All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
8008
svc
svc$
backup
memtas
veeam
sophos
mepocs
sql
vss
Extracted
Path
C:\o9j0q-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension o9j0q
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/49B7CF8641B34D60
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/49B7CF8641B34D60
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
emUHM6OxEX/XkJlpm6sl+AGnWhXy6RrWLkTogPEHRnwtm3agHS8z/xHyP4bM/W51
Bo0Ck32VIaeaq/0uLe8vJWxZ/v7uoIogwsPnr+7N+1yUr1plgmd2gw5fSzTl6XA/
YEzIPuYg/M/7yEFE2jZNcw22K97aYYIgnlFIc/8ExYObOiIxqp0bkKeiYXwnh2/Q
m7o6A2wvW5s2tWXU+Iu0Hf8yyPZEkfxILoVZE/erVyzKSuKUApbu89DPFxTJ9yV+
D55nY0BB5SeW1dVr1jpxmOsoTqnXbfqhGcoBwf3YvDdHNXg0njWW6LwpjZVd9ZX9
M/Zmwj5AbFJe0ebVQTNlcEW/A13m6IUFhUuO+AfR+oZiWXXFeEZmLqSF5q+MQMYP
Yo05z/H40jy/j9uj5tXkztGS5lj2tlow7ZjN5Hbp2IiZwWRNm5EATuJBHNlvX/TQ
ZhNskrcarRfYTnjf51EXoQkizIGRY95J5z5Wn6fvTXXF19HqEmvO70YIwjVWmPSg
l5SYXDww8CrolbKoNXhtAMLb8uz6jPqvBkmlDAXYsJeuZuQ7HOzVZg1xEoT2mlet
Hj7Efla6mye6Y3osj00R0aDgz9/PFoctNOIL/KxeyUS2oTYYgW67q17ZWEM2kJ3s
PG90mx4EQnDLUzbvll6mdGf5YyW1qCFxSecBaKRQuiU7vd6OmIwXv8f6pJ6mfT88
xWH69s+n9Q5QVZz9oJd1Fw+X+nfOopNP3ehmoggHixr8/zzwplAsgKEh193NMoSr
kUa0z8v8K5RYzdXWD2kiAo3JmK02JhIOPEpVLk6kSrRzHRU8gYXdYv3zAKrizno0
S6zBiEvQYxc6QZ8iz5Zf3WTOhP9wg+GBzqGmc1yTLfDVeJ9d5A3v8f97kikidR95
gfY18pBMjOgtYWClUq+qYr4MGYzp19MBQdKiOn0jhTP05aaQ80fjLUylpiotDimz
MZ7x06dpw3zoIvye2encMRjOd8W93sXf9Z6eR+8VPu5QS0of7krpV1DRhz6Csj+u
TuCqFRq4EkMV5ztOqhdeURR6anStaTbyqimBMlPoLY9iRv63saI4BCjEsqXh+bOL
ejEiu9I8yb+Ozv5UUHUb7cOABDXl1rpHpdiD4pKw+FZdTgSrhxXUqj7/0XDekZXS
c/34g+yEMf/JL83z5GwOQwbnU8mn5cl0w8HxKwQMLNsp8MTDphUKp4QtV5/v4s+y
Z4OWxtJ5s7dccjNGWaMwENFWW6/w8XZMI2pJwQubHZ5o48aDFuCIF4PUKeOqKlMQ
F41y+azd6v8SPcSs
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 540u29r
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/9EA49F0671F65F80
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/9EA49F0671F65F80
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
m1DBz6Ik92aslqytAySPvBww20s2q18Qc4G8UkDV1+s/eCm9tkEpz51IsgIPDjao
nrIPoqu3BXY6PIa2aoOYZv94jKLBMQoDyRPkLsyGV9GMviAK060P20/SgbxN6NZ2
AzzdiJTkSYiqe+KO//uELrP0BJ/Iyzwu/bHRbQd6BAJTHi553Px+xkqUu7U72oic
TOLlHC/Q84p2PekJko5scU4Wotv4eT1cmUhNeBc6H0qZl5bZZurXOFIFEttFF6Ut
vYi1NUNdAclOgIk57600y9HhcCjp4As0Kf/DB6aP1mvkWU3J7SPRhPqwa5rKnsGp
FcUZFtA87s5NVe1hcqgcay06gaJE/kG2C/8VoWQ74GBl3MNw8k0VavkjlMvGA9YD
1ruyszqgetspJ0upG9J9yW6jAvLzAO+EzczQWHKwAgSmREOlbXFPnDdfpSKuSs95
6z9M4jyKkx70/4nz6BFhzkZBB+vB/WcjvECtYr2umW40EjI/2AB1Msf8tt9Vr+sT
jeiTctPRTcTncZGKJvwEqT/1Vh5BoZSbtsg27KxErIx0FbbJj8W35ZCv4VOimqc8
qlVqk65+3D/Pxp2c67ScOlnxGYGpN+l0tRtZF5XcV+WoXPOgVY6awiWO3nkn1Aoy
WbkV7ubuQjhgMJXB9MTs/3YTDSgSZoH9sHFr5ifwigcZSxrSfwKQbWTkZsWLx2D6
UsKJSOyosIpTVB/+0ffxQgTvVqrtfc0J1OyL6BBdicLKs5eIzXLsQSoCAmk53flL
EYx/gp6YBKZrMKDYxTMjYbGwGlestZeff8gqL8Jd9F3pa74apYyNLQ/9wiysXtK/
6+k1aXdcj2UAmFGLLYdEaNCLZI2UAKlf0+coIb8aW/S70LqwpB7stFUvzA2CB2sD
6oubjLMeY1u0Fj/uq2BesGpQpb2FlkgMEHF2ueMEz2FmVl2PyNf0dcqf/t7+gFKk
JG4V8LYKaDaCFfEAmEZDWGYmC0z/748InWFHv+U3kin58GegijxUI14PfTAUOr4K
PVnmHMVUZicDmYLdZUoFyBT9pXarmkL864bTPaJ40sV5sAFkYHGWWjKQF0BiMS8C
95TiERO9B0c9qeK/fUPO5o4P6XIQ8hDILntQPWbmwedINvtXMOjSeHGTtswq9iPb
+ZL599Ae9pEDfLOg3kha6rh/VqsmQbe8kbSKv1hmuutIf4wFS4ADqP3H++3aTwtQ
hfeOXp4q1TXAUEymzRfhFKq4NHZoQR9vOSScM9OwBI8Y6jF99oJ2TAPfYJ5Bs5MO
o9Ou+QGd+S4=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
