All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
Q
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
7680
svc
svc$
memtas
sophos
sql
backup
vss
veeam
mepocs
Extracted
Path
C:\70n8t7z9-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 70n8t7z9
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/E8B237AE04C6E956
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/E8B237AE04C6E956
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
R79H16Ob7PsIVGfjii0OpIWjN/PtogK9xox0OHJP1zILLQFZF4q5umnub7EW7tp9
t8qBbp8rcAg7U2Z+3t7b6NbuZSZEN3aPZoEzMTApCP9KKyAXmtv/psmLeca5CngP
IkkGzid9HEtt51SAnIYzxeaZqgV9gEJ9oALw6PzN/vS4Wws+P6TJrybVi+3ohzdT
qNpNfYEazEbgXFej4415iEaZsPksy9SZ/r8XJUX8OOtV8eIUplC1w6cFryZkVbpW
6Im8Rvqo5YbmosZWLD3LtgwNMEMWq0kiy8fOJPle4X6pvNyEy/6HwAWnZ38S9D+N
b2AZbog0mT7+YhzzDIAEPlFRscjCbZJJJwqlrt0hlFJjcJNNusEsZkKsuALPk3pV
s5Dd7upABWGW3S4etbN17MjEF+Xs3x7YZqCA8SMyvGBBCxhmRCdGFu6XN9FMBc89
K7kJtuiooAbG0cRod0eLVfB7cHWXMnrioqRlD93u+SWDzrftOTQzORIn8sqi8S1U
55+wlnatrgAdV4MJWNlvUCZK56Y6jBCLX8s/y45gClVs3s93mq+Cz562FtTkXMnx
X0pI90VGQjdth9/k9unGaziGRGifmb+5Fn0qEXhx+3RFNPUz0vhhBS+iPuIkE7Lj
vkwNc2fSYfHo0/0wrP6BynvdNpmSA8IpPMYGbqWKPJ+eTvOEZxaiOtVSc2pivTYg
g2roDqjWm0m8tZj7hKXA8lwjxZiW+S7uZcItqyHA2dQcze0VLJ+naibPvMe/6DjZ
QyLYB76M0hiFOnNZP0HyiAVH/btKxcH+837m2G+9CHHaHtOKZgdedddrIJ2kHBj1
K0vip+4qErHWkBXphGC0Vk5tCX34SVGUpNdxDSF4ikDl/Sb+hYgyds0LN+WRYTep
D7tDdy4FEnwfrlTFfl3A1cay9dVDAeFGFfl+yuQ2EzM0X/lY8fjDEAsHUtcpeqrc
34HPNA9tsE7Uta7nW0DORyDtk5+ZRJ1p1sTSeqtoDeFirymTS8TxtxQpI8qi8D0I
3Ktuq8PKzKr68NkF3kx7QAhN1AtNRLED0akAnnGdAJqMJOch2vdjxMmWx3XMFYIs
Lr8AXOroyW5xsYKRUtKBUWhvPtJsWgUUZrI8hbSKCy6uSesGMvMlQMAFAHw4L6HV
tTU3wcaAN/KyqbwmjLY8AWdLcTFVuF43H/1++uv4mNp2u5rzs5A3gYEr/LReRjCy
fueIuyFzJm/8i4+nFdwyOk1Lf086yEA7NI4tyWXZtTOPgquqpH1VUsd77j+24fYg
fbRoaobSEL+fOA==
Q
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
