---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension b13gd23qbj.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/64F9D9A943E5E574
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/64F9D9A943E5E574
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
nAOnBeRVb6wZfE+UfzMMEoXY6Vbcw8azoipfQ02zmGLkSkJrH8eokWUuU5jWXRtX
EqZ4xxFR+SYsS0CRMDUCQlch+AP1sklMGktwDeAeE/VM4J9hgxEOwjqMaYsULG67
6/EbHirjPxjSlMlwdFSWYgJFt0ClvZx/cjIZXvBeAMMUSocvPR+ikJXrTHqrbFLQ
43HgCg9HP8ygBmyH49d+oexdMLpuil0KMtuhh6xVASjdOOd8/76t5Xhm2dArhqda
S/T/hwOjbW3/OUqK/j2tOPZf/nR9kOjMiu1Tg8JDdaGbpfne9GN8eObXnluyQZSG
kBdCB57XyRtZZ7kJw9AeVJ/DC84nHSdrSIcXxXa/rybWl4LJQnnJbaJYRZl0ExTk
R/uh+tJryTllZWxW2n/spkU3hcpIvzwAWYEeEavoZJ4OclPqcSHPrRm7sjAdmpjn
+RsJYhGkcvq8PsppYLPedcCrLGc0HE8AXw43wcg8dwpdljg6+4zk6qZHsodrJ+Dt
AiMMsD5j0xblkDC4rx7Uc0Maih1N2ukrk1RW/Eo8BmHE/uFoQzJHZEyRb+zkJljR
cd6Tl2HpNs7q2zWwSq52au9cEE8hinAL7mxq1AgsFR9m6zv7+3g8JjrYNKIXMbOk
F7OCh29Xjy9Fk1JdQRZ47HDsJoQwx6Y6Z70zlaQTZywZpy8Ab07e6Rw2z9WUhQbk
Kdd98tw6LwKsh44hD9fiAjAVefQ0zLQEBo8ZpwPWN+/yzR899e14tYrB2ys+8p6F
ZIt1Pfjq/+C8K4zOH2fckYt4Tt3+Efln89r74jnlnhk1jjAK6xGBzzLWRvnSn/nx
/GFMzSsE2mtyb8wFOjEO7vsjCQw28i/njO1iEMRQUp8/Wde7VUYxn13TpkQJoFGU
jFXLYUrpI4BjayejQEIo9n6MJBJanI/uI4UnpZV0Lh/SX1BFBfWOkpjqi2wMsnoX
qGmLmRfJ0h+1UCMVcxvtcXobP90LagaQIHKkBhLOx7BDwD+6ER7XFKzW1gMbYtI4
VUO+k1j02XEpiESEJkvRoL/O/fKeb7TFRv6w06l1HfPhKsrHUppDCjlDDOc5mKwv
aPXbVtDqjrIcPMNhLZI1GZjBmPzXS5i3FJU0gh7Xb4ogiBFw3OOw8YwGNycmE+xX
qE40WcOdFDD4Vg/Ey/IRFMuLRrl8ztBhevWHkNaafTAsrRjtdm0OeGX9HknP1UGO
zaw5y372C1w66EOKSuyQdaKLw5gfGgydNNzproTuu4UczeSyd9Sy5kRuC5N97Njd
wZnkORegH9T+a7UuvnFmqubGd4D24hzV
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
5340
svc
svc$
MSExchange
WSBExchange
vss
backup
VeeamNFSSvc
MSExchange$
BackupExecAgentAccelerator
MVArmor
AcrSch2Svc
BackupExecVSSProvider
BackupExecJobEngine
BackupExecAgentBrowser
ARSM
sophos
BackupExecRPCService
VeeamDeploymentService
CASAD2DWebSvc
PDVFSService
bedbg
stc_raw_agent
CAARCUpdateSvc
BackupExecManagementService
BackupExecDiveciMediaService
mepocs
AcronisAgent
veeam
VeeamTransportSvc
VSNAPVSS
memtas
MSSQL$
MSSQL
sql
MVarmor64
Signatures
Sodin,Sodinokibi,REvil
Ransomware with advanced anti-analysis and privilege escalation functionality.
