360工作人员-驱动哥 发表于 2019-8-9 14:58

Sodinokibi勒索病毒家族详情

本帖最后由 Potato 于 2021-9-26 16:39 编辑

相关阅读:
Sodinokibi勒索病毒样本分析,我是链接请点我。


勒索病毒家族名称:Sodinokibi
是否支持解密: 已支持解密
详情:
被加密文件:被加密文件后缀为随机后缀。



被加密后桌面被修改:
Hello daer friend!
Your files are encrypted,and , as result you can’t use it .You must visit our page to get instructions about decryption process.For futher steps y22k2-readme.txt that is located in every encrypted folder.





勒索提示文档内容:
---=== Welcome. Again. ===---

[+] Whats Happen? [+]

Your files are encrypted, and currentlyunavailable. You can check it: all files on you computer has expansion y22k2.
By the way, everything is possible to recover(restore), but you need to follow our instructions. Otherwise, you cant returnyour data (NEVER).

[+] What guarantees? [+]

Its just a business. We absolutely do not careabout you and your deals, except getting benefits. If we do not do our work andliabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, Youshould go to our website. There you can decrypt one file for free. That is ourguarantee.
If you will not cooperate with our service - forus, its does not matter. But you will lose your time and data, cause just wehave the private key. In practise - time is much more valuable than money.

[+] How to get access on website? [+]

You have two ways:

1) Using a TOR browser!
a)Download and install TOR browser from this site: https://torproject.org/
b) Openour website:http://aplebzu47wgazapdqks6vrcv6 ... on/665252B5148E707D

2) If TOR blocked in your country, try to useVPN! But you can use our secondary website. For this:
a) Openyour any browser (Chrome, Firefox, Opera, IE, Edge)
b) Openour secondary website: http://decryptor.top/665252B5148E707D
Warning: secondary website can be blocked, thatswhy first variant much better and more available.
When you open our website, put the followingdata in the input form:


Key:
NC4tjcMvlDLOWkgUT5BrPyU0344imCBBh6JdrSWFCgiWE+f5B5tDMXtbUT9Zv+Vc
n3wRGx1GiNbg+JhvQfcyC5ZSyP2lMjS6NpHFzh48W5/TLEhFxT6xd/aMyRIsu/qz
Hm9sUgRCE8BQsVx4KP0Wj+dSyy3f+gQQ5yOxzOmjDU1+Mw3QPbv9rV2mUGVJnKlQ
mxqev2qN4TbNXAb962k2lTGA4HA6NgrQJ+Z8rBFqJ+y2o70mktD8ZgOCF77zX6FT
/kDUwF1LeR2Yf1JMo/yMaWT2REkTV7UxVNnFlSQQsBmqZ996QGPukp4WXt/1R/xP
gs01lOirjclOmIsDKxgBR0C3z3x9WaXhnfuDzdY7eu5UQ/8mjF7X1XC7pRkgmFv2
TrYRgku5U89WMIJWy00KD9+FlBmM8uOtHgBRFqfUstzhkzw4OuvaaG1B08LbVyVo
UqOCat8pI64nNVWK3wB73OZhOLFip2ZO7KawqHl0WtRIdpDAAoipy7ljdgRtmyH5
1yiAYxjDhFMRQLHPjACxz5rltGsWxxavtLp216+Dj79aPa/FWHcJ/BlvzfxF1YWT
Op6kEB2ogXq0uGOd/9FjFC1WMi6CTURcxIcIXQCxS44ACkTexr94yepa5uplFK0D
2KL21gnnbFn44UQwRwGP+RhEChThzJt5rkvIsp8Dg2UIaTQF81WSbEDnNvahvK2W
OSMtgGTqExoLl3nLmdnec9aeHUFFADBVE9Tyf0/E/njdBrf1IEj1iCTJkdjWUSvr
8qsGVgktwO6FJDDtJ3GLlgKgtXKn/czrOJG087k8IHYkMlc9TLf3yAqTso7nc2CI
Vvq8HGLaUqTa+kmUV/A1fLOfKzJGAUyt/cGBDocCTcDTkVwc+Af3Zp4qBloeNL9J
qLDJx7lB36Ikdejanhlaayppvrt40r2Uo6i8emFAuhGiEwkiC8+qicfAIs/ji4ec
SNrwS9HZBJzBlpNFyV3FVDtRXYAgZB8cFHiLwV8XHwbEd4yAXV/rbcUTVfwSLKJT
vGzsxtBH751Hn3dESfscVjrsR8ADTiTS3tD9PEEl+kkdrmFPXulnDfi3BY/upHfP
9cy27vbcTmWh2YmlA6POiUf3UWuh5OzP17AJlrsZSTknAbsgAhDfHCP677kTLr71
bLPhDf8SUHkst/hhcI/9e6/ku35ZZyxn0q2kIHdp2zJUwYZYYJSbZ/OAYJlSE3UY
YgJOJQ1kbMrAx8dUxHG8SHQKaWK3EStvgzjET8/o4wREaPtiaOSwaaolrJh+RLoD
jUffDDSpIdIuZZ0wNiW5U7gLUN/Cxqts4rcUH4PS4539xfJoPxBVP+jYiWv3KccL
H1d3SgN48Nc63lApcIyHtOKH

Extension name:
y22k2
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT useany third party software for restoring your data or antivirus solutions - itsmay entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get yourfiles back. From our side, we (the best specialists) make everything forrestoring, but please should not interfere.
!!! !!! !!!
---------------------------------------------------------------------------------
传播渠道:
    Sodinokibi勒索病毒,又被称作a.k.a Revil和“小蓝屏”,该勒索病毒于2019年4月底首次出现,从2019年4月份到2019年11月份目前所发现的主要有以下几个渠道:

[*]Web漏洞,曾利用 Oracle WebLogic漏洞中编号为CVE-2019-2725的漏洞。
[*]带有链接或附件的恶意垃圾邮件或网络钓鱼活动。
[*]使用RIG 漏洞利用工具包传播。
[*]通过暴力破解获取到远程桌面的密码后手动投毒。并由被攻陷机器作为跳板攻击内网其它机器。

防护建议:
1.      多台机器,不要使用相同的账号和口令
2.      登录口令要有足够的长度和复杂性,并定期更换登录口令
3.      重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.      定期检测系统和软件中的安全漏洞,及时打上补丁。
5.      定期到服务器检查是否存在异常。查看范围包括:
a)      是否有新增账户
b)      Guest是否被启用
c)      Windows系统日志是否存在异常
d)      杀毒软件是否存在异常拦截情况
6.      安装安全防护软件,并确保其正常运行。
7.      从正规渠道下载安装软件。
8.      对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。

360fans_LjSKE0 发表于 2019-9-14 07:33

已中,坐等,跪谢{:15_449:}

360fans_u40429717 发表于 2019-9-14 20:02

中毒了,应该就是这个,不知道怎么解密? 求大神们出招

360fans_uid336824 发表于 2019-9-25 08:31

也中了类似的,求解

360fans_Sq6dQW 发表于 2019-9-30 15:12

求解密工具

360fans_Sq6dQW 发表于 2019-9-30 15:12

求解密工具

360fans_QMWz6j 发表于 2019-10-2 09:25

已中,希望360工程师能够解决,发布解密工具{:15_449:}

360fans_QMWz6j 发表于 2019-10-2 09:26

已中招,希望大神们能够解决{:15_449:}

360fans_QMWz6j 发表于 2019-10-2 09:26

希望大神们能够解决{:15_449:}

360fans_QMWz6j 发表于 2019-10-2 09:27

已中招,希望大神们能够解决

李三帅 发表于 2019-10-8 10:20

{:3_57:} 为什么两个月了还没有解密,大神们来搞啊

360fans_u40826394 发表于 2019-10-30 17:10

希望360工程师能够研究出解决办法{:15_449:}

360fans_u40874313 发表于 2019-11-4 19:46

我们也中了,找了360的专家,貌似无解。。。{:15_451:}

李三帅 发表于 2019-11-19 17:13

等的花儿也谢了,等了半年了{:15_457:}

Potato 发表于 2019-12-27 16:46

---=== Welcome. ===---

Merry Christmas and Happy Holidays everyone!
You have a great opportunity to enter the new year, leaving all the bad in the outgoing year.
I advise you to write to us as soon as possible and not waste your precious time that you can spend with your family.
With our decryptors recovery will take you the least time, without us you will have a very hard time and some of your files will not be recovered never.
The longer you think, the harder it will be for us to negotiate with you .
Waiting for your dialogues in our chat, below you can get acquainted with what happened.

[+] Whats Happen? [+]

Your files are encrypted, and currently unavailable. You can check it: all files on your system has extension 642md5.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).

[+] What guarantees? [+]

Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.

[+] How to get access on website? [+]

You have two ways:

1) Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/F49F02F3004E761C

2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.top/F49F02F3004E761C

Warning: secondary website can be blocked, thats why first variant much better and more available.

When you open our website, put the following data in the input form:
Key:

OoyDwow+yvJh3YXh/kG7LTi89O2/8w+dz5Ld48AzAJmvrfugTdPjzAdXo7Udidaj
bha3XwvwYf6ZSJioWGWHRgIEdzJ+Ns6hyAQJ8Jy+vmgJhcyekEMLoREFnNxZ9SaK
L7EFhakY6/7gnZWi4jRCtmoqBnONc4lz/QDdegPbgRARc+raL2JYOiAytYbaZgAo
yWpQQt7m0de6vmFatqvXiw165F2xdeB0G+V69r2Ioqy+wlFx/oUW8imNkxJEYvbY
pxuVnZR3DH6ED13EaS438tNYKiaeIwePykalPxig7BTqCrrEDqxoPrCcAS6ORloh
WQXqTTgxR4LSyXAP8Qqw8H1Mv2jSE10NgjOThd64Zu9U7vS+UKHi/ZYMIVNgEaGP
Qobsh5QQu+SwsgDupzB/knaBpUZ/Hs6sp67hEAYvatcYzXZoiP84bPz3ExDhWmGo
rOmxWUGJ3cFNuGMWP8sVAbWO2dPsLfxLg5h7J/mHam9kmCbK38YBwzqpWOY5CDZd
6j9FnY/o76IP60hA5krvluuRIjsBLia8sJql7dTQSHehcdNVT0Y+AjVl3s3PEukm
kFsPPHNpLSKSntfgFFmcAhIIY1RvClB6dROhsL8GVz4qdm1p9iZ8fpki3lqPKoOB
nQfd0Id3O8sV0M5u/zbzvdvkip9QZBkwiyMf3nOClimmYByLbokpYv+Cev46VmNo
bwt4wU6NaIeZ1UqSCD6v5GkUpWqW3ip2Stzt2Y9c8Fxt2pW04KNHsUaEJYP67FMR
789hAgrNAh/iH9CJxNMCBshyMF0dE7CXPUjXxUap3KBo32RvkRJlRa+rTlS0+gSE
jgv5raFdRWDVYF15JryXSPk/9IV0NS3DUUQamQ5i0evlrAG9vtmK4FRbQ8Xvwkm9
XONVqMaAJiarwALJRA6WN/Tn2fkPrp1FR2BzhM1bKarn0feKJkiovmW7lr7B7CC9
C2AkOH8xfJ1tiXBHYirfBZtn91LhBxcfmS8iFFu6rl6YQGEwmStxt5kro8iU7PMM
bf7rwfNlhHWnC2/lu8X2z+ZVh/bsKY1h4W/7bFkmCFp7C47m47FCwuXK2StAaF7X
21g5RTzdy3g8IO8c0L8O0askm9Vn35LxTxT9n2RyH04xd3J6znbmnC/Ujzqi9TVY
tS4Mxx2g4IqB+LDGLNiYbpdTXwjhvAjgXKIm84EojOSq1bERiEw3V4YHxy1yWlAo
sbERTJVnau2TPh+cwHZq+OsbX6hpk4ZswTe1sRHt



Extension name:

642md5

-----------------------------------------------------------------------------------------

!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!

For google: Revil/Sodinokibi

Potato 发表于 2020-1-10 17:58

Hello Dear Friend,

Your files on this computer have been encrypted due to security issues. You can check it: all files on you computer has expansion 13mo21.

- How to get access on website?

You have two ways:

1) Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/F49F02F3004E761C

2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.top/F49F02F3004E761C
c) If you are having difficulty purchase bitcoins, or you doubt in buying decryptor, contact to any data recovery company in your country, they will give you more guarantees and take purchase and decryption procedure on themselves. Almost all such companies heared about us and know that our decryption program work, so they can help you.

Warning: secondary website can be blocked, thats why first variant much better and more available.

When you open our website, put the following data in the input form:
Key:

NVkIge2Yzv4KyghWR6Xc0WJRTIOOZTj7rpTxwV/oHUBKxmrZGThcX8trY/EOizYF
7uydupZYDSWy0HGHqZfIggwgZitrocW+0S6vcRr6MC2iGvlx5RMtGIqVBZIBvYkR
fd+M5xoGy8b8JHd9U2Jv5sm7OGTm+fRffUvgB7shSiQTdZyOC4ZlESxYd5D6jvCK
rQXY2hcqhi6pxz39rdHv3Tfy8XnAus3UL0IcJirN/lGZ0dUZKlMYZVpW8IwkyV9W
twHXEjH/JEcy5vfborba2xl3DUBOJQxUdimICuVlyWoYUR86vSTzpdkLppnap6rZ
FoBmmUb8ILOTy2WEDy8NtvTuFuSVHCz6zBdsPBOa+ND8Jkvt3xxipx0/7CBL62cB
+L7hiD/P45LAxxgYlW9JAFvV40ttAbuKW1+lRxqLOM0w9AJ4dadllMqJEEpklG0F
Cha39PXL1b+fBUB+cusF/iiDvaeheNQSYd3m8uGzDYdbN1K8JKuLsZrWQn+6ABsp
wuuq9cGk90e7hekLeHlXSrnhk3bPVjXtUQh3DxHHZ6og/coJyoeTF82K6wNfJ2TR
yBuBiPG1/YHsubew+1PaDF10TaT+9rD7j7Zy9qzh9qcjZPAsjKyB82lsdjPfNyrh
ew0Pbm5GIcvBFSGFblUjfZ2h2QCazHHF5wWQFGqySNP27nJejPI6f9MjrXX+Bihu
E8YTbA9KCwBFbTv17wlH9qsUIiO0XXE9d4SyWIraciM8Plw4oIgIk6B/hCVVzyeM
in/KqIrLHiDgTd/rq9pCTA7+q+uDEljhlifxf7zC7SxtdFF8Qak/XB7O9Myo5FSy
ikk2r4VqZ1te0Qh1MSiDoHKtcXc242eQHLu2XYeghMvbf44Dy5sOz+b+IL2w/HKJ
JV7v8AaRTbVXx3a2lHCnt/nxKmXnQAVmeaNyijukoQ7kJye6oQ17xJbyxC0x8dDY
TQ2lU6KtEoG+Xq9lJiBPBCSydYd53Qud1InDa2M/rFOI+9hxtUrh19h2Dmihe88R
JAh7wo/b6oaJaGDGWSl1PYu3zqdhCG7nFwioTYrxdzCsM1mud/mvjDRYRFmINVbQ
GTb4nLSCWF1oepF2QCpeQGmU1rrS98E7WK8c01JgBTyNkKaJF/ogVq72yTgy6gGq
VW74r18F4J7gnQowpBlXdv8yzCrm1fSmp15sJXEXJ4HTF5tmiNs03ZdHYk11jE4p
EJW6/JRudxFZJvDSRlGlQ3xNWxqZaOUjYrzG9g==



Extension name:

13mo21

-----------------------------------------------------------------------------------------

Attention!

Do not try to reload your PC.
Do not try to recover information using third party software.
Do not attempt to use antivirus.
Do not try to uninstall programs.
All these actions will lead to data loss and unrecoverable.

360fans_uid27085163 发表于 2020-1-13 10:14

不要奢望360了,因为研究解密方法需要时间,但是企业运作是不能停的,如果你是个人还好,企业的话,你就会活的很累。因为你要数据马上就要做事了,没数据整个企业就瘫痪了。

360fans_uid41945969 发表于 2020-2-19 15:44

---=== Welcome. Again. ===---

[+] Whats Happen? [+]

Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension 102516.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).

[+] What guarantees? [+]

Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.

[+] How to get access on website? [+]

You have two ways:

1) Using a TOR browser!
a) Download and install TOR browser from this site: torproject.org/
b) Open our website: aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/6F980D2920EC880B

2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: decryptor.top/6F980D2920EC880B

Warning: secondary website can be blocked, thats why first variant much better and more available.

When you open our website, put the following data in the input form:
Key:

4i7FYfXDOV3gwrJM8VHsmErgxObyzZDDRGqWS2ufQ3dCk11Wefi0vt/G9iHqeWGo
O0bCZUcTTuhD1nh3UrnpWYsHiaO9Scx0y862OykG0eBVm9yNuAn4B3DPqRB+TPYF
qP2z1Br3JUT5mvsD3Tbp6cXFlBSD202F7fjj3So21GFab5ipXZ/pZaWhmQoS2aGc
VhSye4gTGOrKdRkkem9ZtwjdjMMb/zL4tf3raszffgu4gdr0YfYVrckytWKuKsJ+
hqwEmWKkCWhc1ov2BLMTSvqSVJBwUIwqvv357xUOA+Z/r1LUeS/ZLeUV7Z1y7f64
azA34ceGX8xQh9FX0Nkw+XJZpt48G2SlDWRp7FRc0c2ZM9Ge38mEJavwb9NCINjk
str8MSrV3dIYwB/kVO6F7VhNS214Rd36uA5stc1IALYx39zXBGsaIlnuXeV2j8+H
CU4LbACPrplhJzxMBlhLhsr4VV/VMVcxrECvs9NvDGLFXAckdmYvBSO1UDdKIZPU
uTNPUWixefoBemDZS/V4PTdb490v+vShQ6cR/CEfBMRj7WW/RceHG9X44H09V8SD
kFpMg2g9k7KE6JAoBVnWRDzaZPr0VqSHqqdk2aisFTdUKzJdIBMHxQ9gzCMyfhc0
5IzIm4fVZBjFs7Iyngfvm0IW5pMiw/TdaX6UF9pSsLFGNcqLvexfdCchZkM0DAGR
ilpwsLV2Fb29svBaaaS7wde+J4Kz76si835KS9JTolRRE0PVrG/EjFFsvrPiPBUp
cezM38uenKjpD1Oi/IhM8ge0d7QhXCIF28s5zSfY6Zar/TnRvil0SeVDY79SgFOI
+QkcF/1mZNucVm+RZHoOvYveFyPGYPC9WIj/dMPnWtudqCTLPVQHbJXihrl2SRoE
FPIW6OfPAyVary2CpdOTGPPqFFgefWl384OYBHa5tVncU7FVFPJoiVvRW3kLNwxF
LWFuUGujK/I6H3nhhCIYKP8RsHslFdGplgRWhzk51WgZqm398VKXH26tz3EEKu0c
mjfzYj1q58zZzRvwu0xLJgvlWN9nwlpO43nU2l883D3SkFawciln7B+w7w82l09G
+Tiz2s/sg+scfY3TmH4dJvGcJbE3F2SdRcNVcO9wNHHpK+H7AfiOe+3H8B7YecSc
lsiKRUFPblv6kXzhls4Md7oCoTA/wRaPf68U5FoCxuJBG0DWDuzmqfXZBWIaIrvS
4f2EySaz+DCIMM3k0iSQNZPNq2qjrH1oWWZtjFGln4WLavpd13y4O1FAsCrj5wLp
IEYFZnbcsGoIVp8Izok4XOKsh08mmQRe+tzll6rDoTuRwYpNCiIWiXSVw+94R7IE
d7Rp8CGMmgHVaoyDWNe6gg9aFIaLvKHuE/A4C7hmvS8SycSEibPguMQF4akSJQo/
/I1iXeHjDUpuRuk/FKMppepER29IWqsBnBU3EceZMdR6UhhW9piDUpb6G/rH4Vyv
sppc2WywilKH+kRRMSaVIP0fe7mwWiVGFMRPmbWl3WcwTkJgdEBUlpUPskwvjH8w
aODQ0lOzHR2e5bDfeJomxIFRmUhh/DdHNDlhHLqddl0qf9fykqfn8Z+unaU4d3Ca
AXfDcwg+NbLqunS5tZ5sfE8e



Extension name:

102516

-----------------------------------------------------------------------------------------

!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!

360fans_uid41945969 发表于 2020-2-19 15:44

2020-01-09号中毒的

360fans_XmrYvT 发表于 2020-2-29 14:12

2020年02月29日中毒。急死啦。

360fans_LjSKE0 发表于 2020-3-7 16:31

快半年了.......貌似只能付钱恢复

360fans563795780 发表于 2020-3-24 16:51

求大牛,帮忙哦。这个毒好久可以解哦?

360fans_u42436074 发表于 2020-4-2 16:03

你好,我们是做数据恢复,针对勒索病毒的破解和解密,需要的加我qq735573879

360fans_uid17266269 发表于 2020-5-6 17:21

Your files are locked due to a vulnerability in your system by "13bc2" extension.
You will not be able to decrypt the files yourself, in the worst case you can destroy the data irreversibly.
The only way to unlock your data is to buy the decryption program.
Go to the link written below to more details.

If you cannot do this yourself, find a data recovery company in internet.
They cannot help you unlock your data, because only we have decryption key, but will help you make a payment and provide you guarantees.

If you have problems exchanging Bitcoin for Monero or cannot buy, then use the cryptocurrency exchange services, a list of various services: https://www.bestchange.com/

ATTENTION! DATA RECOVERY AGENCIES WORK AND DURING THE CORONOVIRUS QUARANTINE, THEY WILL HELP YOU REMOTE.

Also, I ask you to note, you have no long time, if you do not make payment soon, the price for the decryptor will double. So I recommend you dont waste time and move!

Go to the page through the browser:

http://decryptor.cc/2D5A1EAA2296C928

If your site does not open, then download the "TOR Browser" (https://torproject.org/).
If you cannot access the download page of the "TOR Browser", then download the VPN!

After installing "TOR Browser", open it and follow the link:

http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/2D5A1EAA2296C928

After going to the site, enter the following code:

E4ggg5UEn7+u2f4i9xxKWwuv9r4tQsslbAmFNA9ee4tUJ18DSMUwf5P+N3O6MhI/
81zxO+m+2PbJy/6MixTWZjvbfCPXkcrn/mDZTv/pk/OXNp231aBVfTYGpa+3sXox
wnYcSjjJqO4znXG31Df46nnwfmPGuQ1Qw5MMQBpVFqDvVTuIhetSaJRz0l2HqfeC
f/B1Mr6D5dAh6ahQgN8hP/9FUApWivsvJLVZhuAEAv8dqI6TTlroKrc9n7zxXf2Y
c/pbSanEEnC64KrcZmlBnAUGDSQ32RkAKQBN7WQ3NkNhUEcAs4liy5FK+KIgWnUH
PR5Ghti25XCL4h84FF/r/Hdl7C1mNRbEScMlL57Rt+TehTyecv3u3Npu8TLcMRwk
PQVB710WMK2axeqyRxqKdSHiXr8++4Io35n+5/OV/qi9MD/oY3FbJ71DYZ9fzmjS
2cQgdEJOHV/DD+jk7IAFI38hj5IzPnPoro6suyDvcWGjfH8KI3zpawveAiC0BDLY
An2J3Fi89co3PqYH5g54+pn4p0uHTvEchgI2BHBuInHRHITRT1mIpchA1SAiNpTz
Hc9MZYVwv3svkazRTtX4GDV0UJ09Rgy2bsN3RrYM/QSyahhUqWDgdWGbKm+xnhy4
Vm0V+Tr9FFqzlpgTHb4adunaTCERQQcZJ4szDWHH/ST56cJrNtF4EoVrx1xYMW+u
DClp7K47spTMGRijzPgoXcbMZabrPa9H7a05WjOY/SFvH2mIKEZT5Dbqqwg7jQep
Edslu6VtZJnGbUheSipxYHypzZ+CVmpYZ0p0Fmvq0IbRnbdARbopsaey/TBDjc/n
hUkJH4c1jd22eFOM/ftXOvgTFSJNvb5XaWVOQTGWfPxWNabFhcJwQv8sNl2SXCKv
CmFkic4R56xY2X85bQZ3IxfYqFcumI+wzz7c8PNaETUML59ud8v+0YoCxKBxP9cl
iwAGMJjX91BVH+lEERJHCbujg5Xr9LQzsuB+q+DGFRW4E7Bqr7VKu3V7KmaY63P7
73SK4XcrlrDw1Ppe0oaM3CxYDmhs6MR0UCUOVLD14BjYDk8hd5O4lQA+YEAb9jg0
n71EqcG0UngzcsI6K+etze2uZ7BU1XYQ+iqVbnCszT2sMOFl/IqJKrKdh6SRXLCt
kCx/GaI014/s+MF1JXuTweYqiEUkrDGLjZh59lytcVeVKN5XUMEtzGSxc+fa4o4e
IUkuO3/488YCOVuJ5Ucud4oZ2v4qqEeiuMoKdDUrkyNptwMRwnOWCxCnqkj5xnWI
cnBmEzGyC1XCLzRPMgsZHS+zSaYzazPvWYI4x+/z2tdPyKLDqM//jkW9EmW610nF
6coOLERRpvSNobt8wf4F9ouPlVNvxCfT4kw0aA2IItyA654PYigg0djw2Oudz5Ww
dkXs9Fcjw1bH5ohRS8mEzxHKObMGq0Wp2E6H4h8Ai0BOYCzrk0nV7XXbm+Jpj59q
SjWmLWGUtM438S1MTW386t4A+A4=

360fans_uid42977046 发表于 2020-5-22 18:33

4台电脑好多重要的文件坐等

360fans_uid42977046 发表于 2020-5-22 18:33

已中,希望360工程师能够解决,发布解密工具

360fans_17IAPP 发表于 2020-6-22 14:03

19.12中毒 希望快点有破解工具

360fans_17IAPP 发表于 2020-6-22 14:04

看过了。一台主机恢复的价格快30w人民币,付不起,只能等破解工具了

360fans_uid43391265 发表于 2020-6-28 10:48

360fans73954745 发表于 2020-7-13 11:49

我已中奖两个多月了,一直没重做系统,等待重见天日那一天
页: [1] 2
查看完整版本: Sodinokibi勒索病毒家族详情