All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
4430
svc
ARSM
vss
MSExchange
veeam
VSNAPVSS
BackupExecJobEngine
MVarmor64
svc$
PDVFSService
VeeamNFSSvc
AcronisAgent
sql
CASAD2DWebSvc
BackupExecAgentAccelerator
AcrSch2Svc
MSSQL
backup
BackupExecRPCService
VeeamTransportSvc
MSSQL$
BackupExecDiveciMediaService
MSExchange$
MVArmor
BackupExecVSSProvider
sophos
BackupExecAgentBrowser
CAARCUpdateSvc
VeeamDeploymentService
mepocs
WSBExchange
memtas
stc_raw_agent
BackupExecManagementService
bedbg
Extracted
Path
C:\Users\480xk-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 480xk.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/52C0A4AE027AABC2
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/52C0A4AE027AABC2
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
rPrCPD+EYGm8NyY56wm4QLLXOaz6yiXDzuizzNG+6haFkJooZJv99NZZnKGq0yho
/XVjksmlZtIkQd+MhBTD0/zipVTwwU+qvN/xRSRnE0fSuVsbKUakDhEl1W/rkyiE
wi9JSCpCZaxtVSOWM+S5SySU0qRz4tpPAw46sz4ws9Wd7mYr2hIpwVRPuYAaEL8W
rCkV6kOjIbJ6PgH1v4DEfASWOrciq0LRipf09KeGjJqZUcyQ/7Fhg5aNB27UX07w
sMqQOOJSxCrgzQbSi121KhRsfvJkWKUjsbWHMHhGH1kfpMvGv3e+XUrkxhZ4AJqV
SZzIvWHEoQ8Vj6GDl6wF6RnHYJILws67qJy+yJNL0C36oNzAHeh9loSZYuq1lA+L
1edlSfQLDAud2/WKsSCxukjiBQ1LmvxDjfmSH24CL0hRT4BD0Yv6vpXCeWVzizTs
FMIT1Qd/rxkDlZBY+QQUtqhHMxkddBZj8w8sK3VtQTUAPKCrSbGvNwLCjJ96i184
2GUDMjtJpD5SVEqL1e2i5chUYMwls24kNr5FImjVw8gEM/JJuwGYh9hBgscc2e7M
zJPPZ/wBW19KGwsAN067fS8WmfgxK46kLfleVKsQSnwQ4NhO48yexHhiZJbRAIfo
bbIkC8zC89VypNuyPnCt8h8G84ZfYRAEsBfZGcpAsS0rlzcwRj7tsKXs+0LQ7jLN
0OzHMn9CbcQ0bmyveZUcQCXHkOe7YuL2VYm2KsukV6hkKWypSSYC95bt4rj8xiwM
A2KmQidp+2PFx9VRYV+aKHvnNCEMxEd/+0Aa6OxvCWgCPnDxSdPaKKhptHGRbLfW
u5jKBKadEtA6wZGmf0Iq8oAqFUltoLK/Soar7BvqQZyh+EFeD42+l1jRH6alfvs2
9jiA0RvQ7r2xv5fWj+wUry9aNLNZ2papAFZEqZMnHX1j6C5EBbAMFu0XwPH/x0s1
29EdS5fDojVYVQXdGaZVmEDv9DxKYHREHw9t1CS+okEyE8jjnJ6ke3DOVGLhN5pa
VyInMahcNvwCTRg9cw+0VpaAcVGGrs6v4atLIU7G9z333D1EnRUxuohWL62NJKHg
sFUHKJDC7fO/tCTP+i+VyjYeFzGepnhhlGEebYqAeZ1Hzt8hhzYq/++Hcbtk86/8
Zuq01xJG2OyGKiCFJJSd1VUj3vXUnuPNYzqK1+vaYbaFZ8E+TqAJXipR/rDply4P
ZGRpnzaaJcJCWiJwuaWfdWzdTWteLTSVQWUf42gXTdw6xP0f3QnRGr9afwfyYtCQ
BXC6mPi/A0qaBL46i14YIwuwSmgGjUDs8Orf+/6bNlVUdnBIMLSOZ4MP3JYpBVKa
/Z6oEC918RNGMVyIKAvuaCwB3kexF0ykCdLjBImWKWYymbwY
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
