Ransomware.live Ranson Note:

Buy Me a Coffee

Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Ransom Notes:

IOC

Your network was hacked. Your ID: 269

DO NOT RESET OR SHUTDOWN your PC or server.
DO NOT RENAME/ MOVE/ DELETE the encrypted and readme files.

Info:
http://fcjam663uvgid2xbar24kab2vt4hjzsn6o77glh35jscuo567b2mnyqd.onion/order/[snip]

btpsupport@protonmail.com

If you decide not to cooperate your sensitive data will be shared to public at 
http://hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion 
and all the rest will remain unreachable to you.

Indicators of Compromise

Type	IOC
`email`	`btpsupport@protonmail.com`
`onion url`	http://fcjam663uvgid2xbar24kab2vt4hjzsn6o77glh35jscuo567b2mnyqd.onion/order/[snip]
`onion url`	http://hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion