<html> <style type="text/css"> body { background-color: #f5f5f5; } h1, h3{ text-align: center; text-transform: uppercase; font-weight: normal; } /*---*/ .tabs1{ display: block; margin: auto; } .tabs1 .head{ text-align: center; float: top; padding: 0px; text-transform: uppercase; font-weight: normal; display: block; background: #81bef7; color: #DF0101; font-size: 30px; } .tabs1 .identi { font-size: 10px; text-align: center; float: top; padding: 15px; display: block; background: #81bef7; color: #DFDFDF; } .tabs .content { background: #f5f5f5; /*text-align: center;*/ color: #000000; padding: 25px 15px; font-size: 15px; font-weight: 400; line-height: 20px; } .tabs .content a { color: #df0130; font-size: 23px; font-style: italic; text-decoration: none; line-height: 35px; } .tabs .content .text{ padding: 25px; line-height: 1.2; } </style> <body> <div class="tabs1"> <div class="head" ><b>Your personal ID:</b></div> <div class="identi"> <span style="width:1000px; color: #ffffff; font-size: 10px;">6A435D92C2D385B47FE0504265AFA6731EB54D3C157D59D2694401B2E7DAE5ED34B476BE47C648585E7297ED917D23D5FA31EBBD2EF07914E69899AE22EFDCE5<br>9AF2AAB0CE6D2DD959821DF520BE84265D5A19950F12C1A1B900E1DE5698BDFB79442077960868EAF594F0FCDF2BC79325CA8C4EAD1218A3D687C9DEBA48<br>5882903A03AEA68710CD5AE5067571BB3174C50AB8F890B97AAB4A49A063D3B3190D866D38E6106EB6A3FECA3BA588D0EF3031AC4D51A9EDE4CA4DC99B89<br>5C982BD275F44DD4BF507E9D68F2E61743F41683F0CD920223BF07BF201B9D1C838630C7CCF7CABF439DDB49CD414284D85CF3B2FA3C0EBA0904BDE550AC<br>AE5875A38E1D6E6D40836B37BB41E03576C041E89E46EC4E6B8A6DAB7B4953C94C82763D27B93DC3C8857E03E0F8E5ECC5C8AEE769301585E53E0530B5DA<br>E1AD3766D787E597A0B92A0D12FF72066BB1A8317D9680CB11D4CB2BC52AB94D90341FB6597D06E46389CF4EB2767043AA89C184A893573396564ACBAF35<br>38073496CD7FA73770E4700F19D7D1E330754724EB2B3D3E182DB63AF7274105B8F7F352940C61DBE7CBDD1BE0019BD70A19635F46DA8F5A2A3A25E27F08<br>2A83774EBF0B1305284FE2C3D1250EE8F505A1C41F03A1660E4D407FB187E87F6AF517CE954F30B744ECD71C092250BB652A0C2C5C91742D84FA6ABFA154<br>BFDCD374AEE20E15ABE41E24C92F</span> <br> <!-- !!! dont changing this !!! --> </div> </div> <!-- --> <div class="tabs"> <!--tab--> <div class="tab"> <div id="tab-content1" class="content"> <div class="text"> <!--text data --> <b>/!\ YOUR COMPANY NETWORK HAS BEEN PENETRATED /!\</b><br> <b>All your important files have been encrypted!</b><br><br> <hr> Your files are safe! Only modified. (RSA+AES)<br><br> ANY ATTEMPT TO RESTORE YOUR FILES WITH THIRD-PARTY SOFTWARE<br> WILL PERMANENTLY CORRUPT IT.<br> DO NOT MODIFY ENCRYPTED FILES.<br> DO NOT RENAME ENCRYPTED FILES.<br><br> No software available on internet can help you. We are the only ones able to<br> solve your problem.<br><br> We gathered highly confidential/personal data. These data are currently stored on<br> a private server. This server will be immediately destroyed after your payment.<br> If you decide to not pay, we will release your data to public or re-seller.<br> So you can expect your data to be publicly available in the near future..<br><br> We only seek money and our goal is not to damage your reputation or prevent<br> your business from running.<br><br> You will can send us 2-3 non-important files and we will decrypt it for free<br> to prove we are able to give your files back.<br><br> <!--text data --> <hr> <b>Contact us for price and get decryption software.</b><br><br> <a>qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion</a><br> * Note that this server is available via Tor browser only<br><br> Follow the instructions to open the link:<br> 1. Type the addres "https://www.torproject.org" in your Internet browser. It opens the Tor site.<br> 2. Press "Download Tor", then press "Download Tor Browser Bundle", install and run it.<br> 3. Now you have Tor browser. In the Tor Browser open <a>qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion<br> </a> 4. Start a chat and follow the further instructions. <br> <hr> <b>If you can not use the above link, use the email:</b><br> <a href="[email protected] ">[email protected] </a> <br> <a href="[email protected] ">[email protected] </a> <br> <p>* To contact us, create a new free email account on the site: <a href="https://protonmail.com">protonmail.com <br> <b> IF YOU DON'T CONTACT US WITHIN 72 HOURS, PRICE WILL BE HIGHER.</b><br> </div> </div> </div> <!--tab--> <!--text data --> </div> </div> <!--tab--> </div> </div> </body> </html>

Your data is downloaded and encrypted. To restore the files and prevent it leaked on onion website, you need to pay some money for it. Send email to [email protected] with subject of the encrypted file extension. What guarantees that we will not deceive you? We are not a politically motivated group and we do not need anything other than your money. If you pay, we will provide you the programs for decryption and we will delete your data. Life is too short to be sad. Be not sad, money, it is only paper. If we do not give you decrypters, or we do not delete your data after payment, then nobody will pay us in the future. Therefore to us our reputation is very important. We attack the companies worldwide and there is no dissatisfied victim after payment. Warning! Do not DELETE or MODIFY any files, it can lead to recovery problems! Warning! If you do not pay the ransom we will attack your company repeatedly again. We will delete the decryptor after 48 hours if you don't send email to us.