---=== Sodinokibi Ransomware ===---
All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
I suggest you read about us on the Internet, we are known as "Sodinokibi Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
Pay attention to that:
"How Much Data Is Decrypted with a Ransomware Decryptor?
In Q2 2019, victims who paid for a decryptor recovered 92% of their encrypted data. This statistic varied dramatically depending on the ransomware type.
For example, Ryuk ransomware has a relatively low data recovery rate, at ~ 87%, while Sodinokibi was close to 100%. "
Now you have a guarantee that your files will be returned 100 %.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available. If you have problem with connect, use strictly TOR version 8.5.5
link for download TOR version 8.5.5 here: https://filehippo.com/download_tor_browser_for_windows/
When you open our website, put the following data in the input form:
Key:
{KEY}
Extension name:
{EXT}
-----------------------------------------------------------------------------------------
postscript: In case you want to independently decrypt your servers, we will be forced to put the databases of your companies in the public domain. MDF files:
DB_UTILITY
LeasePlus
LPSecurity
LTShared
PaperVision
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
5392
svc
vss
memtas
sql
svc$
veeam
backup
mepocs
sophos
Extracted
Path
C:\r8k6m-readme.txt
Family
ryuk
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension r8k6m.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
I suggest you read about us on the Internet, we are known as "Sodinokibi Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
Pay attention to that:
"How Much Data Is Decrypted with a Ransomware Decryptor?
In Q2 2019, victims who paid for a decryptor recovered 92% of their encrypted data. This statistic varied dramatically depending on the ransomware type.
For example, Ryuk ransomware has a relatively low data recovery rate, at ~ 87%, while Sodinokibi was close to 100%. "
Now you have a guarantee that your files will be returned 100 %.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/4163C59781237900
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/4163C59781237900
Warning: secondary website can be blocked, thats why first variant much better and more available. If you have problem with connect, use strictly TOR version 8.5.5
link for download TOR version 8.5.5 here: https://filehippo.com/download_tor_browser_for_windows/
When you open our website, put the following data in the input form:
Key:
HMxIquh5aUsaDtRZ52iQ+B3kSr3RNlKpxShjWGby1iApBtCACgH9t0scGnKmNzs4
orqDuPtsCP06cHan/xqXkzYNDEjvGgM3FC2PBHs5OcBHkO/jCXbRzkdtrY/toQze
P3pJjj2d6CrYDdsSXpFQqCOg1tE/NEoAUgScTwqIOtymqIopCySz/bAukasfwaoC
HLbCvRyNT3tDucPlxfLy2D/Dt3RdvZJW1oKrpv/ULJtZFpadZkIaDu/O2UhMiH6K
pIgVFydyMMJ/qTDX8KdQluoF2hVkb15jaejuAZXkf4GQr4ZmgzyPWC1Ml4EUpSr5
XW3+GPJT8RyDBQESurk9zPC9aQVgxRs9BcPW3PLuAlBaQys6NjWdbEvQBmvh6hVu
aTljCeD9zNxC2bKmH1UIPPvtS7KScjNGqRP7OGYMGLZPSrycVro59WfdDFrFFQoW
VLJefMnZhV3oGmdgAeg/Z7ULMEjUnOPcJup/hTYVKNl5mOmL//ZB10LEWhmIVEeR
zsxc8D8XribTMYH5xWWQpAPoSeO7NtVpD86C8W1noE6DvK7OChYmEsbthuOt9+/U
IeJ8GxiEAGqvdGZ4+Ug1VszxLfTBjwo0H5MbNwwngrTyxcyfp0UGHeF2cwgmW0Ua
0REA8U/bp/DNDpw/ipj/8INQ6KmRc6NipPK6DRIDGWKkRd8ugtfiYu+RgGy6wGB9
SAUnIwfEZMIgVX5HJWM3svSGRLLhRX5bGMdTfiy45A/PBV7M2pq/lC9FS9zpXZ+z
GGAuhFcIk6lovAe4/fjb3YhTBCFf9VzCgghVEFjikSvpUbsgV7H38M928Y93spvP
M2TRRFPWToy7w5w6ep+m63VsxSHD1gGVqM3o42nDPHWz0GnMyMLjdxRLBUBZU36v
16zkeQLkwj4naOi6fISfv9uRktSKKJAYoozAi2B6tuMEutHtjAmRhLlkVSuQ3Kls
TQGZh+Zdosrhjvl9t26sC1AVGgKKkhKVZHhYZGJ3Z6HMX0nTD0j4jMAfnDgSrmkN
CbZGzPlYBaVLpHAP1jmN14gDh4LOFRET7pdu4SpqOtvdwoP5LDm9ubuskEBpfnLa
eFV/8emVY+D6X9gPpLD3uIsIh3tgfyjestjh0y5qt8kHhfdoiFIhZ4oy3xW2QUbK
2iA9w18HmlagsC+ZrlQ2kND894sgFeg8xrIMnJVfkC/ZnFmuXHFqn2JLFBBe+Z5F
CGcvdygD/a1NINpe7uWn4ia7e1lUoErU7G8HRMSNCgLlv3PBEalnTA8YDeKg3T9r
3V5qV6KfNp3KxZTEi7Ga3ndjn8fJ0g==
Extension name:
r8k6m
-----------------------------------------------------------------------------------------
postscript: In case you want to independently decrypt your servers, we will be forced to put the databases of your companies in the public domain. MDF files:
DB_UTILITY
LeasePlus
LPSecurity
LTShared
PaperVision
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension ujy2fnt68t.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
I suggest you read about us on the Internet, we are known as "Sodinokibi Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
Pay attention to that:
"How Much Data Is Decrypted with a Ransomware Decryptor?
In Q2 2019, victims who paid for a decryptor recovered 92% of their encrypted data. This statistic varied dramatically depending on the ransomware type.
For example, Ryuk ransomware has a relatively low data recovery rate, at ~ 87%, while Sodinokibi was close to 100%. "
Now you have a guarantee that your files will be returned 100 %.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/961BDA7384510BB3
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/961BDA7384510BB3
Warning: secondary website can be blocked, thats why first variant much better and more available. If you have problem with connect, use strictly TOR version 8.5.5
link for download TOR version 8.5.5 here: https://filehippo.com/download_tor_browser_for_windows/
When you open our website, put the following data in the input form:
Key:
zWxYAAwjiHw0YUrxvzFduFRtMOQuEj3/wxdKySLWvyuLVnAgybCp8qKxQy3Ibsbv
yBI0SeOeAUGxq2ilr26FLKJ+kYA6/p2G/uCg0yblay0tpKL+2IKy4WuddfLpAEEM
g8rPhVrupeUKuQTE6ppnte5rJJ5XXdZko+ZkU0SORI3WQWiBJ6A/XHQg9t4NmGYH
2ETpvvuqvIJ4mzmBzmnmcFEnOb8arRYQsfXSWN9DvloQikMn3q+h/LCmTOM+4c5l
/y1c8QEYY3EsmNo3b22CuXweWm226bip9cZrUwCSM7Aj02i3iUBKBvbrEoLwW3sB
QBCdCy3ph5Xqy1mksMJZ/EGUjumPjapIWh4Wd3gO2dgWY2HRi/UbRTb6ct17sYfQ
PuRyl03YRYgKS/3TgenyPGpa5J5QtSvlwyD1+rQQTcQGct8HpSdF3x/WJoclxy1o
gHGSdukSiQQAQMfN2BYjGHrtv2VpSlIqU4mnqfDAwVO100/HMX1J+Vyo6tDaSwYx
9u6Rk4MDg3xQGY0T2G1DpwcCM2wKF0F3M5s/K+Fu9HXf77tIgCAJYZs99fPksBBu
iLjLPPCHHyVqMH0TQYM+XoleIs8XQKGQfWgIcegbfr502/dSTeqzwJdAJ5d8bp7e
piDCuH6B4O9+iriPODUBkFDTR0IbcNUocEcmcSz/au8V4AEFDjf7nzqb3UlaeyrR
c5jrFBrucIABHYvFjS99rYw6+wlfzpNQGWHg7FX+YkwTg/a0RoDRBaiDP6C7Gp4Y
qx6JgAQOESlMHJHSLPevrUlBv35QJlpDCnBryYuc25yWiyO177/WmOHM/sS1FE7F
n5IS3o5Cww/WHTrLliWFzvshTo4hz9dVsSy+N4xxBLAnsEnLU68W3xIosvHxmq2V
Pqusj+tcTl1fCUtNZxcffbv83TE/CUatIZD2DUrDtHfB8bhWNtifaMYpCVZ0oF1p
PuuCeXCo3tO58k5JMNCWi3iRq+jNWoRWKZgKRJW5WCXxK3hBCwfYp4r8HsW+703W
DaOXrUY0o8XCjXWNH6mYAr/uYlntE93Bfur6TOr7Ye8wfnNkxScJL5vFvIGhMy58
Yn/XSMwgTsazkoCkET9jNKdKul0ZDqD7pNe7lseYaCC8LuNEOBvR1fpXO8A9XRFy
UobGG0ufir87kol9tHp39N5Ip/ZJc3cg8ifFpwAro0svHbBg9AWfyg90rD94lP8v
rS/6G7Y8usAEXeookScDQlXhj+/I7eVkP++QOzuOw3uTV8H2gXsGEfKSdBxDquHP
A8KZLcpA1AadH8N9bjiIeYmB2yAy6/bU
Extension name:
ujy2fnt68t
-----------------------------------------------------------------------------------------
postscript: In case you want to independently decrypt your servers, we will be forced to put the databases of your companies in the public domain. MDF files:
DB_UTILITY
LeasePlus
LPSecurity
LTShared
PaperVision
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
