---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension i2pn397d.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Attention!!! [+]
Also your private data was downloaded.
We will publish it in case you will not get in touch with us asap
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/E9971FE7BE77002B
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/E9971FE7BE77002B
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
ub86wf5vPX26He++DsuaxGRiZRbJK9YORKe7aR/OhbA3NUR0KpSWkd5Jt7GIXKz6
/k3xQKMkci7iBnsduRauwavqdL7FiWPOnjdGR1owCLmpGzzZ+W7IBMAcE69d512u
jJucZj79fRA5I5PEcKE6LPNJ6S4N51aESWlIWnNCHbYS2wDoZIue7RKYLnZQQ17e
0nz8JCqWsSYfoTYaLcwUo8nwO/SJpXY52L1RUSsTyGpwMCtXr+Pu7K7iqo8vj8iX
Qm7sbjMLEDS+10hUygDC5VN8dh3VQ851I6pt3DGjb2DJhiWUBF1lHysF0Pz/vLl5
cI9XbTiUXMMn7DepPSVIZfm8MQIN16WvCUX4Io9N/VvG0sv0oBPwi4jHgK2pBAY/
DJUsRLKhCmvQvD1TT60dqbnsPTQCgI1FX54YSxgGzHuq8f9JiFMjxCt8ItKxoRHh
2fqV+AjmAmcbdCoteyZXkOF94b7YXGvJBI35l6JZVAXv/4XxQuZHXkF5xOOf3DBk
vis5AT2LAlsD8GkLyZGMMCnrp9qrVi1ApwlrocjramSq4grgIu4YxtoiKZ+bhrGb
AknzUW9ke9DlW2zxtX+tgr6Wml/SHkeqytkUuQbSQgk/KQEESYU5Cw+n+crYnIYD
2/b7mVCKUH1OGatpl7ghFAKAudzZNSGC93T0Hzd0UgXWAmDFzGhAKdZ0FHAAPCUe
V8OqeGFjytxlOhxTMTGbJ8l8ygcIuuWLf9CPf6VswRpLGJ0uHZsksVUC5wbOnX0q
YZHYaZw4vGpi6DpGdhebFj/D+wvXmOWb67ADOP9UnoMHzVXtqspnM5bkdBT1Uzjk
M166K8jX2xq3Bmhc4yD0ckHs4Ow+9j8m55zVHzuIIkyzIC15Rz/bEVwynhMMQlNC
54sfWYrXrsmPPg1W6Dtx1dc/S0HFr0ScmDDTjgszCd0imBMN3h4dyPFdqnSzeYrj
RVJ+eZ/bhQLKESko/GJb7KXzZpfz4iASXQ1mUippHjsy8Sc2qtvX2aKUFwiE1n8M
n3g5L9THPvalfktmVdQU2R9jtJ63nVDkWMZZ5/ux32lgtKnb7bBThT+Q7dDdO/oL
q+hRmf8lQp4lExNLi47CrFHl4mXg5+mwW40S31Netz0IAeHlOubKb9PoXWWlRSb6
RkpgyMLcYhjRhVLpcidukJww8JZ+FawO2PYCM5T7p1VvPHLOo5kDSNCTEAvtiY4a
PU5XqZf4JKQPncsAHJLwmavIKKJQvqgLrtCjAX207USEfcpVkwG3XiILGw81Ag5p
m/afMcigDDAq1huWIL+Gf9iF5q/BkfEp
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Attention!!! [+]
Also your private data was downloaded.
We will publish it in case you will not get in touch with us asap
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
7180
svc
mfewc
ds_agent
kaseyaagentendpoint
ds_monitor
huntressagent
ntrtscan
dssvc
kavfs
veeam
backup
kaendchips
sophos
ltservice
memtas
sql
storagecraft
azurea
altivrm
huntressupdater
ltsvcmon
kaseyaagent
teamviewer
bedbg
tmlisten
sppsvc
msdtsserver
mcafee
masvc
auservice
code42service
altiphoneserv
altictproxy
reportserver
vipreaapsvc
ssastelemetry
telemetryserver
amsp
altiftpuploader
threadlocker
sbamsvc
tmbmserver
ofcservice
mbamservice
svc$
mepocs
protectedstorage
viprepplsvc
adsync
altiback
savservice
svcgenerichost
altaro
savadminservice
msseces
klnagent
tmccsf
swi_filter
ssistelemetry
mfevtp
vss
mfemms
psqlwge
ds_notifier
macmnsvc
Signatures
Sodin,Sodinokibi,REvil
Ransomware with advanced anti-analysis and privilege escalation functionality.
