| Time & API |
Arguments |
Status |
Return |
Repeated |
1619948417.962148
NtWriteFile
|
file_handle:
0x00000954
filepath:
C:\tmpsij43m\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948418.071148
NtWriteFile
|
file_handle:
0x00000938
filepath:
C:\tmpsij43m\bin\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948419.118148
NtWriteFile
|
file_handle:
0x000009a8
filepath:
C:\Program Files\Oracle\VirtualBox Guest Additions\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948419.227148
NtWriteFile
|
file_handle:
0x000009a0
filepath:
C:\tmpsij43m\lib\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948419.524148
NtWriteFile
|
file_handle:
0x00000b10
filepath:
C:\Users\Administrator.Oskar-PC\Documents\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948423.509148
NtWriteFile
|
file_handle:
0x00000b14
filepath:
C:\Users\Administrator.Oskar-PC\Documents\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948425.618148
NtWriteFile
|
file_handle:
0x0000171c
filepath:
C:\Program Files\Google\Chrome\Application\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948425.618148
NtWriteFile
|
file_handle:
0x00001608
filepath:
C:\Program Files (x86)\Microsoft.NET\RedistList\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948426.509148
NtWriteFile
|
file_handle:
0x000019f4
filepath:
C:\Program Files (x86)\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948426.556148
NtWriteFile
|
file_handle:
0x00001658
filepath:
C:\ProgramData\Microsoft\MF\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948426.681148
NtWriteFile
|
file_handle:
0x0000171c
filepath:
C:\Program Files\Google\Chrome\Application\Dictionaries\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948426.774148
NtWriteFile
|
file_handle:
0x00000cfc
filepath:
C:\ProgramData\Microsoft\User Account Pictures\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948427.415148
NtWriteFile
|
file_handle:
0x00001de8
filepath:
C:\tmpsij43m\modules\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948428.477148
NtWriteFile
|
file_handle:
0x00001e7c
filepath:
C:\ProgramData\Microsoft\IlsCache\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948428.509148
NtWriteFile
|
file_handle:
0x00000998
filepath:
C:\ProgramData\Microsoft\RAC\StateData\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948428.587148
NtWriteFile
|
file_handle:
0x00001e60
filepath:
C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948428.602148
NtWriteFile
|
file_handle:
0x000016dc
filepath:
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.306148
NtWriteFile
|
file_handle:
0x0000174c
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.352148
NtWriteFile
|
file_handle:
0x00001fb0
filepath:
C:\ProgramData\Microsoft\Crypto\Keys\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.352148
NtWriteFile
|
file_handle:
0x00001e98
filepath:
C:\Users\Administrator.Oskar-PC\Contacts\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.352148
NtWriteFile
|
file_handle:
0x00001ec4
filepath:
C:\Users\Administrator.Oskar-PC\Searches\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.446148
NtWriteFile
|
file_handle:
0x000006e0
filepath:
C:\Program Files\Google\Chrome\Application\SetupMetrics\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.634148
NtWriteFile
|
file_handle:
0x00001054
filepath:
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.649148
NtWriteFile
|
file_handle:
0x00001e60
filepath:
C:\ProgramData\Microsoft\Windows\DRM\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.712148
NtWriteFile
|
file_handle:
0x0000102c
filepath:
C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.759148
NtWriteFile
|
file_handle:
0x00001578
filepath:
C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.790148
NtWriteFile
|
file_handle:
0x00001588
filepath:
C:\tmpsij43m\lib\api\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.821148
NtWriteFile
|
file_handle:
0x00000858
filepath:
C:\Users\Public\Videos\Sample Videos\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948429.946148
NtWriteFile
|
file_handle:
0x000002f8
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\WidevineCdm\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948430.149148
NtWriteFile
|
file_handle:
0x00002094
filepath:
C:\Users\Public\Recorded TV\Sample Media\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948430.931148
NtWriteFile
|
file_handle:
0x00000468
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948431.040148
NtWriteFile
|
file_handle:
0x00001e60
filepath:
C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948431.040148
NtWriteFile
|
file_handle:
0x00000698
filepath:
C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948431.259148
NtWriteFile
|
file_handle:
0x00000590
filepath:
C:\Users\Public\Libraries\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948431.384148
NtWriteFile
|
file_handle:
0x0000031c
filepath:
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948432.009148
NtWriteFile
|
file_handle:
0x00001eb0
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948432.790148
NtWriteFile
|
file_handle:
0x00000198
filepath:
C:\Python27\DLLs\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948433.087148
NtWriteFile
|
file_handle:
0x000017f4
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_d473a376adfb18a7b165c5e3c26de43cd8bccb_cab_05eac559\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948433.306148
NtWriteFile
|
file_handle:
0x000015d4
filepath:
C:\Users\Public\Pictures\Sample Pictures\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948433.306148
NtWriteFile
|
file_handle:
0x000001c8
filepath:
C:\Users\Public\Music\Sample Music\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948433.571148
NtWriteFile
|
file_handle:
0x00000afc
filepath:
C:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948433.649148
NtWriteFile
|
file_handle:
0x00001eac
filepath:
C:\tmpsij43m\lib\core\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948434.259148
NtWriteFile
|
file_handle:
0x00001e18
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_e44d9bd7eba8ad7f54ca160a4fc3d2a5d4c60_cab_055f7698\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948434.431148
NtWriteFile
|
file_handle:
0x0000171c
filepath:
C:\Python27\Tools\pynche\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948434.696148
NtWriteFile
|
file_handle:
0x00001d10
filepath:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_94995ab25177e7c7298027ae617b93854df5_cab_0126c1cf\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948434.759148
NtWriteFile
|
file_handle:
0x0000102c
filepath:
C:\Users\Oskar\Contacts\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948435.024148
NtWriteFile
|
file_handle:
0x000017f4
filepath:
C:\ProgramData\Microsoft\Assistance\Client\1.0\zh-CN_en-US\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948435.165148
NtWriteFile
|
file_handle:
0x000016d8
filepath:
C:\Users\Oskar\Favorites\Windows Live\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948435.712148
NtWriteFile
|
file_handle:
0x0000101c
filepath:
C:\Python27\Tools\versioncheck\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|
1619948436.009148
NtWriteFile
|
file_handle:
0x00001c30
filepath:
C:\Python27\Tools\i18n\FF4619-Readme.txt
buffer:
Hi!
Your files are encrypted by Netwalker.
All encrypted files for this computer has extension: .ff4619
--
If for some reason you read this text before the encryption ended,
this can be understood by the fact that the computer slows down,
and your heart rate has increased due to the ability to turn it off,
then we recommend that you move away from the computer and accept that you have been compromised.
Rebooting/shutdown will cause you to lose files without the possibility of recovery.
--
Our encryption algorithms are very strong and your files are very well protected,
the only way to get your files back is to cooperate with us and get the decrypter program.
Do not try to recover your files without a decrypter program, you may damage them and then they will be impossible to recover.
For us this is just business and to prove to you our seriousness, we will decrypt you one file for free.
Just open our website, upload the encrypted file and get the decrypted file for free.
--
Steps to get access on our website:
1.Download and install tor-browser: https://torproject.org/
2.Open our website: pb36hu4spl6cyjdfhing7h3pw6dhpk32ifemawkujj4gp33ejzdq3did.onion
If the website is not available, open another one: rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion
3.Put your personal code in the input form:
{code_ff4619:
cUKoUMD2ZvOihvw/J/LCR50+hydh1ULiPJKDuXRmn+2DbZMQeK
uSxmHXRvpmgNPaE9d2Z/KbdCUit+mE7qK/ZaT5rCMfJ6I2NPbn
h+gUl/1hA+Rm42GYsJYLOiLdhEvBeazcpavfsQmcPMZXZH5lh1
VhtfRqkFLxIrHkLA4IhW/VE6Cr8rfdrRS2QZh5XrzUS5Xf14a+
KdPpY+2DT5SZO6dP8Qc2X9bIX11cydfe00eJe7mTzPFp9CYtXe
6n38vCehE7bF9/nrG1NONgs1pk2sd/5Pylwd80jA==}
offset:
0
|
success
|
0 |
0
|