All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension {EXT}
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
sub
8317
svc
sophos
svc$
mepocs
veeam
backup
sql
memtas
vss
Extracted
Path
C:\Users\54mvm1-readme.txt
Ransom Note
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension 54mvm1
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/EFB63750FC8B4188
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/EFB63750FC8B4188
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
phVm0knx4Hv6a6vrfY2vFasov3rubSAuv/Cr8SKf0Swb89JYskV3ZKkP+HoHJvze
BTAckX4epikGU7qivv5qHdTSNhw19BfwTqr4wLTdhPLTCt1BcX03CE+LR00WXF9D
cRMrUJ1A/7Hzut6VYINaSkvFAf8jIwzzuA/17ojGYMWam/KmOY9cCm1EHH2ht4B3
gUDnFjjypsCdyhAAu3WSWvRev+0rVU87jLN75+rK9Bqw6WlZ4ndprvGExHG5IcC/
qGozVIeeqec3AE5/pBK9yqdIfD5+HkpPQX4L8BVoofvSXjb98YwD4JglAO0ZXKeR
dSgEHo360q+TdNggI3LCDoLnA0A2ElWhSH1Ldr1sTjNegGQfkgsAjmjfobba2BfW
ZEH65+EJghdlQLmVLGUzacn/5WsdVoAah8lX8vndpOaUayCiPIGYXpY9L9foTvuZ
utmuBFVFHjPjWRqzfdpwM7fQLcc6kEhGec5bx8LwN1EycKsj7plH3g0dSrERShY8
HLGLZqOSuOScMik6d5Kvc98QVizbS2DNqaYMaWSvyyzxVD5By3e/9oMeS+Yxnvz9
Uejqboaf89up75CLt1lc7xr7JOc70zd791yh7eaDJMwS+EvGBVvHSbpqXzN+PIxx
50N6Qd5N8FhY4yrSKJVsBeVP4hLZgg50jYqj+ExfWE87IGGTLEzT85v1rhldU5U0
Z1opZCjnL+iFSjx+r3JC59uNEHy21Rq368JCaIqaN68hW+eOjkSu36AfAAhKf2oF
k+2YCwkhUAZEv627LXiPlIvYG7b4uKAeQhD0DQtxMFp5NoGuVatEjUOx4GI0DkbX
wp8DI3vzFxdzaEDfGm8D9Rh0iwAbm00EBoyk/5Fy08SfbUFoJ1PM/pgvO8MGmAmr
qjSeYgvHYry/WbWtV9GoLWqB0uwwvlxuetu1TlVE5ayHTV8GWQD4bvseRqmsNXbM
nZ2jhJalt8hjr39q5v8FwVjf2OhkFf5V/x/ikW+YdCLmEC9kotDdZ33m8NsrwONE
AMeHeYhmrZMTAJT4O7YwytscEbuUzw2/nO6wIH0CGZcegp0eGsu9R4hU5nCoFXYL
pYyCPW6lG4pv5JvUwer4nTUr40UG8bMEyk/PoW7y1l34BNALP3z7vCOjTPYFfZpr
6lZMa9ewCwegESIuUKnWLnDavJQG2NvCWsYiEY9XSO//rEDqv0JqdNEhy0K/F8Pf
pEYI2MEyHBd10MUTr4fzZ46K0a1LIpJDQ7K4VrjXSieyjSuOO2I2zINFiOQl8Jtd
GOuGxnUosClY2eNZT1YJ/tbbuaumenVndUQA3tyYIYgfB9yfgJ78Y4o2dwbvB4Ol
oAGzHO1d/iNcaJ8+nu7Mx6v3wDSSMw==
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
---=== Welcome. Again. ===---
We strongly encourage You to pay your attention to this message and read it to the end.
All Your files are encrypted, and currently unavailable, now all files on your system has extension qbmos
Before that, all of your most important personal and business
files were backed up to our secure offline storage.
We took them for temporary storage - but we don't need your
files and we are not personally interested in your business.
Our encryption algorithm is the most technically difficult and max resistant to burglary.
Only OUR specialists can decrypted your files without loss(!)
Any attempts to decrypt files on your own lead to damage them beyond repair(!)
Best way to you will be consent to negotiations and mutual agreement between us.
To connect us you need to download TOR browser and follow the link to begin
negotiations.(You can find full instructions below.)
We are waiting You and ready to listen all
your offers and discuss them.
If You will ignore this letter - we will have to sell
closed auction all yours private files, photoes, business correspondence,
documents and business files + with our analysis of your work
activity (weakness of your business, financial violations and the opportunity
to profit from this information). It will offset our financial losses.
Or we'll just put all your files in the public domain, where everyone can download
and use them as they wish.
* For TOR Browser
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
We are known as "Sodinokibi (REvil) Ransomware". For example, this article:
https://www.coveware.com/blog/2019/7/15/ransomware-amounts-rise-3x-in-q2-as-ryuk-amp-sodinokibi-spread
You have a guarantee that your files will be returned 100 %.
And remember, this is only business, nothing personal..
We have a concept of business honor, and we can promise something if we come to a mutual agreement:
1. We guarantee to decrypt all your files in the shortest possible time
2. We will delete all your files and forget about your company.
3. We will show your weaknesses in your networks.
.-= INSTRUCTIONS TO CONNECT =-.
How to get access on website?
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/3DEA987E905BF3C7
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/3DEA987E905BF3C7
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
yt/VBIYZaTzo5x/GLAAQdExMYh3JIAisjMTdI0PnxToV0DCZ+TGvujoSC0OFbrHR
88rEzUEPy1yuoPBrRx+UeK3T+XgRR7SVfWm0fnzdCEd0z2ZRvhH2lgIOE+H8e/ND
J355poKTHTpTmFaQcb1V4Y9zk/OnormZ7Wc1zzarI5aiaUoqRF4mMOqdcYAfO23D
J+8ABCWLUgamXja7Q/QNvs+oZPu5YPfAeONbH1t46h+INu/nvZII9Ez24NZ0kL7h
KtfkYlEhdkUJ9ZD+F32wzsSjOsRt5m2ErWmH9MncgEeWiDOtFP9GcRQqpADT5byw
wi9lRBKV2TxPRQiINcLpggBq05Tdx4+rWiwWYlT9SaboczWsTnjPVlDfhHzR9NuJ
8skbMoMLgmMTEZ2Mx8S5jcnxwGoSWX+C95QZhFqoJL44IZA64LM8nwHwh07QKirX
07mVS6wYcW+pWciuVYSQunXS66RnItZBkaFq/5nHM41wU87FJ+rTNCNA8DZyIkLs
tlu9a9sbGfse1/nlNUrJmoj5qmvFXd4kVrxKkwszGIuzKIXjZuAL6FVDM6r3nE7H
0N6hPIhUWoJ2uJjI9Zue0OH2WJ2RQC0QQeXYke1atm4dDZorJFQZ9plcEmHZQMAN
V+skQTBKAOhJ6/56FJzew3xEGohjG4L/yqP7+AUteDHJPOrrd/gWjDLmxJ4/XW+y
ZtOcHIvPGtPyskaMDrXuafRVbw3QAYjWOMIigzk4HDOUUJxjthBL8xdsoyMrfH1+
MSTtdA/mgu9qy0V2r7U7blFv7yxE+Qg80o6oGwjjydPcNWqV1Ar6GEgFyC3Y/Q43
6yrW1/ShgbhA7MfJAIv/Tdkf8tZhN/hvtptYbtTeNckLJ1QfuOI7ARZGYZ+bbuZO
GOorJNsSl0Whpr8UzOAaqNTG0sRiRSH5yHqitWQtu9gpUksfTZ4D3MAME6Uf/8IZ
z5qtTHtSkNz2fneW7+Ku6KaUiP2D7LcPGm7DIHJXaqMz4n8AfucqpyQnf3PQIVKI
AdzWNoxSylYM0fUIyOHPWXxLBbwa2QwUvxtQFdK/+C7S/2MH6TcE95tSdwf9m/7I
6eMzYgIGGJLfnzyoNNUhMAY4YHE1kEdq5aHMQTYxGVH7f0tFwpMHNihffs+Kcdnc
e746UoD9OIo1ecyblVwTZTJPs8vSXmKdNVQNvWLAUjrVN4jRpU1COIPi3G+rGT8a
1wiePIpzMY5R0V0To+F4Htk5sz2K3hEnp64qsUyNNUK88r2a0epK7u9WSEHdgEZG
2U5iBseygRSWqmwTPwFhDliiAY4gN8PX2GK9VqXhaGDLyK9uWXbhcHju9SsBn0bx
MJB2wbJu38Qmn+unxS9HN5ehExLzq+RrgDs=
----------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself,
DONT use any third party software for restoring your data or antivirus solutions -
its may entail damge of the private key and, as result, The Loss all your data!
