All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
Also we downloaded whole file server and make Sage backup, that means leak includes:
-Detailed engineering diagrams;
-Finance reports (Payrolls, incomes, budget and so on);
-NDA with customers and subcontractors;
-Employee information;
-Other things;
In case of your silence we will publish it in our "Happy blog"
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
8249
svc
sql
memtas
backup
svc$
veeam
sophos
vss
mepocs
Extracted
Path
C:\Recovery\939p4pjc-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 939p4pjc.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
Also we downloaded whole file server and make Sage backup, that means leak includes:
-Detailed engineering diagrams;
-Finance reports (Payrolls, incomes, budget and so on);
-NDA with customers and subcontractors;
-Employee information;
-Other things;
In case of your silence we will publish it in our "Happy blog"
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/41205AACA49B26FF
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/41205AACA49B26FF
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
O02CegGAbdOsK8NthHwzSTQN+yh56dn1E0FmFJc9m3TiWyyUb3G+OAM0vGN332R/
pdF/hkQG6ClYC7iVKb4lBhcBGV7B7zSzShh7Xb6L8G+5p4Mrsl1cXgOwr0dri41t
q45afFEJtfuLw0fKTe4etS20UJBX7ZhDOLEddpwN+O3yOiQoM7Qd0WFCrAFQLccR
tcVCdtV4gmNaBFm6hv6UQV3WPkp47CSb+MdPc565SOGROAwxIEnytWO6kHGPhccw
oLYvhxR40DbzMHOHDfYJHj+WxEC9rV20j9TKBmHDwYQypxKa8AFX1Sj2TPQi/3xr
z1BGoETMUgLqL6Kwjc/XEmxodJ16D5+u0dJG2ZRIuP9ShNyB1cawNP/q4ls8omF/
JzDUpPurdi51wtn+p/Wgn5VS4GT8znRzFnet/4fI5Orc8TDXipHvZYibqlNrYWl4
+uySdYy0349M0d+dHKHJgY7v8XRuPfAPMMUtfSbM9ZukLtRHD9wnxbSpha0floNh
auTFsyOTsawMgaFXgZK8TzXyCrijB8BCnSVwlAvLO/m3hNmG4EftE92LU7ZnBjiA
zRZTLjm7dCrpE1lDdPCTFSNpaTy7dlZIowupSDGAhQF7udtpNLY5KYTzEvy4B0WT
Td5zwSNzfPCfFPNSvJxxou4B+NOoe1wMpvTnZwOWXougFpKDvH9T1mT9xYJCxjLo
pyaJPoBrQCpcQ9Ttt54W61rUcwKxJA6Vcwqqt7iv3aaMNQM3AnS6HP8eFJ3CbPUD
D3aJT+LrX20RrY3KfMdxarTXt66o0503lcqv0lxL592y/bJbXPYWqyHaAiPTss4l
KXAWEOmH0dqBZ3bqNSLH9Ky37oakMq3taTCjMQ2gPZzDub2SQbXq1B/RmvFUVWNI
LYS33zpgdX5aY2kM/hMCCxCD4OCsHksUkLC3gpM/NlrecMobFT/+T9bRrHG1JZdM
UX267hOgqmm5HXuL8XpNoNMGTVoWcq1L/UpdNxBuL8hQbGjaDYRrVZkzWbrumZeq
9Hook72s8hTy3CHCu1zuPHUI2IeYk87TmwYNZNqIvNSUpcUqr9/2QF612fzmkv2E
BEMmiHgKHOnCx8pz2gEGdxa+X2aJwjVJss8YLBZYJ5jvdcLuMX5z7DBMcYIhHREy
7I80mtVVPiNWsM2cpUTo5ZVc0vAABeeKd0StEjaJDRn1QW8oRvLXmLz2YoUfFTeD
MwF8b7nKPQcuS2iqXzPMJNBqUCnBo5KUzmlanbiB/g5L/R5fsmb8KWT5ftAojpPH
BWo6vYqNXokMH+hLpj0p6o5WIV0QuiwlQiQXy/g+n6q4CP9CT2h4sFAxEHI9tpWn
dYk3MBIF6D6S4XhDVg8HWHXZrLQewZpLsAKi05plyNQ=
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
