/**************.*** 7
https://*******.nch.com/*******/**.*** 5
https://*******.nch.com/***/********.*** 4
https://*******.nch.com/*******/**.*** 4
https://*******.nch.com/*****/***********.** 4
https://***.nch.com 4
https://*****.nch.com/*****.**** 4
https://**************.nch.com/*****.**** 4
https://************.nch.com/************/************.**** 4
https://********.nch.com/*******/**************.*** 3
https://****.nch.com 3
https://*******.nch.com/*******/**.*** 2
https://*******.nch.com 2
http://************.nch.com/************/************.**** 2
https://********.nch.com/*****.**** 2
https://***.nch.com/******/*****/*****.*** 2
https://*****.nch.com 2
https://***********.******.nch.com 2
https://**********.nch.com/*****/*******/*********** 2
https://*******.nch.com/*****/*******/*********** 2
https://*******.nch.com 2
https://*******.nch.com/*******/********.****************************************************************************** 1
https://********.nch.com/*******/********.**************************************************************************** 1
https://***********.nch.com/*****.**** 1
https://**************.nch.com/**************** 1
https://****.nch.com/*******/**************.*** 1
https://*****.nch.com 1
https://*******.nch.com 1
https://**************.nch.com 1
https://*******.nch.com/*******/**************.*** 1

Not Found 14
Kaspersky Security Cloud 2
360 Total Security 1
ESET Firewall 1
ESET Security 1
Windows Defender 17