STRLCPY/ransomware_notes

add new ransomhouse ransom note
ThreatLabz committed 1 year ago

cd66e780

1 parent af480d23

Total 1 files

■ ■ ■ ■ ■ ■

ransomhouse/Restore Your Files.txt

1	+	--------------------------------------------------------
2	+	Welcome to the RansomHouse
3	+	You are locked by
4	+	M A R I O ESXI
5	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣴⡾⣻⣿⣿⣿⣿⣯⣍⠛⠻⢷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀
6	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⣿⠟⢁⣾⠟⠋⣁⣀⣤⡉⠻⣷⡀⠀⠙⢿⣷⣄⠀⠀⠀⠀⠀⠀
7	+	⠀⠀⠀⠀⠀⠀⠀⢀⡀⠀⠀⠀⠀⠀⠀⣰⣿⠏⠀⠀⢸⣿⠀⠼⢋⣉⣈⡳⢀⣿⠃⠀⠀⠀⠙⣿⣦⡀⠀⠀⠀⠀
8	+	⠀⠀⠀⠀⠀⠀⢰⡿⠿⣷⡀⠀⠀⠀⣼⣿⠃⠀⠀⣀⣤⡿⠟⠛⠋⠉⠉⠙⢛⣻⠶⣦⣄⡀⠀⠘⣿⣷⡀⠀⠀⠀
9	+	⢠⣾⠟⠳⣦⣄⢸⡇⠀⠈⣷⡀⠀⣼⣿⡏⢀⣤⡾⢋⣵⠿⠻⢿⠋⠉⠉⢻⠟⠛⠻⣦⣝⠻⣷⣄⠸⣿⣿⠀⠀⠀
10	+	⠘⣧⠀⠀⠀⠙⢿⣿⠀⠀⢸⣷⠀⣿⣿⣧⣾⣏⡴⠛⢡⠖⢛⣲⣅⠀⠀⣴⣋⡉⠳⡄⠈⠳⢬⣿⣿⣿⡿⠀⠀⠀
11	+	⠀⠘⠷⣤⣀⣀⣀⣽⡶⠛⠛⠛⢷⣿⣿⣿⣿⣏⠀⠀⡏⢰⡿⢿⣿⠀⠀⣿⠻⣿⠀⡷⠀⣠⣾⣿⡿⠛⠷⣦⠀⠀
12	+	⠀⠀⢀⣾⠟⠉⠙⣿⣤⣄⠀⢀⣾⠉⠀⢹⣿⣿⣷⠀⠹⡘⣷⠾⠛⠋⠉⠛⠻⢿⡴⢃⣄⣻⣿⣿⣷⠀⠀⢹⡇⠀
13	+	⠀⠀⢸⡇⠈⠉⠛⢦⣿⡏⠀⢸⣧⠀⠈⠻⣿⡿⢣⣾⣦⣽⠃⠀⠀⠀⠀⠀⠀⠀⣷⣾⣿⡇⠉⢿⡇⠀⢀⣼⠇⠀
14	+	⠀⠀⠘⣷⡠⣄⣀⣼⠇⠀⠀⠀⠻⣷⣤⣀⣸⡇⠀⠹⣿⣿⣦⣀⠀⠀⠀⠀⢀⣴⣿⣿⡟⠀⠀⢸⣷⣾⡿⠃⠀⠀
15	+	⠀⠀⠀⠈⠻⢦⣍⣀⣀⣀⡄⠀⣰⣿⡿⠿⢿⣇⠀⠀⠉⠛⠻⣿⣿⡷⠾⣿⣿⡿⠉⠁⠀⠀⢀⣾⠋⠁⠀⠀⠀⠀
16	+	⠀⠀⠀⠀⠀⠀⠈⠉⠉⠙⠿⢿⣿⣇⠀⠀⠈⢿⣧⣄⠀⠀⠀⢹⣷⣶⣶⣾⣿⡇⠀⠀⣀⣴⡿⣧⣄⡀⠀⠀⠀⠀
17	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣷⡀⠀⠀⠙⢿⣿⣶⣤⡀⠻⢤⣀⡤⠞⢀⣴⣿⣿⠟⢷⡀⠙⠻⣦⣄⠀⠀
18	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢻⣦⠀⢠⡟⠁⠙⢻⣿⠷⠶⣶⠶⠾⠛⠙⣿⠇⠀⠀⢻⡄⠀⠀⠙⢷⡀
19	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣿⡀⣿⠁⣤⣤⡄⢻⡶⠶⠛⠛⠛⠛⠛⣿⢠⣾⣷⣆⢻⡀⠀⠀⠈⣷
20	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⣿⣿⢸⣿⣿⣿⡈⢿⡀⠀⠀⠀⠀⠀⡿⢸⣿⣿⣿⢸⡇⠀⠀⠀⡟
21	+	⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠉⠉⠉⠈⠉⠉⠉⠁⠈⠁⠀⠀⠀⠀⠈⠁⠈⠉⠉⠉⠀⠁⠀⠀⠈⠁
22	+	Dear [snip],
23	+	If you are reading this message, it means that:
24	+	- your network infrastructure has been compromised,
25	+	- critical data was leaked,
26	+	- files are encrypted
27	+	--------------------------------------------------------
28	+	The best and only thing you can do is to contact us
29	+	to settle the matter before any losses occurs.
30	+
31	+	Onion Site:
32	+	http://xw7au5pnwtl6lozbsudkmyd32n6gnqdngitjdppybudan3x3pjgpmpid.onion/
33	+	Telegram Channel:
34	+	https://t.me/ransom_house
35	+	--------------------------------------------------------
36	+	1. THE FOLLOWING IS STRICTLY FORBIDDEN
37	+
38	+	1.1 EDITING FILES ON HDD.
39	+	Renaming, copying or moving any files
40	+	could DAMAGE the cipher and
41	+	decryption will be impossible.
42	+	1.2 USING THIRD-PARTY SOFTWARE.
43	+	Trying to recover with any software
44	+	can also break the cipher and
45	+	file recovery will become a problem.
46	+	1.3 SHUTDOWN OR RESTART THE PC.
47	+	Boot and recovery errors can also damage the cipher.
48	+	Sorry about that, but doing so is entirely at your own risk.
49	+	--------------------------------------------------------
50	+	2. EXPLANATION OF THE SITUATION
51	+	2.1 HOW DID THIS HAPPEN
52	+	The security of your IT perimeter has been compromised (it's not perfect at all).
53	+	We encrypted your workstations and servers to make the fact of the intrusion visible and to prevent you from hiding critical data leaks.
54	+	We spent a lot of time researching and finding out the most important directories of your business, your weak points.
55	+	We have already downloaded a huge amount of critical data and analyzed it. Now its fate is up to you, it will either be deleted or sold, or shared with the media.
56	+	2.2 VALUABLE DATA WE USUALLY STEAL:
57	+	- Databases, legal documents, personal information.
58	+	- Audit reports.
59	+	- Any financial documents (Statements, invoices, accounting, transfers etc.).
60	+	- Work files and corporate correspondence.
61	+	- Any backups.
62	+	- Confidential documents.
63	+	2.3 TO DO LIST (best practies)
64	+	- Contact us as soon as possible.
65	+	- Contact us only in our live chat, otherwise you can run into scammers.
66	+	- Purchase our decryption tool and decrypt your files. There is no other way to do this.
67	+	- Realize that dealing with us is the shortest way to success and secrecy.
68	+	- Give up the idea of using decryption help programs, otherwise you will destroy the system permanently.
69	+	- Avoid any third-party negotiators and recovery groups. They can become the source of leaks.
70	+	--------------------------------------------------------
71	+	3. POSSIBLE DECISIONS
72	+	3.1 NOT MAKING THE DEAL
73	+	- After 6 days starting tomorrow your leaked data will be Disclosed or sold.
74	+	- We will also send the data to all interested supervisory organizations and the media.
75	+	- Decryption key will be deleted permanently and recovery will be impossible.
76	+	- Losses from the situation can be measured based on your annual budget.
77	+	3.2 MAKING THE WIN-WIN DEAL
78	+	- You will get the only working Decryption Tool and the how-to-use Manual.
79	+	- You will get our guarantees (with log provided) of non-recovarable deletion of all your leaked data.
80	+	- You will get our guarantees of secrecy and removal of all traces related to the deal in the Internet.
81	+	- You will get our security report on how to fix your security breaches.
82	+	--------------------------------------------------------
83	+	4. EVIDENCE OF THE LEAKAGE
84	+	In our live chat
85	+	http://secxrosqawaefsio3biv2dmi2c5yunf3t7ilwf54czq3v4bi7w6mbfad.onion/?Url=[snip]
86	+	--------------------------------------------------------
87	+	5. HOW TO CONTACT US
88	+	5.1 Download and install TOR Browser https://torproject.org
89	+	5.2 Go to our live-chat website at http://secxrosqawaefsio3biv2dmi2c5yunf3t7ilwf54czq3v4bi7w6mbfad.onion/?Url=[snip]
90	+	5.3 You can request ftp server access in our live chat to review leaked data samples.
91	+	5.4 In case TOR Browser is restricted in your area use VPN services.
92	+	5.5 All leaked Data samples will be Disclosed in 4 Days if you remain silent.
93	+	5.6 Your Decryption keys will be permanently destroyed at the moment the leaked Data is Disclosed.
94	+	--------------------------------------------------------
95	+	6. RESPONSIBILITY
96	+	6.1 Breaking critical points of this offer will cause:
97	+	- Deletion of your decryption keys.
98	+	- Immediate sale or complete Disclosure of your leaked data.
99	+	- Notification of government supervision agencies, your competitors and clients.
100	+	--------------------------------------------------------
101	+

add new ransomhouse ransom note