agenda | 27f7a332ba10bae9dbc527ea25c787cb1850f0b34295cd49118f040f08f4fe56

General

Target

forigpatch.exe
Size

3.9MB
Sample

231121-dmsh6scd9t
MD5

bf45eb9cb4aefcff77e9db878f9c5fb1
SHA1

8e7a95e87cb40c10d019e695bea1ee3612cef247
SHA256

27f7a332ba10bae9dbc527ea25c787cb1850f0b34295cd49118f040f08f4fe56
SHA512

bb0a154ba120c64693f874ed2d670bf1c230bbd2229d2aa461fbbae12756c3d52f7e3825665b68c97067cbe384d8c5728543c941643d5b3908579ff8f2e7feda
SSDEEP

49152:r4XomcoDCd9Vv8+n6/7aWBRogspm541YzoI1DK+GCzJ573cj/ja8Rhe901MxZOp8:rAodd9VE+n6/73BegsSOI1DKFCvLib7

Score

10^/10

agenda ransomware

Family

agenda

Attributes

company_id
QTduEqZI6Q
note
-- Qilin Your network/system was encrypted. Encrypted files have new extension. -- Compromising and sensitive data We have downloaded compromising and sensitive data from you system/network If you refuse to communicate with us and we do not come to an agreement, your data will be published. Data includes: - Employees personal data, CVs, DL , SSN. - Complete network map including credentials for local and remote services. - Financial information including clients data, bills, budgets, annual reports, bank statements. - Complete datagrams/schemas/drawings for manufacturing in solidworks format - And more... -- Warning 1) If you modify files - our decrypt software won't able to recover data 2) If you use third party software - you can damage/modify files (see item 1) 3) You need cipher key / our decrypt software to restore you files. 4) The police or authorities will not be able to help you get the cipher key. We encourage you to consider your decisions. -- Recovery 1) Download tor browser: https://www.torproject.org/download/ 2) Go to domain 3) Enter credentials-- Credentials Extension: QTduEqZI6Q Domain: p3q5g2qsq4tglsbyhlghzutwr75uyz47ozasrserev7kann5h7qedxid.onion login: BYxo9FGIiH58sNWWzh967d5fQexHPomf password:

rsa_pubkey.plain