无意间打开了勒索病毒的告知文件,几年前很多人很熟悉这个文件。
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension u347q678t1.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/BC8672006A67FFE6
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.top/BC8672006A67FFE6
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
5hk/
iWe0qfqybxtAXvfeliSVyQWfZfpHZ1JeQPnF9DYZSR4O8ua2O3+2on9E
Extension name:
u347q678t1
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
突然想是否这个加密密钥是否已经被破解,没想到还真找到了这个工具:
Bitdefender announced the availability of a universal decryptor for REvil/Sodinokibi. Created in collaboration with a trusted law enforcement partner, this tool helps victims encrypted by REvil ransomware to restore their files and recover from attacks made before July 13, 2021.
官网下载地址:或者 解密程序下载
解压缩直接执行程序即可,选择你原来包含了被加密的文件夹,直接解密就可以,很快 你的加密文件就。
可能遇到问题:
1.无法连接解密服务器,那需要你电脑具备能访问海外网站的能力;
2.工具一直不进行解密,一直在扫描磁盘,那是因为需要在此文件夹下面放置勒索病的那个说明文件,因为那个文件里面包含了key
虽然那些文件已经被加密很久,这些文件过了失效也没有那么重要了,但是能让它们重见天日也是一件好事。
