We were hit by the same ransomware. I contacted the Hacker. They asked for 10,000 USD at first then they reduced to 7,000 USD.
I offered 2,000 USD but they refused so i stopped the negotiation with them.
I also suspect of the RDP unsecure connection. Even they encrypted hidden and backup drives.
I also asked for proof to decrypt a sql database. They refused but sent me a video of the decryption. Below are all the files exchanged.
For the sample files they did not ask for the note. Just the encrypted file.
The video for the decryption in in the following link: https://we.tl/t-7IVDKGve07
Attached Files
Edited by GtsKsa2, 22 March 2022 - 03:59 AM.