All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
=========Attention!!!=========
Also your private data was downloaded. We will publish it in case you will not get in touch with us asap.
==============================
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
7114
svc
Telemetryserver
"Sophos AutoUpdate Service"
sophos
Altaro.Agent.exe
mysqld
MSSQL$MSGPMR
"SophosFIM"
"Sophos Web Control Service"
SQLWriter
svcGenericHost
AltiBack
"SQLServer Analysis Services (MSSQLSERVER)"
BackupExecAgentAccelerator
"StorageCraft ImageReady"
SQLTELEMETRY
AzureADConnectAuthenticationAgent
ntrtscan
ds_notifier
TeamViewer
"StorageCraft Raw Agent"
"StorageCraft Shadow Copy Provider"
SQLTELEMETRY$SQLEXPRESS
VeeamHvIntegrationSvc
AltiCTProxy
MsDtsServer130
ViprePPLSvc
McAfeeFramework
MSSQL$QM
"swi_service"
"ThreadLocker"
ofcservice
AUService
sophossps
AzureADConnectHealthSyncMonitor
Altaro.OffsiteServer.UI.Service.exe
"SAVAdminService"
ds_monitor
ALTIVRM
SSASTELEMETRY
TmCCSF
MsDtsServer110
"Sophos MCS Client"
TMBMServer
SBAMSvc
mfewc
"Sophos System Protection Service"
MSSQLFDLauncher$TESTBACKUP02DEV
VeeamDeploymentService
masvc
backup
MSSQL$SQLEXPRESS
AltiPhoneServ
MSSQLServerOLAPService
SSISTELEMETRY130
VeeamEndpointBackupSvc
mepocs
Altaro.UI.Service.exe
"ds_agent"
HuntressUpdater
MSSQLFDLauncher
"Sophos File Scanner Service"
SQLAgent$MSGPMR
ADSync
KaseyaAgent
ReportServer
MSSQLFDLauncher$SQLEXPRESS
MSSQL$HPWJA
KaseyaAgentEndpoint
VeeamTransportSvc
"ds_monitor"
mfevtp
MSSQLTESTBACKUP02DEV
SQLTELEMETRY$MSGPMR
ThreadLocker
MSSQLServerADHelper100
veeam
tmlisten
AzureADConnectHealthSyncInsights
"swi_filter"
MsDtsServer120
ProtectedStorage
VeeamDeploySvc
memtas
ds_agent
VeeamMountSvc
HuntressAgent
SQLAgent$SQLEXPRESS
bedbg
MSSQLSERVER
"ofcservice"
VipreAAPSvc
"Sophos Endpoint Defense Service"
KACHIPS906995744173948
DsSvc
MSSQLLaunchpad$SQLEXPRESS
msseces
macmnsvc
LTService
Code42Service
Altaro.HyperV.WAN.RemoteService.exe
LTSvcMon
MSSQL$SQLEXPRESSADV
"SAVService"
Altaro.OffsiteServer.Service.exe
"Sage 100cloud Advanced 2020 (9920)"
Altaro.SubAgent.exe
mfemms
"TeamViewer"
"SQLServer Reporting Services (MSSQLSERVER)"
VSS
sql
Altaro.SubAgent.N2.exe
"SQLServer Integration Services 12.0"
SQLSERVERAGENT
vss
"Sophos Safestore Service"
klnagent
"Sage.NA.AT_AU.Service"
MBAMService
"Sophos Health Service"
SQLBrowser
MySQL
"ProtectedStorage"
"Sophos Clean Service"
"Sage 100c Advanced 2017 (9917)"
"SntpService"
VeeamNFSSvc
KAVFS
SQLEXPRESSADV
KAENDCHIPS906995744173948
sppsvc
Amsp
psqlWGE
Microsoft.exchange.store.worker.exe
kavfsscs
"Amsp"
sqlservr
Altaro.DedupService.exe
svc$
"ds_notifier"
"Sophos Device Control Service"
AzureADConnectAgentUpdater
AltiFTPUploader
"Sophos MCS Agent"
Extracted
Path
C:\Users\6o101697-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 6o101697.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
=========Attention!!!=========
Also your private data was downloaded. We will publish it in case you will not get in touch with us asap.
==============================
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/6B0CFA941CE3468B
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/6B0CFA941CE3468B
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
Fph+TDhYsuR85jkI2L+CGm4EHsECioYy3hfhCAYwGyN2ajyqhMZfHwsYSY3GLbB/
j0LSXSt2y8T3aUT1T0q4f1CuOgidcUaUQgdNdDVRTmHVhcgU5MCYUXLayw3hjCGq
OeUsD8kPF78qJ5jQkX6utK5vfVuy4P8DwNrcLhjLIBGNyomf/iTJMlbmAEJtPQA4
ZKPtD7ME8HrHxzVWVv6MdVhEGiBYB1v/ysrv5SY5tVofyFKE/fMaqGcKLowTr1PJ
Z1roRcGf9s+dYp32MloO3BrsmAE1C2rnuW7y2B0HBddQSukQWAlFamMNZkQayEIc
TbSC80Ioaz3pVt4W3h86JbApZvmXZWw1S2vsXId6VFI0AES8YnQffCYR65gSLKCf
r5k3dA9FGeoIh4M2VOsIVcXq1sas23i4YN3EtoSFNcngvyV4XjnlyFHOtuziIQzx
f9iTm0VdFZwZsZKUo8U4WGkvIdoGBvjTU4vHj/a+F1dOR+auyTFWoA2qFlVjxtJ0
XOdcSmP+DcbDcFTREq9MCQql6KOQgHmTZir+bpsTKE6jJZ+4jz7vMbiLz2gmwgQj
/8bG0jVOIqPxmqnSFuL5bJCDuKN+UZZGiCNiaIHaYa+gxFbH+UtNVRwYm1GeSdWm
zWWHg8121MevRZHjb5iWEvKyVqqDtYT0gHTJdVFhpYfSDJcpbgOsjhRS8kFFO3Mo
fpP5fq4NRi2hFBUgQ6c9SXyN6FUJ9LWZR1E+4cYeZr5q4fc+LaM93kzFGF5LAdXK
Y74CN0DfKjXlt7kBGbpwn4cRYUdeoCwgIm/NMQKlxc6GVxfkGaOzPCBY9f0yJgRk
SpXGXWPJvLv6BDFCT62cbNzgimly5zQKQYSUZfCMwcAoNmqy9WsSVyOcuOj1Unia
w2tFvKvK//iAhrk9lMYdSo6YnP8vvYRMlMTZN9WeIESePgazREDEoZZjMHe2tHsU
lc37mxihnCe+jNAwiP8sxFsgz2trofDwfyz8FTwHqJN9rTbW7r4uzTfIJkYSQ42A
8K6RzOB9z7LpvhbFAxylSKbXpHsm2Iu2IkC2MmUNt06+nnUqilNhu0rxkRukVxh3
rZIZuV4+P3NV6MSjAzpHJBAuM1WlRfU2GN2bz1ugNvueLSjZM5hNUPMrJgvlAEQO
vIyjRKUhiX25x5eC3tdCqX0yl/At2utw+6xILAk/wukRFdHytC7XPmSdWo144A8R
WtGHgOz+sYL6LXURHkUVgphvrzbiv/9ckqigMuLgw2jsUPGsQeA30Il9aIxrw8Xo
/q/Zt4cuMKuqM0a6iNeFNGdSjhDlXj2YFQCr4eZfxNK2TM8nvJuuly2cIFDHR+bh
JEzXByOyHeAh/B9QdZFw5fR9Iysx81pcKDjz9xSqy3I=
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
