All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
8069
svc
memtas
veeam
mepocs
vss
sql
sophos
svc$
backup
Extracted
Path
C:\6miuub-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 6miuub
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/1846C9C717BFF3C4
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/1846C9C717BFF3C4
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
YPdm+ouKL5CpOP/GHnfhnVKiUSC2MoRcbKQwNEzDP7JR/S/6qQ4clySgsMWNlk0D
IA0LLARcN7ueHdCoD/t9TLArr7erHAudGtQI0P9+ofMs5UcOJhhL3po5mUAfSQrR
5fmqPPrGP0eyYZirZcQGv4vYPEygWLB7dUj4e487pY56Pe62FbGSL+39JZb6WW7y
20Bti09chZdRA1e0ZPy09pqiK7WkBLDexT7CCQfTgZqN/7YF8rmcGgFJwB5QioSe
DtRTWeBm2hVL63icoA3G+oHMTIha8dRtZkejUFjdGzI0zfw/xzMprWouy4j8gz3D
4lws+W2WfjoRZcGeX3CGvBO7C32ipyFlNPI9LMieqlfNc4L1Bg47CvaQqitxL3ak
D/MJcnZ41ES8CMSaKxM+jwQp7vS8mpZx4wCja5Vht1u1wq/WKbjJP+ergyWKyHIq
kAQzWR+WeDZNC6RDEPgp3DuytkD6LmC27zTrWj914D8O5Du0kx05BY+Abq9tUrXR
7p3N+BQrT7/edS1vLus/Cy/GH3BM1Qd18hQw8A8I8Q0gMVk0gjnOxkQiqVxdULYO
gVqadsbssoZh0z6X/HrgPqIGmXtXCxmo3Q9GU08jiv3VTieEovKkzb9j5RgqiBLB
g4gEduEU3YXJKzlhMpvERqiTUKgAN3tKTHlzGrICuyH71TOljc/pFa4a1i6lFkSN
GugpOFdadu82rJbos5IuPey4hqREQsxsIfSR6uq2K8Aywx98GTsVPWZ5RBA+DJiq
InkMv6yY4hYyfpMtxIbjZfOM3Cy3pfaFzqc0PXq8rJFFc+s0G0mvIf7AjjYeA95L
OJQmlTz5VoZ3GmTMIieOQgMj+kDeB3QII3060sUN/p3KpBOUuQef54z3VfsMgnbO
jzTPGOaiPvXC+NHWlrCdRcCLDP9gIF2P2PlpuP8FuuQwOMG2xCOmy2NnoNJBudek
Yj3KYPfOFBbPs7fJOxqLjvZoydwG0T1O9jUcu+jUAS2b6fOJb+Znx9UyIXn7GSkt
uWSHAr0/JnkfVodhFtYQbup+v7IJGXtmpgxJ9mJQKNhNmZIH6GOIiAMxKmdgmMFH
8u2xcYJjwc4aPWrRmfCbdMiK6QqBc7M5eH75+zssg+bdtOcgENg4/3G9eNxOZK1R
0BF7YcaPAf2Qc5OQ5v9pfLJijS2HISPjgdSBgbGnk0zR7O9jl9D+hbmrjs39TvOX
m4bXAR0W4nSNRD4y3TdezgNUpoZdJ4ENEd5aUOb+42Jj+63muP3BdSl2e7MpsQVS
EuGUTym4Wr0QtygCjIQ=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension c7h8j641
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/6A76167B95A8FA3F
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/6A76167B95A8FA3F
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
L3fJFmpom6yINaXdTlj0jr1CP06DbQfsEyyS4KvrPMSmTJ/JKlKhzXREBMRjb1T4
qv36UY7Mj/g+FGt4jOplnQWxmR51VF4DWwp0Xc3qWJ58jyeZLHecQ/KZvU3D7J2U
4rvwXUBAG/cyN1zbfMIawAxewWRj6GO0xserMiSRIsFikYu1uooFjXHRlv0G6WxJ
fCaztlKHQvJOnegVM5hCXglfJzahPEnV+MsSl+5qLit/pVNt/8jOO3yopXe9zcuG
G24J1inJQcWMBIoSuh3VM2X2LdHTNGuBj7LEJfL1G+ZBYZK6QbUQilhZmQM5+aqa
8pMD1z420aWXEQAUCKFmSzD0Fo+AV2GxmHtpjsXQlSMXUFnZ5FWM6VjOFaFfk9Fh
MRUgGKSTzmPKLgndY/1z1vEqXV+4PftA3uE0tMAG3T3WGOnBj+P4eOjBvorjwtYz
7VWqCaqTPAUuWP17uzYgJ29YwXm6yD1H+FaozQiBIDd3h30mJj3YPc7VY4z3kWPI
WOOAUHLikM+l9yqgD3fz2xtgvkmLGJltYGK2xPmEojN7fNHVqTOz0MbwFZagpMzR
Mc6D0BDHXVSPHbTUtpKlSoHmw5YFgORTTiMu7cGFBQW64Ns849WuDs9HfbOf6MMZ
r18sWePUAvfEFpAeNA2xBsiqJlAcIQsJIIP0hvH3Ii9ZK/Xp6mD9/XtA/uIxAOoF
rDooXp5eycKnVRboinA4mZ7xRMfvbqQ71EUPp7TTjR15LP5r0ibnKA4zjczvAcGK
w1T/kUAvkj+CiZRmHobVpRYbB4RtwqFBtcrIS5qGmb8L3fmMoKgPe+7eDOFBOGhw
ZzhwR58N40VnwMWJoreDJ0CnFXtPOM3KpZx5lUnW118AusbwDBeNE7mYwS5WBLwz
1z+GhaYh4rtp0sjm/p/HaCgOzGg6r2DUfkwbuhOnrug4g9ar5LDBjLBdKe16XrlV
rD9/6QGlV4IQsN6kW08En/jLlt6zDoNfnTcad7hrj5IEhsrNxWjArESv8gyDQQ1n
k3OjE95KZMWPdgMuj1Yc1i4WwxT3fYcoow4/spm4v8XBaIFb8u5C3tKbdv2AUWGt
M8+YJyj9bslnmfn9IaFfjlFGy0Qwpe2s3Z+AI9uNwuGhsUMnGVHLhEoqKWdcrQo0
91E8tvK4LYIfEu3uxW67TOeSPqqBVw5wU4cQi1FGm7V27JSkpH+fC36IjeWg3XHp
b7gIi75RwBmY6mLLsJuKhivY2kAicgSfDy0tyUn32qxvkGRekhJI8uY1QOKeOkhC
TF/0SjvIU9tjZg==
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
