All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
8069
svc
vss
sql
svc$
mepocs
sophos
backup
memtas
veeam
Extracted
Path
C:\64fz0ff14-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 64fz0ff14
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/466058F6E1A9800D
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/466058F6E1A9800D
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
pTYwLeoWspHp589q6PK5lFfxdOGL5KAt2O6rLAYHshDNChs4hK7g1WCceTXqaF2m
ggaLacSsaUr/eSl5FwuoWhDNOcJZ4vp5MG0ul8Gwe7hj/cfo2IWGXJk5ybJiRXgF
PkvEhQztxEJuZI1TT5tTLLR/IeI5H8dEIynp2voi/2MGQhrKGP/kw/r19GZw0If8
g+sPl/2i6TzcH9Sg9ysS0K0WacIylTSOfIjm8upLv+NuTIhP4wlty+18Bv2Fnm0n
m3s1NBMLXSo08rFE4ttHpOqxp/6aJU0OmCt3dpUo+yzC1EoBsagbvELapLGp8msN
dQmM73h5XY6kIkg6dDIvddEvMGnt9tG0o3zrIyhqve383YVjPKZ+RFYOqrT8K7WU
vxXn8SBVYN6UNn3XaNEiRR2arBnX9RqH/G3bdOyuXQz18jRKTeksUfToixqNQeUb
MiZ34+zV1Y4alYnkKIvNQSj+WmrISAoEVd+TPFAHd+FaEo5VepxltLTBzQSKjHUA
cYKRDayvwJQpPRADLaS+LSpb/fQynGKsaoqY4mYKpz6iZlActPQAd7Qzu/t/nx/b
vlBK4LkQycXs/2T1JYoUm0Fhg0laG8QMhxVJXZHGV4LXUX1goPy1ucV3AEoDF8l3
AdNJTwlIxGxANJuZj2Doq33wMhNQ6mUXTzTuuovv2eYpRMrQTpnOw9HGGT4KguoQ
yiDzTzyhsd3uJK5O2lFuEovgI7ID43eB4I00g4907yVVO/7ObX6n+OPY3obkIC26
K9jQQGROkt45v1jT0Nnkl6vGK5eHYpG9uAVP0BOUatHDurZ+6MUJZv1EKayy13xe
ton03UX1T+LgvtupDXVY/L/uhkUFXsCq00KPptoJrcOQcpZS+N+bJjToHEKKym7A
u8Y1j4ehExx7AyNd+pBkY87YfUK+sTqHjO4CwcMKLWFCXtIFZeEZg4CFIl3ykdL0
BMmFgU3Bmq5x2B9Wk+WIen0f0HSTpZToLPwJInEE3CzpDCXrSilNIUC+gES6NmMd
Y9/8CsK6TKuqz2Z+f4UzgPILlCudyUhws03rwAjvApYYAEiQYMz4dmeErwZorl3G
AeUX443WWtvOuy1fguMjs3LpnBGe/r2LhDsS+Z/g5SIh1AMEzqnKfU/IXLVB/23y
NJzopf9oX2VqYia0AUmWv26n++4iXRdcPzB/7OfkNXc0ssTXVzuE9siJjFuRb0Ra
uUIyrnnQQjkVF4zmASDdR+4LokKV1fOQ8nVD3pOVtWhYsQVXbQF0omOAxlL4Yv0F
KZcE/8qAf6MuWMLJTiNb6uSWk/U=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension uot77gf
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/56595B271C7642AD
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/56595B271C7642AD
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
gcQIRyM3h1foLqMKvNkGslWwpe5W8TVqPXojJ0ZjtOIYwkOaNKmQsR10uZs1ZgY9
iZFuU8F0pPdRHgIJWr9Gvd2djg/Z2DVr8OZeGx/CFQyqJQTrKJVTaToBCZWOiH0k
9JKeENxj5z8YRMqav2QpyOFSxYZ4VXf4sF6xZMEV8aLLeRTiFcfFtK5wzG5659bl
ycupipahza9rfGsihwhOrOxy2xK7ys4MM8NKMULUrdjrZWw8MUDjD+egF+6KlWz1
h5fLXinipx5+QG9PTAWChuIVqkrCGCrscLumAhnI5p82pzJumdz0zNd0uuZkXLNF
n3oreotgh2yG7QyajZFVTjEJ2pZhghXHP6n4vt4zQaOrp0c9ZMo0guq46put4Ihy
dF9lHpxD37f+2239nGnSArCel6AC6nzujp+kx5iAa5sX5nWCu1yFVTUkFKRihK+6
aLPtmdeSDlQjaFHojlO1S8E/XbkJ97wXplPrpRjeTesVMzZWzs/dMwIcgIqSq0+N
M4+QAg0PvG2jI+Ge1D1ZPFQlbI3LVicitEN1B44NWNcNV9qB8wVYXsKvj+TBczzH
P5v2xYq8EnLqfy0CguxkyvZK1UetQEMVdwjk0787JtUOgnW9gjd4M1JLJTA/K0oI
MJ3ALKzTvm8gWEbXI2SWvn4/PKURE4MJxoVcwPHh+uxST4JdFS5O13Q4VV5cERg5
Y+N/RftLUeQFz3nZ7j7Col98ZnCkmlP1x4/7zty/0OjdVKL06EII+6bA3DiO6CWY
emlGFw5iP0VaSHwilfDReAJSSQwirJopzJ9a249ITYx+CxhhkfjsWeEDinTawGNa
Xg7ZqG6kukIESCIMcm3S2Y+EmarSwc0bRbc2vcgJAy4zSijzW8RnvHmNUMErRbCK
f1ixmy1jsjF+PViC5ciZiRNLfRAQa/5bjigONbNaAHjp1ZEoY0iNl4nJKMv4y09b
64YrMElCDXLfO1I84OBYEF62MnJ+BoihBb1kqSmctyEy61j5HHfH/027QPHcjoqZ
2YrtIcmZAIYvF7oBsP2oJRx7MpZcWNAPNhLyiQNMW4q4YLdT8raaMO6PwJvx/gpy
8OjKcsTq6mn6nrSU30JjT8JG3jWxYtMBmMBnnWWgFcJUaTYe5LjXf9Sp9m713kCK
zKZPTx7DVdKhm35HfobpwwaE9iE4nkZk5EpeU+24tLT7bN+rrmlalnw3wE+l0vfq
v/d7Nf6sSCyvpO4pihTTQYAj/PJLR8nTUcw6RKm9Y/lUuFICQTxm5h9NPVD2y/Qc
oXJypF/XXX4=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
