All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
7901
svc
vss
svc$
veeam
memtas
sql
backup
mepocs
sophos
Extracted
Path
C:\900a6q06z-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 900a6q06z
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/B3EFAEECDCAE5F69
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/B3EFAEECDCAE5F69
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
rtsCfuY14fFXW1CDPHzJ78o2aYv8fnhdYQ+hZ9Qdx0YWnSF2GW9ZHGFQXHS14al1
gmzSU6fmiRmR1LPSQ8jcsgLwTfTynwxC5Zl7Cdl2fok64iCdgqCqglHKZyNPkRri
jYAymEVnysK1IArcUP3AB5fYli41a/VAX72YRpfViQQ4Fx3NWT44qKr5TSHliNaJ
F/XxRGPadvgAqmwTUBZ/jUOO9kAKbzLY9meSbnVMWM3IxgmCaGLaK2hpVqD6HWCg
KTgMRIfqkFrKcGX+waRs448BS//YSBdiGAJoI5T1YNwIKhVmdnkO/YqAAiU6W2b4
6tFJ52uPDNlYiBIl4FHylmY9m0otYw5YFkZkZE9F3wALF6rzz4xVBKhE6NJGl0x0
bRWPr1gdtZL1F+GR0nGOdWr7XNdoiYnvnVPYuEszPjLrgD03P2I/4CkQmR6RoaDL
hXescrMB31/tJ8JmfJ6OxqKENfte7jV8uj44X+RY56Cf5mjfclWLR/J0APy/w4A9
kIdTkv4md+5WVxEBdpWuLc8O62oZRA9LrM5rPqEP0QjjJukevn4+TIp8moMTQzOm
DU4ss0sjCMuuOwAA6+2RCr+wfWd0t1QS5+Gfeem4ml9kMQCQAOouBpHJOof2PgrB
IZ+ol7QieHSTjIenR/PTneoMRLAeUnWVZVa5+lsFDZtoAkqdaG5P3HE3qx+P8g+S
zGGCrCFwwRpnlGHeYcgiJXWjPigzBgw0hC3GJWVBXJ5EYl/XgxSu21U1fV3glr/a
pf+ud/VqF15Li8BPRTe+uBuamvfZ000f9Ebzhya6kPAi7KatGltyZf6A10zvqBnZ
GgdNS2h1kKRFxmBGoBbgxWkXH3IrduzTGhG5mya4oaYkL5lf6Ty3ybmFdq9bDv89
eIX18eX4nNOV1Jpmdt7tvsW0lTgown7ebPZ5Yqo4AxVKHRs7fQMMJB2eC1Iez7Ub
F0+37jRt7yA/g8bB+3vS1Bn8rPlDiT8+uH8942lJ15UnpQCq3WSEpOPxwBWcrvZ7
ruV9DmIxbxG4pMFwA0SONoDKaBg6jxx2JNTFTz8RQIXenxlj/YKXNjvtXcCu7/je
B5HBZl/iuz0T43gzNurNVvFvSAEJuzM4jY2cWTX+S7MiiIPkO9p19WncQzNqVYl/
OiKeYCy2jZLt4bY0ndCtMz4bVRGySkoQQgp5BXpPbpSw16xYekH1k4t+QLiMyck+
hh4/Vzt79BTJ0pqYPVdTbX99EdxWLg4TNyNAF2a37kYsR3v3wp6QOOVkR5vYmAEc
HMVXIbSWVgXCI9TKfRbMZGUEmw8u5NClOnMnwQ==
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension gm951ip4gw
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/2A9AD7F31BCC9C8F
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/2A9AD7F31BCC9C8F
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
rJApxMbtgRzPxJjfyZqVpabWWWEFYVMZBmRhgPnA5BMkNmCgFzToMjOSutfzzt3h
oQG83BDOZXruIwyYq/Jg/IGEPZiASKeINnbpwA0jLMhl5PFXHx1+1pksO0KjBtAO
AwY0KmicGIV28sPqID7+z/8hCRWB21q3skK6HQEYFXD4JE3lotxGYGEQjX7Y9JM6
YWYxoV+2jDlpXAcC2bU6pAz+Idi+RHexRL4Hpw+/YxIKkOzKmDA4gnspBRaJz2SH
nTsJ0C9D2G1GtrxGsyzve6Q38WidmPpwMGMYQGvMuhiyypni7o7zQclyE+DSlkmN
UiMv0oeowuW3Gpt0nYgMAV6RWWO9HdPLy3zZl0mXJZ722ygZW9tYWirmF8fkNhiZ
KR2K9+r3jhaFVs84cLWNSZyGm6aJ0NCr5RcIzbLDc01Ry++zUTmLWiOiZZc2fhva
Y8H5kmaaP3+4ZfXL4ae9B4VrLIbTccxtCpgnqulQgL7FCsmyxnrJD745Z3nhxm9a
S9d8/B0EbhuGosVrLUHiGTVnMgQuaN2qtu2LzJPvAEG6gOgVIF9WvESd4kF9yTrb
xQy+EGXCWeP4coOIjq9ptXxk7n0o9sHhRl8PxTLJznp9DE0b+/BRaOMrJmLk7bqF
XbN2To6dZWDpvgT47EGSvFi2GmnZXWWpJwW5BLWPY3iTXXhUFE/BnrA3L74xQLYu
A8Vk4850u5NXZEuK8p4P/ZPtdPDoNZWeqwmrBG1V/j2EMTYN82KRD94gJgHpK6qz
v95/6bQbueeJfcOpTw3wsfqZsRnRoHoHktfnPHsgZxjE6CerpwndtOvOzZZkwne9
ww78LFy0xKdJtP6lYNV1mA6gHmChvceD1kQ9uFw9kd6lEN++9/Ss2AfQ04tJ4TvC
4mFLTON3YSUBAXFzR7jN1lNM3HPXrLDabKh6APUm1N1jGjLnUzEkb+kTwnrAEhrx
+Xvy3AgN4Kex7zEEw2K9wb+Wl7OoTxD3vGb9Fpqtnec95n66ycMifL2/vrCKKHN2
oaev1nvWJfvN84WqYRNnUpySJJwSGXi000YP7B2F8v1vMaJaNKmunpktQUE5ZAQR
Fdih6ES63ANpuOKg+E06+w0gHngH71xx+nGQpAnt/GlM9CEI0gxBQua2jmPkF9tb
cPbpwO7kVaogac7uEvik+U7DCS+L1Hv3L5pygoDB5zgLVMMQF2ygfJN418O780rH
xMjTe0e2lKsfJa10HMNQF9UavLRekXXf0mMc4ZYKMZRRvfrWijiwcjgX7QhY2+Gm
ZQajXKNw3m7JTdsK2ek=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
