All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
8317
svc
sophos
svc$
mepocs
veeam
backup
sql
memtas
vss
Extracted
Path
C:\30vh06m-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 30vh06m
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/B7E96BBFDA1947AE
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/B7E96BBFDA1947AE
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
OqfJmX0IYCk8Nia7eBzQ7furu43K+x5gi+O7lnHbA/gyvwCJSPiWnXM7tw/6Anz4
RdiGmwEwp5797qYOKR0grdcyxoj/bkua4IxCxuQaCXYFgYOgw9nQhbLWEQ/bkF5R
wSCrVtt+8Qqn0P3oYTuB28J0pgCHT/JunBsg93I9EAIEw3f8+J5dTWLOi9SkHtPX
9XTybs8dh/Vj2GOZXSRPaNY+4a4lMYWWmTCqLLckg/IWEnGnOhY8/Hcd1JRXgZnL
98A2enJx4VrpuTNJoRuKTzleXOi/EIiS0vOOCYlESNron6kCKek3SgtnHs4az26U
dyo3kJrlJ/U89eaorPkNl067mh0W5TZifnjdsFGix1+HFs/+qbmVaoTA+I14qs3g
VhHJQZzJ9lnauggEA43TdGvZ7foplAckNkgHucOX7KmQbfu/mSxtAMsxB/GgUyXg
y/Ogip9fR58qUAeqQM4uAvS8QYiCNwCbxyGFR6zbRmieYrrEJ7r22p1H3otveWbR
6rttmFCajOsdb8+wEIThWofEow8DBHNnXUnn2WfHPyC8Mz6aO3SPy7AzsM/em6sx
hR0U2TOiz+nrragIbF4mMhDCL3BBr1pKKd0caOImKuGwyx4kkve4fCfWBkEV/EbQ
4Ln1s4LmJkbwU7giuLhn1eAlaJGCu5g6EapYeyycJ11BLmPTUaVhOMZJKLunzIdJ
XNaGLVwMP2oy5zZUME1YSJf0zJYKTsM/wXwv1bi4OIND+MjBViB7sN1goNwGI1CY
R0fnhgtNgY9fxIs6XdlRXGdATbMSYyLr6hyF3UlbWg1u6cX5UlWop+MBvulENOZ9
rqHjMX2ZhpuHmDYz8HDvHMRSIBsZao/ors/owkk8ox4Eo6H+w5ghPoeUuTt5St1/
wnOWbObdebLPw/uxwQLzm3lsxxwv96DdIduyEIvJqID1c+OkS4/i/Z+XruEMZeW8
ve5O9noNejburUxEx0fNVHUAjimL+QSC3NnAnHIIoW+OZEXlEtWJsHUB/JoGprZx
xGvMDir5BC9k+2caJGD40N4IJOE5xRuTBkIKukHdTO1InkH6OdHfpsm2vLx+cOMu
s42oBcVKCP/z34RF8mabOaEXgaQRhulXmrIy0dolaTkwDkvnl6hGztjurPTcRf/F
ZNPI98pglC0jvzYodLbvePhxS+Bk/96sztIl3+fQyVnl4yaP9/wvXqblQFIFFVLb
Ox8c6eGEYbu8jNIcHAeZHg36AJG7bdW2FEMFxmoNlWtbMz7ZRg43h8HA5iao6BVg
7fpaknPPQUFQV8XPXXm5Xw==
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension duv1m9p5
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/35FC0859A7DC3DF3
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/35FC0859A7DC3DF3
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
KZVQr8MGwB6fFOusQsMllJnJoUGWbu8E4vtj0CqMIqyz2yb53ZquaIBnacR5+ZB0
PEhYoxwPvS8cTvi3/MsjM+V15hZ9GFyjF1dp2tE8FjuHWnyUlOJIvhXFL136qzdO
1CWJ5PaxRHKWKGBclMnIapeIok0dea/+OTaaFs9RLxAA0ygq7VFQsIlUQqeJP8B4
7Xr13cvPXb46RqzVxg8dDXRqiMGAZ5O6u1+bVQbPrSedKYsHrOGe0KTxZS4KYJE8
P6HqKZkCAWsNVxI+HHtr1Z65bur3HY3BQ2EWiRw2GgD+mmFYP0f60NGqf+p3Cvkb
iaa+Q6ydk9LU0dvNOm2lOq1muEw9nLevpSAfxi9oJz8kW9/EJSWk9EI0NiVHYZrf
BfIoKbACDHHlfWqHX44f7mw5Dr8u+PR6VTEAe6nOJcXTaeU1m8bevObHwmL7TNQq
M7EgAqhydHDhnRbveSdey3koIBHGk0g+9VZ4pnoZkMGKPdwAI0TLsmVtmCo6iQ9b
dfceleyF/yc0Kc2/xRnGrjSpcrP1sg5xxkRfmHeUqIHduoP+Xy+Bo7U+mF3xzlpX
9aXFc2kvUTeRnChxdjOzSM8z13n1x9qc5isfSJyGpT9fHNIeDhX86sqElwWKxMSY
odATS6gz3rz2t85GnWJQPpX5WFq9ThWn4F3+/QKpHHM4EJ8+7ebWw1ASBlt5iK8j
KZEkdpHoc4acfFTttw0z0oxtVy/CdGClMHpdLbITSfhxsL0lZwdbc1syqci347eP
kaiX7Da5lfbVOXb/P4p5WqUDbOz107lnoSMU4Mk063NH1+8zZwPdi71QY/Zvi5j1
Ahd2moBoCQXENSjgeEg+uWy/t/dq3JHXyL6AQQAYiEYJ4L8Z4vW5W8ucmb7xZ5wy
JDMgqeNvFvphIUQvUj5AHDjy22kPkDSrVmoO/zgMGxpzM33j0ymEzSQWHFGNyaoQ
UpMcQVeWLX6GbNE9FHULfzfWPzBIBsEC3yxgXbmKduLUvyKp2CoNSK9Dj2mig/Ob
gc9RDd19t48YrVoyXM8huSK6/aqcCoxixnMLAcIgtq8gKAe78J1zbyMWNSVwNqvP
GBXqpbd7j/Uxd9XftN2rmyS+ZMimd5Z5BO0UUJYZnfKcGsczOL7lJtTnC2n5e7kb
+NNpxHth0caJq7gisl2yZSGpghicccDzOPff8yTFwEl+/qOl56uXfQQWeTYrBDfF
PZFTow9JD0Lv71pJN8rx3obsGkatJUqYFoPAtbgDZxshjgruLghWpj9QhkR2S9Ia
hE7nnCqLQdyRwA==
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
