Ransomware negotiation(s) with  conti


Hello, are you ready to negotiate?

28/06/2021, 18:01:05
Avatar
Avatar

Yes tell me how much I have to pay. We are ready to pay you for our data. I have some questions also. after payment will you provide support service? And where I have to pay?

03/07/2021, 13:32:04

We will provide all the relevant information the soonest possible.

04/07/2021, 19:52:51
Avatar

Please provide your company name

05/07/2021, 15:10:30
Avatar

Let me know if you need the decryption tool. The price will be based on this fact.

06/07/2021, 14:26:54
Avatar
Avatar

company name is [redacted] now help us fast please

09/07/2021, 11:43:33
Avatar

please keep the price low it's a request

09/07/2021, 11:43:50

We will discuss and let you know within few minutes.

09/07/2021, 11:45:19
Avatar
Avatar

okay please stay online

09/07/2021, 11:45:42

Are you acting on behalf of [redacted] ?

09/07/2021, 11:47:37
Avatar

Please provide us two files for the test decryption.

09/07/2021, 11:52:04
Avatar
Avatar

ok wait

09/07/2021, 12:07:03
Avatar

desktop.ini.[redacted] [ 708B ]

09/07/2021, 12:14:03
Avatar

ntuser.ini.[redacted] [ 554B ]

09/07/2021, 12:14:09
Avatar

now help us fast please with your price and address. One question after payment in how much time we will get the decryptor??

09/07/2021, 12:14:58
Avatar

Are you there?? We are waiting for your reply?? How long we have to wait for it?

09/07/2021, 12:55:28

we will provide the decrypted copies soon. Right now we are trying to figure out what of your resources were attacked, cause for now as we can see this particular strain of Conti was used in [redacted] network, so I ask you again, are you talking to us on their behalf?

09/07/2021, 13:02:00
Avatar

As soon as the payment is made the decryption tool will be provided within 20-30 minutes.

09/07/2021, 13:02:20
Avatar
Avatar

Yes we are talking on behalf of them

09/07/2021, 13:03:20

Do you need the list of the data that was taken from their network?

09/07/2021, 13:03:52
Avatar

The price for the decryption tool and the data for lounsburys.com is $1.25mil

09/07/2021, 13:04:49
Avatar
Avatar

if you can provide it will be good

09/07/2021, 13:05:01
Avatar

Can you please provide some discount??

09/07/2021, 13:05:11

We can make 25% discount if the payment will be made within 24 hours.

09/07/2021, 13:06:26
Avatar

desktop.ini [ 174B ]

09/07/2021, 13:08:17
Avatar

I've processed the request for the file tree list and example data pack to the tech dept. Will upload as soon as they reply

09/07/2021, 13:08:22
Avatar
Avatar

Ok and where we have to pay??

09/07/2021, 13:08:31

ntuser.ini [ 20B ]

09/07/2021, 13:08:32
Avatar

The btc wallet for the payment is : [redacted]

09/07/2021, 13:09:03
Avatar
Avatar

Can you please provide non-segwit address if you don't have any problem

09/07/2021, 13:13:41
Avatar

Can we request one more thing please?? Amount is very huge.. can you accept the money into multiple addresses, if you don't have any problem. We will try to pay with diff-diff wallets. I hope you understand our situation. It's a humble request

09/07/2021, 13:15:20

Here's the list of addresses for the payment, all are non-segwit : [redacted] [redacted] [redacted] [redacted] [redacted]

09/07/2021, 13:18:13
Avatar

Let me know if you've received the addresses. I will have to go offline for a couple of hours but I will be able to get back to you later today.

09/07/2021, 13:26:27
Avatar
Avatar

ok we are talking to higher management with all the details and I will update you by EOD otherwise tomorrow. We will try to pay you by today if higher mangement approves everything

09/07/2021, 13:31:59

This information is provided by Valéry Marchive

© 2024 Ransomware.live. All rights reserved.  |    Contact us  |    BlueSky  |    GitHub  |    LinkedIn

  Support Ransomare.live

Last Dataset update : 2024-09-19 16:49:10 UTC