| Time & API |
Arguments |
Status |
Return |
Repeated |
1619884238.922749
NtWriteFile
|
file_handle:
0x00000968
filepath:
C:\ProgramData\Microsoft\MF\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884238.922749
NtWriteFile
|
file_handle:
0x00000fc4
filepath:
C:\Program Files (x86)\Microsoft.NET\RedistList\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884239.001749
NtWriteFile
|
file_handle:
0x00000818
filepath:
C:\ProgramData\Microsoft\User Account Pictures\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884239.235749
NtWriteFile
|
file_handle:
0x00000304
filepath:
C:\Program Files\Oracle\VirtualBox Guest Additions\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884239.313749
NtWriteFile
|
file_handle:
0x000013e8
filepath:
C:\ProgramData\Microsoft\IlsCache\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884239.344749
NtWriteFile
|
file_handle:
0x000013f4
filepath:
C:\Program Files\Google\Chrome\Application\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884239.501749
NtWriteFile
|
file_handle:
0x00000450
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884243.376749
NtWriteFile
|
file_handle:
0x00001c70
filepath:
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884244.829749
NtWriteFile
|
file_handle:
0x00001634
filepath:
C:\Program Files\Google\Chrome\Application\SetupMetrics\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.391749
NtWriteFile
|
file_handle:
0x00000570
filepath:
C:\tmpsij43m\modules\packages\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.407749
NtWriteFile
|
file_handle:
0x00000444
filepath:
C:\ProgramData\Microsoft\RAC\StateData\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.422749
NtWriteFile
|
file_handle:
0x00000570
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.469749
NtWriteFile
|
file_handle:
0x00001418
filepath:
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.485749
NtWriteFile
|
file_handle:
0x0000047c
filepath:
C:\ProgramData\Microsoft\Assistance\Client\1.0\zh-CN_en-US\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.485749
NtWriteFile
|
file_handle:
0x00001f44
filepath:
C:\Python27\Tools\versioncheck\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884245.485749
NtWriteFile
|
file_handle:
0x0000192c
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884246.672749
NtWriteFile
|
file_handle:
0x00001cf0
filepath:
C:\tmpsij43m\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884248.219749
NtWriteFile
|
file_handle:
0x000002ec
filepath:
C:\tmpsij43m\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884249.735749
NtWriteFile
|
file_handle:
0x00000d90
filepath:
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.047749
NtWriteFile
|
file_handle:
0x000021b0
filepath:
C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.313749
NtWriteFile
|
file_handle:
0x0000220c
filepath:
C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.641749
NtWriteFile
|
file_handle:
0x00000610
filepath:
C:\tmpsij43m\modules\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.657749
NtWriteFile
|
file_handle:
0x00000dcc
filepath:
C:\ProgramData\Microsoft\Crypto\Keys\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.672749
NtWriteFile
|
file_handle:
0x00000260
filepath:
C:\tmpsij43m\bin\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884250.657749
NtWriteFile
|
file_handle:
0x0000036c
filepath:
C:\Program Files\Google\Chrome\Application\Dictionaries\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884251.891749
NtWriteFile
|
file_handle:
0x00002204
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.188749
NtWriteFile
|
file_handle:
0x00000374
filepath:
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.329749
NtWriteFile
|
file_handle:
0x00000db8
filepath:
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.329749
NtWriteFile
|
file_handle:
0x000007ac
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.344749
NtWriteFile
|
file_handle:
0x0000031c
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\MEIPreload\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.454749
NtWriteFile
|
file_handle:
0x0000220c
filepath:
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.469749
NtWriteFile
|
file_handle:
0x000008bc
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Extensions\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884253.969749
NtWriteFile
|
file_handle:
0x00002414
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884254.516749
NtWriteFile
|
file_handle:
0x00000560
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884254.922749
NtWriteFile
|
file_handle:
0x000025b0
filepath:
C:\ProgramData\Microsoft\Windows\DRM\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884255.344749
NtWriteFile
|
file_handle:
0x00000560
filepath:
C:\ProgramData\Microsoft\Windows\Ringtones\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884255.391749
NtWriteFile
|
file_handle:
0x00002304
filepath:
C:\tmpsij43m\modules\auxiliary\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884255.501749
NtWriteFile
|
file_handle:
0x000012f8
filepath:
C:\Users\Administrator.Oskar-PC\Searches\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884255.844749
NtWriteFile
|
file_handle:
0x000013e8
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_94995ab25177e7c7298027ae617b93854df5_cab_0126c1cf\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884255.860749
NtWriteFile
|
file_handle:
0x0000146c
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_e44d9bd7eba8ad7f54ca160a4fc3d2a5d4c60_cab_055f7698\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884256.391749
NtWriteFile
|
file_handle:
0x000028f8
filepath:
C:\Users\Public\Libraries\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884256.438749
NtWriteFile
|
file_handle:
0x000024c4
filepath:
C:\ProgramData\Microsoft\Assistance\Client\1.0\zh-CN\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884256.579749
NtWriteFile
|
file_handle:
0x0000258c
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884256.704749
NtWriteFile
|
file_handle:
0x00001a08
filepath:
C:\tmpsij43m\lib\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884256.735749
NtWriteFile
|
file_handle:
0x000028c0
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d473a376adfb18a7b165c5e3c26de43cd8bccb_cab_05eac559\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884257.079749
NtWriteFile
|
file_handle:
0x00002790
filepath:
C:\Python27\include\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884257.422749
NtWriteFile
|
file_handle:
0x00002720
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884257.532749
NtWriteFile
|
file_handle:
0x000003f0
filepath:
C:\Python27\Lib\distutils\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884258.626749
NtWriteFile
|
file_handle:
0x000028e8
filepath:
C:\Users\Oskar\Favorites\Windows Live\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|
1619884258.954749
NtWriteFile
|
file_handle:
0x000007b8
filepath:
C:\Python27\C3CCD-Readme.txt
buffer:
Hi!
Your files are encrypted.
All encrypted files for this computer has extension: .c3ccd
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised,
rebooting/shutdown will cause you to lose files without the possibility of recovery and even god will not be able to help you,
it could be files on the network belonging to other users, sure you want to take that responsibility?
--
Our encryption algorithms are very strong and your files are very well protected, you can't hope to recover them without our help.
The only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypt program, you may damage them and then they will be impossible to recover.
We advise you to contact us as soon as possible, otherwise there is a possibility that your files will never be returned.
For us this is just business and to prove to you our seriousness, we will decrypt you some files for free,
but we will not wait for your letter for a long time, mail can be abused, we are moving on, hurry up with the decision.
Сontact us:
1.2Hamlampampom@cock.li
2.Galgalgalgalk@tutanota.com
Don't forget to include your code in the email:
{code_3289ad72_c3ccd:
LSS6J+REQMwX8qzzxSH+LZYxhU76XJgu8TDRyCtuCQaot10MBC
PPx9Ea/qZlEENIECBpl5IL0thFo/gDVS2bR6PgTyL0vQpTcq2J
MvSr9Wqsx7qcFChozUDSk3xt8eUJfhQuVfYlTTJEhor8awMahB
r4p+VoBcgHRojrkTLNyAuhqS1YDO4MUiffKe0UThwgIGtuOMIK
zL+m1RA85VVcEGUXJG6KZ+nG2SAFdL1h12waC7ryokbC1s+hv5
JHD5XKa1Od/U/IlGqiNf/RJ0cKC9pJoy4=}
offset:
0
|
success
|
0 |
0
|