GWISIN
- 이 파일 형식의 소유자이십니까?
- 소유자임을 증명하여 이 파일 형식이 신뢰할 수 있는 것임을 알려주세요(무료)
- 형식
- GWISIN(귀신) ransomware
- 분류
- G
- 조직
- GWISIN ransomware
- 간추린 설명
- GWISIN(귀신) ransomware
- 상세정보
- GWISIN(귀신) ransomware
- 여는 프로그램
- GWISIN
- MIME 형식
- NULL
- 확인된 문자열
- [MD5:1c9458b64ff31fed8f7c1f403d5e797a] [Filename:!!!_HOW_TO_UNLOCK_{{COMPANY}}_FILES_!!!.TXT] [Hex:52b9cf658066f0a2b10a787a437e9267514a217fbf45c1c37c965c75303539357f450aeb] [Hex:52b9cf658066f0a2b10a787a437e9267514a217fbf45c1c37c965c7530] [Ransomnote] Hello {{COMPANY_NAME}}, You have been visited by GWISIN. Your network has been infiltrated, sensitive data was selectively collected (exfiltrated) and encrypted on your premises. Infrastructure compromised: - All critical networks and servers ({{COMPANY_NAME}} AD takeover, HQ (KR) + CN + VN networks) - Storage appliances and hypervisors (Storage arrays [e.g {{COMPANY_NAME}}-PS6110XV] The data we have collected (downloaded) includes: - Business Files (R&D and production data): {{COMPANY_NAME}}-HYPERV01 -> {{COMPANY_NAME}}-FILE01 -> iSCSI storage arrays ({{COMPANY_NAME}}+* | {{COMPANY_NAME}}_*shares, e.g: {{COMPANY_NAME}}_RND_AD) -- Business data collected includes specs, requests, designs, many AutoDesk files and much more - ERP (Sales, distribution, other): {{COMPANY_NAME}}_erp / pc_dist / pc_fin / pc_mfg / secom and more (+ CN/VN) - EKP (DBs and configuration data): PlusWorkFlow, ezPersonal, exApproval_000, ezBoardSTD and more. (all EKP DB were collected) - Emails: Exchange EDBs (we can generate PSTs for each employee offline, so we have all organization emails) - Source code: Various source code collected from file shares and build VS VMs The good news for you is that we can decrypt all files with extension ".{{COMPANY_NAME}}", We can slow delete all sensitive data that ew have collected from our vaults and not sell or leak it. You can quickly recover business processes and avoid bad publicity which will damage your reputation with customers, long-term revenue and stock value. To contact us, follow the instructions: 1.) Download Tor Browser: https://torproject.org/download/ 2.) Go to our website: http://{{COMPANY_NAME}}:{{COMPANY_NAME_EN}}@{{ONION_VAR_1}}.onion/ 3.) Login with username "{{COMPANY_NAME}}", password "{{PASSWORD}}" 4.) Change password (one time setup) 5.) Setup end-to-end encryption chat password 6.) Read the full instructions and contact us using the message system on the website Contact us within 72 working hours via our chat system on the website provided. Do NOT contact law enforcement (no KNPA, KISA or others) as they will prevent you from paying and alow down the recovery process. They can't help you secure your network or prevent the leakage data, but most importantly, they can't help you recover your data.
- 프로그램 ID
- NULL
- 관련 파일
- 첨부되지 않음
- 관련 링크
- 링크 #1 링크 #2
- 첫 보고 일자
- 2022-08-04 12:57:14.0000000
- 마지막 보고 일자
- 2022-08-08 10:41:14.0000000
연관 타임라인
-
준비 중입니다.
준비 중입니다.
-
준비 중입니다.
준비 중입니다.