All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Data leak [+]
First of all we have uploaded more then 300 GB archived data from \\UDATA.
Example of data:
- Accounting
- Finance
- Personal Data
- Banking data
- Strategic sourcing
- Management
- Projects, plans
- Immigrants info
- Confidential files
And more other...
Our blog:
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
Read what happens to those who do not pay.
We are ready:
- To provide you the evidence of stolen data
- To give you universal decrypting tool for all encrypted files.
- To delete all the stolen data.
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
6758
svc
mepocs
vss
sql
memtas
sophos
backup
svc$
veeam
Extracted
Path
C:\Users\Admin\d38vws2ov6-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension d38vws2ov6.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Data leak [+]
First of all we have uploaded more then 300 GB archived data from \\UDATA.
Example of data:
- Accounting
- Finance
- Personal Data
- Banking data
- Strategic sourcing
- Management
- Projects, plans
- Immigrants info
- Confidential files
And more other...
Our blog:
http://dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion/
Read what happens to those who do not pay.
We are ready:
- To provide you the evidence of stolen data
- To give you universal decrypting tool for all encrypted files.
- To delete all the stolen data.
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/5DA3E1805DFB79EF
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/5DA3E1805DFB79EF
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
buuDuH8fOtzViJxlRcVcywjbaJeRt3BRLo1ULI5QzamtEhmruzBBeKAa1D4lYqCw
NSFYx1fNcLxuIjRV7vBxsqW94sqrhzhlG9ICf2MB+WY52b0EsrZFbr8E+m7LJh+y
a823sazTZJ2u97wDerpSbLtsL3xrYPynaP4eFcZiNK/d7NQrPUqF3f2ZA3LJBu9J
SBGV4srY7Xs4YfrLI8UVvhK5zsTS9VrkzdzV0gtXD3b03p4JS/jpwmS7W/lsdJBE
/J6TSw8EkA4CoWLJgWN+WqcGbS8Xf0wGsF25HNBH4ZTBdtrZ/En2OY66zmhCSavy
wLJmZxmrbneRWXVj4DSupZyF5WRSs+Pro+2JMJ1OP3i6RmWazXW+FI2Dkt5d0hSp
ghhIdoQXgQtgdKdEpZPToljWWr8DtRFefSFh70NtTkbE8dpJUL9tE9u4a8690KCh
xRVsHj3MoPXWUcESicSXyeO/T5UJe3yT+pLjbGE8m5KDOZ6XOdsmQpEBCe0qudGi
/VnY5Vw87i1biKQ6kERTbAZjkfaMzCBIKxfxGpm3RoKMurAy9ElN11TrtV8HRlvy
jgWMXAMAGgTo92Mbsw6+WBLqw1E/f/fdE/YkI358EefaFuhqglCHTn0kK/XaAhMP
DHaBMpKYXLpm0qFfBg4Af2N2+a6/UA4DfN3UQZI3iDVT9E/fb1bZPIxH7aWRhDCg
jUlJw4N+6czejbluCK++Li4vKvl/1u5vCYKAH1NWmCL/Ehv2lYgKuD3snyrkF2Y6
LrJm4vRP1HwuUBYCoNAJ0xqKxbWUeiW7tLkbeqIaatc/AYpCh+hLIlHkwSVa//tv
lMTNtK5GXk0tVSsThshcZHe6CoKT4V/t3jE9IPo56jk8mJRBtWg0xcKeElCD5J+D
O4qSzW+trdIsK4OoHEpHEI+Ek8j+P4aS8SNm23Lby1js5SBopDq8aF0hv6fp8lsG
b7mkBTcZ/AbLBNhjFAvLDsakEGZLGPfHNzbXxNHqBu1XLgr4T7gUhNyF5uEWaZPi
6Hg16FJdwA/RxIyiP9Wr4+xjLlD+pzW+XQv5ipoxzXEto0x+erTyf0M1UsLWuV4m
2gHLBkF/f9YnoeNbE/2lCokXNJt84MzBR5cOefSNc/+mSSSxer/6+6ET60M6sVk9
zGcYQyqkmTLroErfBIkkn3SYZHPC5miSAZSIfN038wcjJhQrTkpAFVyGH4cdOQbL
FhpukAMm2T4ptIldadOiVB4Dm4cEugEYzB9VwhtPUvdtS1Ncf/NRgPXZHQOaHXk/
px62+6AEokrEQx4a6cFeJlAHlP7DzRi9qYck47RpaZ+9jXPZKibGgeTvktV+XjFw
LblCEpJJYJ4/Vvychb35ZfztL1gBPAF8kiS5UqC9k5Id+DmFRYhvHqqw6kJ9TQ==
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
