All of your files are encrypted!
Find {EXT}-readme.txt and follow instuctions
ransom_template
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension {EXT}.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Attention!!! [+]
Also your private data was downloaded.
We will publish it in case you will not get in touch with us asap.
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/{UID}
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/{UID}
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
{KEY}
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
sub
7341
svc
ofcservice
kaseyaagentendpoint
storagecraft
savadminservice
teamviewer
amsp
klnagent
mfevtp
azurea
altivrm
vipreaapsvc
msdtsserver
kaendchips
viprepplsvc
bedbg
veeam
kaseyaagent
mfewc
memtas
huntressupdater
psqlwge
sppsvc
threadlocker
mepocs
code42service
auservice
tmbmserver
sbamsvc
swi_filter
savservice
altictproxy
backup
dssvc
svc$
vss
huntressagent
sophos
ssastelemetry
protectedstorage
svcgenerichost
msseces
mfemms
ntrtscan
ds_agent
ds_notifier
altaro
ltsvcmon
reportserver
ssistelemetry
tmlisten
altiftpuploader
adsync
tmccsf
macmnsvc
mbamservice
telemetryserver
ltservice
kavfs
ds_monitor
altiphoneserv
masvc
altiback
sql
mcafee
Extracted
Path
C:\Users\t55o185-readme.txt
Family
sodinokibi
Ransom Note
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension t55o185.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Attention!!! [+]
Also your private data was downloaded.
We will publish it in case you will not get in touch with us asap.
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/3DC2A1877D6AAFA1
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/3DC2A1877D6AAFA1
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
OvGfnnro/CkNXkWZQzNk7Naxa+DgSWXYnf8b3xuHkZNfHpA0YFvs9FRzW8nEFMMR
SGeZqtlvXVzdBIxswF51Ly0GlrjDj8YfIWEB+gYvZb6o4P+WmTy7F11mXjVu7VXr
tatRoTciO7v08qJP/BS6F74urYqEex6JOW0Ecg5yfvTaQ1lT7KIw0hVnSF2/zMHt
r+NQjO8SOcl2orG1rN1wmEiZ56vpjZ5n6g9KeUKhzbBGlOgWLF7WTMEwM9ZQlWKl
1nOWDx/9zdeQz6fn2/Lq/lsvVTp4ItUttQcqlXYxRK1KfSh4E6AquGNMhsR+fAO0
ZRiPScNMM5UE9sZSdJ5sdL34kJ0n7ewez/Pf0TMxEKCLBfFJD05pm3sGeKGpAaJH
D4WFlUlWoDP96nPM/6k18xyFGaWXsqiAYS30Jq62k68cOF3zhESGmjqiTYn9d+gO
O4WOLT//wFusD+VvJdQIxlTU9dDvfrEXP6vVGKpBD1ZYmQ/tmTktRJLq6XsS6SDI
lzqnP67XXLESH5xqrZB7uG1fAxE2SYp1wkabJU2j3oAUJXw/nY0FdZ7V/0nxpNPE
yecLf1u+thQ9xHDLIVqLlBsgfBRdrxrDXc/MZTUVW+pe/97MaH/xovBXoMziDiTK
y/hdzawvMhmHCo1kRxHglysOKuDmVsJGPpSaWrpHWYyhPMty5S70RfJxzkCEYjYk
CTWB7QPXVidI/Qy0rydfjobUxMZ5/1IbrnlfeHwDHTZo6wD4sCa6xIePtI2HMMU0
lBT2J3jqC3Ogr/ALax8CFhZJbAQDFruOmSLrXu2coWTjos72DWDzLdS8faZu1qpr
gQWv0fO+AK4V8sSHzvPNdd6YKruCzOlRSAQMjdFeSKuwa74cMPc/KvpWwpCdAiZ7
BfxG49VM1zyi/jSf7b3Xa3rBsZ1hSFpGoiOirYpMWHJ0NWGkehUjNkkTF5b5b6od
0kwV+Xl3FNnFRmWSDCzyWSG338tkyBzDA4N57mZ0I6m2mZ8B81Kdyksu4AUPow8V
Fapzx2eGFFvxvEWESjzSS4BcKYr6yHu/lM2xFQnNk3Dt9Yz2kUSs4hwjjtHB8lsr
4IVU0pRYT5P2U9NclYaO/878f1gXnJvu7EkMJxYYxUHWRGJsL/iby0NivOrZ2P5q
SfyGDqSY70uofi1VOiduN9AZkgNxwIWuRFx6POlr3VhlWvuQenQ6FpVCNY+55HlV
GuMxvryJGZmXrYWdJA/ZO+w1pa0M9tN2Vqh7Bk/jaOURDJFjvAd/led1RwpK381V
4KBjkYbCOo224KVpNRfpurYpJS1vIo93IXf0OSYYW1Pmkj6rqWRqhrj3ykLgIexa
ai8VLacc+Ay2t3orneLrRSIcG2XDxgwp
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension aj1a4q1t.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] Attention!!! [+]
Also your private data was downloaded.
We will publish it in case you will not get in touch with us asap.
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/BBCCCDCE3DE2C976
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decoder.re/BBCCCDCE3DE2C976
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
u+/OCBTEBtuunRObTs5JBySdTLoVgkMWeJK7nAjp4PZoVNVSINtilUi+eU+Qp05i
iFCcWjnXR35hgMJr8tGVMJABDAREqJmXqIRuSyC0Pn8G+lbJfHJJETKWhxOTZOqJ
ynggTSeF5ykS49l1O4r2i8CRBldesdbc5RdBCs5Nb7WRO0UVb4VqQmfyPNwlvYIx
6vuvEKPZcUWxbjNh7tgxIiXdkAopdNcENtGJGi9vWiLhj6/nlSXhwjjJrl8/1ZRp
7yswSvZnB6hemnXRtF5WFk9KooeUebTEUUjbLTDNc/Q8yjLONVDI6rjAbXb9vsLW
hirr4JI+NcFjb+JNnKLkcuy/Kq9cNs0d+pL21aFU4+NXEhfTdH4ryH3/4Hj6m/wa
KOpm3Cl3XG29r2pfNoZM1Nus4C5z4zQYvg+WyxSCJkw1HUBplxoZ3TWRrUKRUb5f
fu2HYAKofooIr8YgkeA8HxHqbBWAg27rXbXAW488SfvjH5CGh2KbRtHM120kYlmx
nLLcSUc1a+9NLI90Pz3Oo6hQ2AMv+cFgrUoWyVEmM5whKtnn1XhivD+T+t8pbz7w
fJZJtOjvScppU2fLaq9TacIFey2ZYW1pekpDa+LI6HBjKSWCcqHBLngCs2ksvzx2
B5cHr/h1leqTsmhLIfRUrCeSle5DNGUweQHNTvyVZMYcdL61G1tusZX0dLsjW5ia
H4bdXuFjNUsT32pi6frX2RCPC5JR4TYIlk8/XvKOZfzgCtYlaiGwiXIuVqq22/yS
ohLEfdTHNnSO2sxKU1HZf0xvqhKNc3+gEIEBYZ3ZBgnl5yWKL6bicY0zIijCQCN8
5ovte8UaoUkUYAY1q2HssxD8UsRpjo4wanXFaJ870Yh2vbvx7UF1NO/cBs4B1Vqq
yvddzQCeGiyN4sNaUzaRKBruJbIzXoiuz7wGaKvgRMdAfiWwQRR8yW+HHRkOewmw
DZoFpqLHHMt23HKv66GTnp6K7YnOqihiEdflyY3bIobdpmBGp9zQTI0wSA8A4qpn
tDv2NC/CvVKT9c/zS3RFDx5fZIstkEJoYKvSfJr/lOJWtZqwfsjkqDnDwFDfn8kZ
3O63YSw9mhHUp3GvNmiNINrC4eZ1/lBRmdCaaZpVOWgPnVa3va7CeBbX2W2tSQL0
Wb62n9FOIShGgaF3F0cc2/GYNTVSErXo7qGGz70SZquCgxboGBUfBp5b0NI3msn3
ZPdpdzKIuW7viwWAIAucuqg6koPPW4rnNKQV9UowwW2lmeIplg2q7dQQwmbVu9cC
y8Y+n3NRnulHe+QGdBcJVNksxffbkkKOIaFpXsHDx6G2ys+mv7hkstB3RCna5/1U
ioELDlw+5iZgtklINnIJKgra6cl/6axgABR4Ce5TiIw=
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damage of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
