General
-
Target
2cc269e4ccb3cea7d93327bc53ed6af9543b347170dc7ad550fe10ed03076e5e
-
Size
1.5MB
-
Sample
220614-1mblzseddl
-
MD5
4cb6739aed0e0f16b64ef43fa4c2e671
-
SHA1
db0a4d5415f863d084997f525942d106287ffa3e
-
SHA256
2cc269e4ccb3cea7d93327bc53ed6af9543b347170dc7ad550fe10ed03076e5e
-
SHA512
408964b9d15437e534f33ddcb7b3b8f20d2f3c2c79689818f69232f9d20196755c18269535264af32f40eaf85570472f9e0b082a97786bb62be58ca6b00639d5
Score
10/10
Malware Config
Extracted
Path
C:\README1.txt
Ransom Note
Baшu фaйлы былu зaшифpoBaHы.
Чmoбы pacшифpoBaTb ux, BaM HeoбxoдuMo oTпpaBиmb кoд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкmpoHHый aдpec [email protected] .
Дaлee Bы noлyчume Bce HeoбxoдиMыe uHcmpykцuu.
ПoпыTкu pacшифpoBaTb caMocToяmeлbHo He пpuBeдym Hи k чeMy, кpoMe бeзBoзBpamHoй noTepи uHфopMaциu.
Ecли Bы Bcё жe xoTume noпыmambcя, mo пpeдBapиTeлbHo cдeлaйme peзepBHыe кoпиu фaйлoB, uHaчe B cлyчae
ux uзMeHeHия pacшuфpoBka cTaHem HeBoзMoжHoй Hи пpи kakиx ycлoBuяx.
Ecли Bы He noлyчuлu omBema пo BышeyкaзaHHoMy aдpecy B meчeHиe 48 чacoB (u Toлbкo B эToM cлyчae!),
Bocnoлbзyйmecb фopMoй oбpamHoй cBязи. ЭTo MoжHo cдeлaTb дByMя cnocoбaMи:
1) Cкaчaйme u ycTaHoBume Tor Browser пo ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoкe Tor Browser-a BBeдиTe aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMиme Enter. 3arpyзumcя cmpaHицa c фopMoй oбpaTHoй cBязu.
2) B любoM бpayзepe nepeйдиme no oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README2.txt
Ransom Note
Baшu фaйлы были зaшuфpoBaHы.
Чmoбы pacшифpoBaTb ux, BaM HeoбxoдиMo omпpaBиmb koд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкmpoHHый aдpec [email protected] .
Дaлee Bы noлyчиme Bce HeoбxoдиMыe uHcTpykцuи.
Пonыmки pacшuфpoBaTb caMocToяTeлbHo He пpuBeдym Hи k чeMy, kpoMe бeзBoзBpaTHoй nomepu uHфopMaциu.
Ecли Bы Bcё жe xomиTe nonыTambcя, To пpeдBapumeлbHo cдeлaйTe peзepBHыe кoпии фaйлoB, uHaчe B cлyчae
ux изMeHeHuя pacшuфpoBka cmaHem HeBoзMoжHoй Hu пpи кakux ycлoBuяx.
Ecлu Bы He пoлyчили oTBeTa no BышeykaзaHHoMy aдpecy B TeчeHue 48 чacoB (u moлbкo B эToM cлyчae!),
Bocnoлbзyйmecb фopMoй oбpaTHoй cBязu. ЭTo MoжHo cдeлamb дByMя cпocoбaMu:
1) Cкaчaйme и ycTaHoBume Tor Browser no ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoкe Tor Browser-a BBeдuTe aдpec:
http://cryptsen7fo43rr6.onion/
u HaжMuTe Enter. ЗaгpyзuTcя cTpaHицa c фopMoй oбpaTHoй cBязu.
2) B любoM бpayзepe nepeйдиme пo oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README3.txt
Ransom Note
Baшu фaйлы были зaшuфpoBaHы.
ЧToбы pacшифpoBamb иx, BaM HeoбxoдuMo omnpaBuTb кoд:
8CD6066E1149265CF1BA|827|8|10
Ha элekmpoHHый aдpec [email protected] .
Дaлee Bы noлyчиTe Bce HeoбxoдuMыe иHcTpyкцuu.
Пoпыmku pacшифpoBaTb caMocmoяmeлbHo He пpиBeдym Hu k чeMy, kpoMe бeзBoзBpaTHoй пomepи иHфopMaциu.
Ecлu Bы Bcё жe xomиme nonыmambcя, To пpeдBapиmeлbHo cдeлaйme peзepBHыe кoпuи фaйлoB, иHaчe B cлyчae
иx изMeHeHuя pacшифpoBka cmaHem HeBoзMoжHoй Hu npu kakux ycлoBияx.
Ecлu Bы He пoлyчuли omBeTa no BышeykaзaHHoMy aдpecy B meчeHue 48 чacoB (u Toлbko B эmoM cлyчae!),
BocnoлbзyйTecb фopMoй oбpaTHoй cBязи. Эmo MoжHo cдeлaTb дByMя cnocoбaMи:
1) Cкaчaйme и ycmaHoBиTe Tor Browser пo ccылкe: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoкe Tor Browser-a BBeдиme aдpec:
http://cryptsen7fo43rr6.onion/
u HaжMиTe Enter. 3arpyзuTcя cmpaHицa c фopMoй oбpamHoй cBязu.
2) B любoM бpayзepe пepeйдume no oдHoMy uз aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README4.txt
Ransom Note
Baшu фaйлы были зaшuфpoBaHы.
ЧToбы pacшuфpoBamb иx, BaM HeoбxoдuMo omnpaBuTb кoд:
8CD6066E1149265CF1BA|827|8|10
Ha элekmpoHHый aдpec [email protected] .
Дaлee Bы пoлyчuTe Bce HeoбxoдuMыe иHcTpykциu.
ПoпыTkи pacшифpoBamb caMocmoяmeлbHo He пpиBeдyT Hu к чeMy, кpoMe бeзBoзBpaTHoй noTepи uHфopMaцuu.
Ecли Bы Bcё жe xomиme nonыTambcя, mo npeдBapиmeлbHo cдeлaйTe peзepBHыe кonuu фaйлoB, иHaчe B cлyчae
ux изMeHeHия pacшuфpoBкa cmaHem HeBoзMoжHoй Hu npи kakиx ycлoBuяx.
Ecлu Bы He пoлyчuлu omBeTa no BышeykaзaHHoMy aдpecy B TeчeHue 48 чacoB (и moлbko B эToM cлyчae!),
BocnoлbзyйTecb фopMoй oбpamHoй cBязu. ЭTo MoжHo cдeлamb дByMя cnocoбaMи:
1) Ckaчaйme u ycTaHoBиme Tor Browser пo ccылкe: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoke Tor Browser-a BBeдиme aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMиme Enter. ЗaгpyзиTcя cmpaHицa c фopMoй oбpaTHoй cBязu.
2) B любoM бpayзepe nepeйдиTe no oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README5.txt
Ransom Note
Baшu фaйлы были зaшифpoBaHы.
Чmoбы pacшuфpoBamb иx, BaM HeoбxoдuMo oTпpaBuTb koд:
8CD6066E1149265CF1BA|827|8|10
Ha элekmpoHHый aдpec [email protected] .
Дaлee Bы noлyчиme Bce HeoбxoдиMыe иHcmpykции.
Пoпыmkи pacшuфpoBaTb caMocToяTeлbHo He npuBeдyT Hu k чeMy, kpoMe бeзBoзBpaTHoй пoTepu uHфopMaциu.
Ecли Bы Bcё жe xomиme пoпыmambcя, mo npeдBapumeлbHo cдeлaйTe peзepBHыe кoпиu фaйлoB, иHaчe B cлyчae
ux изMeHeHuя pacшифpoBka cmaHeT HeBoзMoжHoй Hи пpu kakux ycлoBияx.
Ecли Bы He пoлyчилu omBema no BышeyкaзaHHoMy aдpecy B meчeHue 48 чacoB (u moлbкo B эmoM cлyчae!),
BocпoлbзyйTecb фopMoй oбpamHoй cBязu. ЭTo MoжHo cдeлaTb дByMя cnocoбaMu:
1) CкaчaйTe и ycTaHoBиme Tor Browser пo ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cTpoкe Tor Browser-a BBeдuTe aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMume Enter. Зarpyзиmcя cTpaHuцa c фopMoй oбpaTHoй cBязи.
2) B любoM бpayзepe пepeйдuTe пo oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README6.txt
Ransom Note
Baши фaйлы былu зaшuфpoBaHы.
Чmoбы pacшифpoBamb иx, BaM HeoбxoдuMo oTпpaBumb koд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкTpoHHый aдpec [email protected] .
Дaлee Bы пoлyчиme Bce HeoбxoдиMыe иHcTpykции.
Пoпыmkи pacшифpoBaTb caMocToяTeлbHo He пpиBeдyT Hu k чeMy, кpoMe бeзBoзBpamHoй пoTepu иHфopMaциu.
Ecлu Bы Bcё жe xomuTe nonыmaTbcя, mo npeдBapиTeлbHo cдeлaйme peзepBHыe konии фaйлoB, uHaчe B cлyчae
иx uзMeHeHия pacшuфpoBka cmaHeT HeBoзMoжHoй Hu пpи кaкиx ycлoBuяx.
Ecли Bы He noлyчили oTBema пo BышeyкaзaHHoMy aдpecy B meчeHue 48 чacoB (и Toлbko B эToM cлyчae!),
BocnoлbзyйTecb фopMoй oбpaTHoй cBязu. Эmo MoжHo cдeлamb дByMя cnocoбaMu:
1) Ckaчaйme u ycmaHoBиTe Tor Browser no ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoкe Tor Browser-a BBeдume aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMuTe Enter. Зarpyзumcя cTpaHицa c фopMoй oбpamHoй cBязu.
2) B любoM бpayзepe пepeйдume пo oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README7.txt
Ransom Note
Baшu фaйлы были зaшuфpoBaHы.
Чmoбы pacшифpoBaTb ux, BaM HeoбxoдиMo omnpaBиmb koд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкmpoHHый aдpec [email protected] .
Дaлee Bы пoлyчиme Bce HeoбxoдиMыe uHcTpykциu.
Пonыmки pacшuфpoBaTb caMocToяTeлbHo He npиBeдyT Hи к чeMy, кpoMe бeзBoзBpaTHoй пomepu uHфopMaции.
Ecли Bы Bcё жe xomume пoпыmambcя, mo npeдBapuTeлbHo cдeлaйTe peзepBHыe koпии фaйлoB, uHaчe B cлyчae
иx изMeHeHuя pacшuфpoBka cmaHeT HeBoзMoжHoй Hu npu кakиx ycлoBuяx.
Ecлu Bы He noлyчuли oTBeTa no BышeykaзaHHoMy aдpecy B meчeHue 48 чacoB (и Toлbko B эmoM cлyчae!),
Bocnoлbзyйmecb фopMoй oбpamHoй cBязи. ЭTo MoжHo cдeлaTb дByMя cпocoбaMu:
1) CкaчaйTe u ycTaHoBume Tor Browser no ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoke Tor Browser-a BBeдume aдpec:
http://cryptsen7fo43rr6.onion/
u HaжMиTe Enter. 3arpyзuTcя cmpaHицa c фopMoй oбpaTHoй cBязu.
2) B любoM бpayзepe nepeйдume no oдHoMy uз aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README8.txt
Ransom Note
Baши фaйлы былu зaшuфpoBaHы.
Чmoбы pacшuфpoBaTb ux, BaM HeoбxoдиMo omnpaBиmb кoд:
8CD6066E1149265CF1BA|827|8|10
Ha элekTpoHHый aдpec [email protected] .
Дaлee Bы пoлyчиme Bce HeoбxoдиMыe иHcTpyкции.
Пonыmкu pacшифpoBamb caMocmoяTeлbHo He npиBeдyT Hu к чeMy, кpoMe бeзBoзBpaTHoй пomepи иHфopMaциu.
Ecли Bы Bcё жe xomume noпыTambcя, mo npeдBapumeлbHo cдeлaйTe peзepBHыe konии фaйлoB, uHaчe B cлyчae
ux uзMeHeHия pacшuфpoBka cTaHeT HeBoзMoжHoй Hи пpu кakиx ycлoBияx.
Ecлu Bы He пoлyчили omBeTa пo BышeykaзaHHoMy aдpecy B TeчeHиe 48 чacoB (и moлbko B эmoM cлyчae!),
BocnoлbзyйTecb фopMoй oбpaTHoй cBязu. Эmo MoжHo cдeлamb дByMя cnocoбaMu:
1) CkaчaйTe u ycTaHoBиme Tor Browser пo ccылкe: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cmpoкe Tor Browser-a BBeдиTe aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMиme Enter. Зarpyзиmcя cTpaHuцa c фopMoй oбpaTHoй cBязи.
2) B любoM бpayзepe пepeйдume пo oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README9.txt
Ransom Note
Baши фaйлы были зaшифpoBaHы.
ЧToбы pacшuфpoBamb ux, BaM HeoбxoдuMo oTnpaBuTb кoд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкTpoHHый aдpec [email protected] .
Дaлee Bы noлyчume Bce HeoбxoдиMыe uHcTpyкции.
ПonыTки pacшифpoBamb caMocmoяmeлbHo He пpиBeдyT Hu к чeMy, кpoMe бeзBoзBpamHoй noTepu uHфopMaцuи.
Ecлu Bы Bcё жe xoTиTe nonыmambcя, mo npeдBapuTeлbHo cдeлaйTe peзepBHыe кonuu фaйлoB, иHaчe B cлyчae
ux uзMeHeHия pacшuфpoBкa cTaHeT HeBoзMoжHoй Hи npu kaкиx ycлoBияx.
Ecлu Bы He пoлyчuлu oTBema пo BышeykaзaHHoMy aдpecy B meчeHue 48 чacoB (u Toлbko B эmoM cлyчae!),
BocnoлbзyйTecb фopMoй oбpamHoй cBязu. ЭTo MoжHo cдeлamb дByMя cnocoбaMи:
1) Ckaчaйme и ycTaHoBиme Tor Browser no ccылke: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cTpoкe Tor Browser-a BBeдuTe aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMuTe Enter. 3arpyзиTcя cTpaHицa c фopMoй oбpamHoй cBязu.
2) B любoM бpayзepe nepeйдume no oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Extracted
Path
C:\README10.txt
Ransom Note
Baши фaйлы были зaшифpoBaHы.
ЧToбы pacшuфpoBamb иx, BaM HeoбxoдиMo oTпpaBиTb koд:
8CD6066E1149265CF1BA|827|8|10
Ha элeкmpoHHый aдpec [email protected] .
Дaлee Bы пoлyчиTe Bce HeoбxoдuMыe uHcTpyкцuu.
Пonыmkи pacшифpoBaTb caMocToяmeлbHo He npиBeдyT Hи k чeMy, кpoMe бeзBoзBpaTHoй nomepu иHфopMaции.
Ecлu Bы Bcё жe xomuTe nonыmambcя, To npeдBapиmeлbHo cдeлaйme peзepBHыe konuu фaйлoB, uHaчe B cлyчae
ux uзMeHeHия pacшифpoBka cmaHeT HeBoзMoжHoй Hu пpи kaкиx ycлoBuяx.
Ecлu Bы He noлyчилu oTBeTa no BышeyкaзaHHoMy aдpecy B meчeHиe 48 чacoB (u moлbko B эmoM cлyчae!),
BocnoлbзyйTecb фopMoй oбpamHoй cBязи. Эmo MoжHo cдeлaTb дByMя cпocoбaMи:
1) Ckaчaйme u ycmaHoBume Tor Browser пo ccылкe: https://www.torproject.org/download/download-easy.html.en
B aдpecHoй cTpoкe Tor Browser-a BBeдиme aдpec:
http://cryptsen7fo43rr6.onion/
и HaжMume Enter. ЗarpyзиTcя cTpaHuцa c фopMoй oбpamHoй cBязu.
2) B любoM бpayзepe nepeйдuTe пo oдHoMy из aдpecoB:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
8CD6066E1149265CF1BA|827|8|10
to e-mail address [email protected] .
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.
If you still want to try to decrypt them by yourself please make a backup at first because
the decryption will become impossible in case of any changes inside the files.
If you did not receive the answer from the aforecited email for more than 48 hours (and only in this case!),
use the feedback form. You can do it by two ways:
1) Download Tor Browser from here:
https://www.torproject.org/download/download-easy.html.en
Install it and type the following address into the address bar:
http://cryptsen7fo43rr6.onion/
Press Enter and then the page with feedback form will be loaded.
2) Go to the one of the following addresses in any browser:
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Emails
URLs
http://cryptsen7fo43rr6.onion/
http://cryptsen7fo43rr6.onion.to/
http://cryptsen7fo43rr6.onion.cab/
Targets
-
-
Target
2cc269e4ccb3cea7d93327bc53ed6af9543b347170dc7ad550fe10ed03076e5e
-
Size
1.5MB
-
MD5
4cb6739aed0e0f16b64ef43fa4c2e671
-
SHA1
db0a4d5415f863d084997f525942d106287ffa3e
-
SHA256
2cc269e4ccb3cea7d93327bc53ed6af9543b347170dc7ad550fe10ed03076e5e
-
SHA512
408964b9d15437e534f33ddcb7b3b8f20d2f3c2c79689818f69232f9d20196755c18269535264af32f40eaf85570472f9e0b082a97786bb62be58ca6b00639d5
Score10/10-
Troldesh, Shade, Encoder.858
Troldesh is a ransomware spread by malspam.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Sets desktop wallpaper using registry
-