All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
=========Attention!!!=========
Also your private data was downloaded. We will publish it in case you will not get in touch with us asap.
==============================
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
7017
svc
sqlservr
ALTIVRM
SQLTELEMETRY$MSGPMR
"Sage 100c Advanced 2017 (9917)"
Altaro.DedupService.exe
psqlWGE
VSS
ADSync
MSSQL$SQLEXPRESSADV
msseces
MSSQL$MSGPMR
MsDtsServer120
sophossps
ReportServer
Altaro.UI.Service.exe
Altaro.SubAgent.exe
SQLTELEMETRY$SQLEXPRESS
Altaro.HyperV.WAN.RemoteService.exe
DsSvc
VeeamMountSvc
"StorageCraft Shadow Copy Provider"
TMBMServer
"ds_monitor"
SQLAgent$SQLEXPRESS
mysqld
Altaro.OffsiteServer.Service.exe
"TeamViewer"
"Sophos MCS Client"
"Sophos Clean Service"
Altaro.SubAgent.N2.exe
ofcservice
SSASTELEMETRY
"SntpService"
"ofcservice"
TeamViewer
"Sophos Web Control Service"
Microsoft.exchange.store.worker.exe
MSSQLSERVER
MSSQLFDLauncher
"ds_notifier"
KACHIPS906995744173948
"Sophos Health Service"
memtas
VeeamHvIntegrationSvc
HuntressUpdater
LTService
MsDtsServer130
AltiPhoneServ
MSSQL$SQLEXPRESS
SQLEXPRESSADV
"ThreadLocker"
KAENDCHIPS906995744173948
tmlisten
"swi_filter"
"Sophos Device Control Service"
ntrtscan
masvc
Altaro.OffsiteServer.UI.Service.exe
SQLTELEMETRY
AzureADConnectAuthenticationAgent
"ProtectedStorage"
"Sage 100cloud Advanced 2020 (9920)"
mfemms
"Amsp"
kavfsscs
AltiCTProxy
AltiBack
MBAMService
MySQL
Altaro.Agent.exe
MSSQLTESTBACKUP02DEV
mfevtp
TmCCSF
AzureADConnectHealthSyncInsights
klnagent
KaseyaAgentEndpoint
BackupExecAgentAccelerator
SQLAgent$MSGPMR
"Sophos Safestore Service"
Code42Service
MSSQL$QM
"SQLServer Reporting Services (MSSQLSERVER)"
Telemetryserver
MSSQLFDLauncher$SQLEXPRESS
"SAVAdminService"
"SophosFIM"
SSISTELEMETRY130
backup
vss
SBAMSvc
VipreAAPSvc
KaseyaAgent
AzureADConnectHealthSyncMonitor
MSSQLFDLauncher$TESTBACKUP02DEV
VeeamTransportSvc
MSSQLLaunchpad$SQLEXPRESS
"Sage.NA.AT_AU.Service"
SQLWriter
"Sophos AutoUpdate Service"
McAfeeFramework
svcGenericHost
LTSvcMon
VeeamNFSSvc
ds_monitor
"swi_service"
"SQLServer Analysis Services (MSSQLSERVER)"
VeeamDeploymentService
ThreadLocker
"SAVService"
"SQLServer Integration Services 12.0"
AzureADConnectAgentUpdater
sql
"StorageCraft Raw Agent"
"Sophos MCS Agent"
"Sophos Endpoint Defense Service"
ds_agent
Amsp
"StorageCraft ImageReady"
VeeamDeploySvc
sophos
ProtectedStorage
ds_notifier
veeam
MSSQLServerOLAPService
bedbg
MSSQL$HPWJA
"Sophos File Scanner Service"
MSSQLServerADHelper100
macmnsvc
VeeamEndpointBackupSvc
AUService
MsDtsServer110
"ds_agent"
AltiFTPUploader
svc$
mfewc
KAVFS
"Sophos System Protection Service"
ViprePPLSvc
SQLBrowser
SQLSERVERAGENT
HuntressAgent
sppsvc
mepocs
Extracted
Path
C:\nbt22bj-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension nbt22bj.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/F8AA52071A8AE18E
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/F8AA52071A8AE18E
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
QoaBeQZ6p4jy6krRxPquNRWFgV7EM/LiM+96IB6mjL9MIn4oKi9gAO+4ha/4nSdq
vteYfaPO0QG/ESSgKnbxT+VOk6kMpTl+HEz+83B9k7Dx/YPRnmccbVs/XyVw0y57
FqOZfMiEkbHH85NgqlN7RzSCeApMtqSp0H+aFeO7aYuGpywaq8ZQmWpsVgHpSpAe
M55eQT5T+wlRvXpH83SIRRAZiU8sLHD5OvJi1xKWaHhTJ73k/TRkBcEDM22jM+9J
x4BuHGevXDYZZA33dTncyszuOFMZZJPucdj+L1AcnBl0Of9pOfzm31hgNv8eP5NW
LQ4r3ys9m/IENlXhHylGJ9kJgoqV94nd3SW0iHg7/BM7B8RscwCkypcJTTXRC93D
Z7DTwTEGSdASilS5J8Yt0++W7emDnbMxY6dZYAszMXpYBhB8hj/VdLk4tRbMsdUR
W9nJDEZ1+pyyiJdrWiibcTm/fiheflzvFtKYd2z84tRMTqd+fjf0lK+CaFJOHCDR
xNA0yfaI0EnRhp9zG8QOOx4nEmsv538uJNp/HGdQDNUG1+4Yey4X8TOEY4L0Hfua
Rsg86Gce8kJ2Ddxa7eWfXpuBp9eeOGRmiKekdbLJXa8eXloywyG7gu3WUahl9emW
ALMosoVjfGgUEt06mwfLmxB40DonZYShATPyNYib/WSm6w8Pq2Y0n15qY/svbiMH
qxuacAthKLUvKuGlkZmVnK81hQc9LxyMhW/AVQWwLVd1mMmee1utwibmU977eWmY
g9nu6JBxiWb3ffGGLoTf8z9dA/CpsQ5T3aBsBLSKzrD0QuG43QR728vCgY61FNb+
766eHIfNJV/i8Jv+uN5UYPEDlYhaZA07XBFkVeEmXm6UldOvt+UubD6aTlZ5NDxx
k3o7sV+x8q1r87vRq69JGJ9vHXj7vOBVNtwlj97IDpfD411iG6Zvrp/wKBhoxZwo
VvS78E0ekVQR7WTrumkIgI/zrGv3aMXgGXL0K5YvEbUj/5EHtqLKW73UOO4DgzzI
ap4mtnZnwxw8HEXunMUsAEgDKEY6rHy4gTq3654qsJvjHyH5A+quoXapst0YvTW7
Tw0Z0DsHPZeTnmYx8j5/YGMlRze2yZqyyLm2XVlP4XcM0z6Jsa3n8r5c3Gt7C/q1
c8+JXPiszmibi8e20WAxSFOgQOaeDEJb7rXKUHGWItHj3uqr1ap++ZyUypSlYG7e
53FxnoMZWppPAEYN/f1HieIveR/80hzu3myAVvRCWscv+7ts28xwa7OTMR9o+GTs
lSYTpLyoDSJzE9cldlIR2w==
=========Attention!!!=========
Also your private data was downloaded. We will publish it in case you will not get in touch with us asap.
==============================
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 8hiuv77a0.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/8883FFF8357D343D
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/8883FFF8357D343D
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
m+Z8qUN2deUz2SksR9PJzAcUhtxcjqo5KMwcptU/mvXygW0gfPOgeFdIP9nDG09S
NNRoSI9mVqj8c/AU/70qfy0ajBTyQfj8xJ0+sS+XPjZkQ2uSOxBwG4UPHQOBJPV2
8UJR7JBxI4XiG56rtJTb+5Od2yGX71w+QcJImpUsrGfHHf4k+rO5+6BLdSgg+986
wF2PCaOX8IPnDxUXQlH/Bf7omWqxNv5aSle7gTushHTDePalsvAKQtZ2PchoiuIy
+Ds9jZvjDG4CigwD4W+0ELFwP/eRrz0pmjQTA09hImNTMUzcgfoF/HOgNk/aLEdm
o7hJr6MqIO0Yqq8G/sZM61knMuY9zGhGj9ocj6DrHStKQQTi2zxOV7E1Dz09B94y
/OqNjtcu410fwEJwtWA9rKMWC23nP4PkP+oc1oeSQ522VHqPv5Z21LlHMqhxopr7
xMeYMp0V1J+iILT42TIOx406AnPs5lrc/mU/7nqBO1N7tcEbykOx++W4nDXI+Q7R
BYOJ177OmbNLtcVKeu6ePoEtRO9iSrG7J0Eqa2RP31nyWWSpgPesQda0D8TYvIUo
6h6pO1iE9f8EFFbMtkYmdpacpP0Fszic+xMJlFKMPEyt8Rn28rWWqGixvpSbRHdn
KOzh7vNwopWTXbmAlNAdq2xXn9ohW9x2PWNZ5oW4xrueu34LSmtZ019Fr0X/a5cb
A/e7CEJFoTY5SbyCIVeE/qEvWFQcpSjIX3ohaDap3huSbUjArDU3CXr+5B0VDncU
U3ja9+SeTfxuiGt0e7XJyIqrOTgbt23qlp/92ZvOQRm0ktQy31UqVBEHbNbMeqSS
eXo9HYwF4mrGyJvBid9o1hphc6cxuDlxnM2rAkBBx+T6s7otyeP/kVPzU+3j72UA
oxTDYYjE7tuRiLvKWCCULLZAxgeWCnD4X3EjzfHrYV7PT2B3oSW9yuPXlh3gbG0R
G0RNWFYu11uFpya4RwaY84qBjxGcsUPpDxgdj9OnqkSrWB4lVqB8L2mbWGMOfDep
mbJxHN+ByQ7qOntUX4ISE5iGFRTm+cqx0BkPK1pl612a3a1SOuSTsfHJPn/5bvdA
Saz/FbppRWVmxOrdhNwNUwXrulR2l05PruHtcf9qm+Wm/ssg3WV6mRdRQJ0jGjL1
8QyjpxWLytEliBLKaeE9vkGu/YoYBzGesYyNF7nKwHTi/q5UrVL1MqhI/uuKnMjw
Ek0zmHNVDg4CpB9UXlYf78Sqh9fH5ih0B/TWuBdWN/+9PdG2hoepVRxwf3B37Sxg
KAiXREU/BafHT7nN
=========Attention!!!=========
Also your private data was downloaded. We will publish it in case you will not get in touch with us asap.
==============================
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
