Conti Ransomware Gang’s Web Properties Domain Reconnaissance – An OSINT Analysis

The following is a set of domain name reconnaissance for Conti Ransomware Gang’s related web properties.

Sample domains:

hxxp://aes[.]one – Kirill Borzov – Email: borzoff_k[.]grr[.]la; 89531976767@mail[.]ru

Sample URL: hxxp:/aes[.]one/files/d/e0t/1u4lg8iu6deal10c4k13lei1q7/94290198d07d9e0e/

Related domains:hxxp:/ запчасти71[.]рус – Email: 89531976767[.]mail[.]ru
hxxp:/continews[.]click – 89[.]45[.]4[.]98; 86[.]106[.]20[.]166; 146[.]70[.]71[.]184

Related Conti domains known to have been parked on the same IP (89[.]45[.]4[.]98):
hxxp:/continews[.]club
hxxp:/continews[.]xyz
hxxp:/contirecovery[.]click
hxxp:/contirecovery[.]best – 185[.]14[.]30[.]76

Related Conti domains known to have been parked on the same IP (185[.]14[.]30[.]76):
hxxp:/contirecovery[.]top
hxxp:/contirecovery[.]icu

Related Conti domains known to have been parked on the same IP (185[.]14[.]30[.]76):
hxxp://bet4rate[.]com – Anton Petrov – Email: a[.]lexboesky@gmail[.]com

Related domains known to have been registered using a[.]lexboesky@gmail[.]com include:
hxxp:/bet4rate[.]fr
hxxp:/bet4forum[.]com
hxxp:/nbaforecast[.]com
hxxp:/mlbforecasts[.]com
hxxp:/forecastpackage[.]com
hxxp:/betforrate[.]com
hxxp:/betspackage[.]com
hxxp:/analytics4sport[.]net
hxxp:/analytics4sport[.]org
hxxp:/sport4[.]us
hxxp:/4sport[.]us
hxxp:/bet4rate[.]com
hxxp:/center4sportanalytics[.]com
hxxp:/sport4analysis[.]com

Working spreadsheet:
hxxp:/docs[.]google[.]com/spreadsheets/d/1pI71arcyNDmcCZPfGFDFc0o9GJlrcJOycBWZEyrfjlA/edit

Working Google Drive account:
https://drive[.]usercontent[.]google[.]com/download?id=1TzaiXSmdZpSUvm_quI4DjiedpxAQ05mo

Related domains:
hxxp:/dropfiles[.]me – hxxp:/xchange[.]cash

Leave a Reply

Your email address will not be published. Required fields are marked *

Unit-123.org E-shop Owner Information

Who is Dancho Danchev?

Unit-123.org

Focused on delivering daily batches of personally-produced never-ending supply of high-quality and never-published and released before classified and sensitive Intelligence Deliverables.

Latest Products