Hello dear user!
Unfortunately, your files have been encrypted and attackers are taking over 1 TB of your personal data, financial reports and many other documents.
Do not try to recover files yourself, you can damage them without special software.
We can help you recover your files and prevent your data from leaking or being sold on the darknet.
Just contact support using the following methods and we will decrypt one non-important file for free to convince you of our honesty.
Contact us method below:
Use TOR Browser: http://t532wrjittpwhxhlf356ie3ee3t5g2mnksaubovgdagsy72cu5nbxuad.onion/4e648ee1402bb2bc
All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[-] Whats HapPen? [-]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
8254
svc
veeam
memtas
sql
backup
vss
sophos
svc$
mepocs
Extracted
Family
crimsonrat
C2
134.119.181.142
10.5.26.108
Extracted
Family
vidar
Version
39.4
Botnet
931
C2
https://sergeevih43.tumblr.com/
Attributes
profile_id
931
Extracted
Path
C:\Program Files\readme.txt
Family
conti
Ransom Note
All of your files are currently encrypted by CONTI strain.
As you know (if you don't - just "google it"), all of the data that has been encrypted by our software cannot be recovered by any means without contacting our team directly.
If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN get your data back - we offer you to decrypt 2 random files completely free of charge.
You can contact our team directly for further instructions through our website :
TOR VERSION :
(you should download and install TOR browser first https://torproject.org)
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
HTTPS VERSION :
https://contirecovery.best
YOU SHOULD BE AWARE!
Just in case, if you try to ignore us. We've downloaded a pack of your internal data and are ready to publish it on out news website if you do not respond. So it will be better for both sides if you contact us as soon as possible.
---BEGIN ID---
dz0MK2yuqxgQB7sUx7heoZyiuK40XiAbhbP5thzZoDJRJAEahpKemj3x2BflDQ3I
---END ID---
All of your files are currently encrypted by CONTI strain.
As you know (if you don't - just "google it"), all of the data that has been encrypted by our software cannot be recovered by any means without contacting our team directly.
If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN get your data back - we offer you to decrypt 2 random files completely free of charge.
You can contact our team directly for further instructions through our website :
TOR VERSION :
(you should download and install TOR browser first https://torproject.org)
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
HTTPS VERSION :
https://contirecovery.best
YOU SHOULD BE AWARE!
Just in case, if you try to ignore us. We've downloaded a pack of your internal data and are ready to publish it on out news website if you do not respond. So it will be better for both sides if you contact us as soon as possible.
---BEGIN ID---
7JgMvF9QMqzqzAZatFO55jNBP8vdYTOdLuzNUxNH7L1jCsqatJDGIbpLJIAdiumO
---END ID---
All of your files are currently encrypted by CONTI strain.
As you know (if you don't - just "google it"), all of the data that has been encrypted by our software cannot be recovered by any means without contacting our team directly.
If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN get your data back - we offer you to decrypt 2 random files completely free of charge.
You can contact our team directly for further instructions through our website :
TOR VERSION :
(you should download and install TOR browser first https://torproject.org)
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
HTTPS VERSION :
https://contirecovery.icu/
YOU SHOULD BE AWARE!
Just in case, if you try to ignore us. We've downloaded a pack of your internal data and are ready to publish it on out news website if you do not respond. So it will be better for both sides if you contact us as soon as possible.
---BEGIN ID---
oELYlYt1w2UZdU24RwrJlJRz2vafqMds2VriDIO6EriCmzvrhcVLzHSPujhLRtQB
---END ID---
---=== Welcome. Again. ===---
[-] Whats HapPen? [-]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension r9p1525r.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practice - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/8305E0107A7515E2
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/8305E0107A7515E2
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
+S1YQYYrDrncRJ6HWhDUEbvWTNVL1RZj9K3nHHvSWdy81a6NxKOoHOzmq+Ar47U7
yem224JbXxaPkK1CaeNdUaa12xa61T7lXt/RDxDwCn8Z6ih5iKQnIqLcV74SkaXo
PYwNFt4SFcyO8A2+8sQBeA/HMhjFeQIbKH/58JZwJANY13UKsN9iXNv6y92zXN4w
h5TLIQx5EHn2Wz4TV08eTRM6YJ6FbfnSETT7ZKbeQ0pWedCPhM+ANbYdj3V6Kqrr
kPMTN4U4wbUIVIuQy2kJJmor1LeO4z4XyBSgg2hk/DppdFkDZQgq8dnYgzNSae1U
Tw/Kr6HBPwwEkG2ATtzH1WuOxfJ79+XRZxg/NyI4JK+2IOljp6fbSnla58TsbRHk
fWzrWjaJ/OvJjHIRHLHQzXgYY+VLFc7n68jgZamFg8Z16RBATSDYZanVy0xeKJ/d
XueRPMrgCRqOMMMeEXLIPmm/xvA9G5D27DmeidQ5im2IBN4xBC/HuHrrH7aApq8/
rxtcFUNyomM6ZJxyHXP2/ANgWF7DMMo0JDGry+ae75Roanh9AwROZBjN59zp983H
R82KDSnMcn3p0QPawqdVeqpngP8b8rI4I1rSWe5ffMta+/jRncBgcPFckt033BdE
wB41cTFoSKVC1BStmvOrPaEmU45atREObF+eemRy4s3biHr5onknm95D2UCTaTn+
rPMbdaGqde6LxraIhW2Oo0GqJAbcz6IP/iBWFi7Tms6dVKG8czjxGYYfOQiJ0mXY
K04RIMA0FuhnDA9uxD0keHJXpfkbNzpOmjhpK+9terAHNDrfO/mpPcSgp2rE1d1K
AnnI8P4suqkJvzrQr01imYvYXwHltu0QVJS8BxhreCQu8D4VGNGqawebWIRbIce6
pNtFQa08Fymbb7T4nw9C4GIjO2tyqT4M745hKIv9GkTMbzfP9cms+XhTLKGzOQMI
2eQbghJZqg8cY/93TuFeySpSx8t6/RTSINR7Dn/HmOjwbV/ORJ6+ul+U48zFVP/Z
Fj6zLyo5lmU6LhbVmp9DWCPWym209fRvGBse7HpdmoWuYIEFi8CDSRPtyNMn7jmA
viTrfBgYJuT8cyFm2FrhI7AN6pauVypVX8QRwPDLOkSUHQvRvRYXUab14XzVA61w
EUXzgOPyDBqLOncBg7ZZawVCYnkLR4B86jXgM7Ez+/VcqH7hPqIwZsDuiiTgd6tA
Zmux1T+jucAeBbSIOdDNOrm8seoUXIRIksLcaWvth5nwpBn4vFsxJtniKr3Jc0z1
Sa1FupTtjZLIcjlT1PPJ3RugNbZkvWNmwsIciBtH+uf+KDa2O2axSYuL4KzW7+4b
zoSwDqGm22T0iwd8oEE7i0A5f3ru1UODM1cIz9nqETk=
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DON'T try to change files by yourself, DON'T use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
All of your files are currently encrypted by CONTI strain.
As you know (if you don't - just "google it"), all of the data that has been encrypted by our software cannot be recovered by any means without contacting our team directly.
If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN get your data back - we offer you to decrypt 2 random files completely free of charge.
You can contact our team directly for further instructions through our website :
TOR VERSION :
(you should download and install TOR browser first https://torproject.org)
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
HTTPS VERSION :
https://contirecovery.top
YOU SHOULD BE AWARE!
Just in case, if you try to ignore us. We've downloaded a pack of your internal data and are ready to publish it on out news website if you do not respond. So it will be better for both sides if you contact us as soon as possible.
---BEGIN ID---
cnxUZFg6NAi31LVHmHIEOjAUGxbCfnw6nFXLVywSJeUDFLkZ1Ket5UoxpcA98It8
---END ID---
All of your files are currently encrypted by CONTI strain.
As you know (if you don't - just "google it"), all of the data that has been encrypted by our software cannot be recovered by any means without contacting our team directly.
If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN get your data back - we offer you to decrypt 2 random files completely free of charge.
You can contact our team directly for further instructions through our website :
TOR VERSION :
(you should download and install TOR browser first https://torproject.org)
http://contirecj4hbzmyzuydyzrvm2c65blmvhoj2cvf25zqj2dwrrqcq5oad.onion/
HTTPS VERSION :
https://contirecovery.best
YOU SHOULD BE AWARE!
Just in case, if you try to ignore us. We've downloaded a pack of your internal data and are ready to publish it on out news website if you do not respond. So it will be better for both sides if you contact us as soon as possible.
---BEGIN ID---
nAkBjF6vE8MXJ5872zt7dHDLV8WmUzcubRMKd2uINBb6qZMvszxzA5B7W5J0Tss0
---END ID---
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-mNr1oio2P6
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
[email protected]
Reserve e-mail address to contact us:
[email protected]
Your personal ID:
0314ewgfDd
