// Context
About This Negotiation
This transcript documents a trinity ransomware negotiation with 0012.
The negotiation consisted of 15 messages exchanged over Unknown.
The initial ransom demand was Unknown. The final outcome is not confirmed in the transcript.
// Primary Source
Full Transcript — Verbatim
Reproduced from Casualtek's Ransomchats archive. URLs have been redacted.
Victim names are shown only where the breach was publicly reported in mainstream media. Any organisation wishing their name redacted can contact us at
enquiries@binary-response.com — we will act promptly.
[0012] — — Message 1/15
Hello
[0012] — — Message 2/15
I was the victim of
your virus , I wanted to know if you have knowledge of how to decrypt
it! If you can help, I would be grateful. The files are all sql based
[trinity] — — Message 3/15
hello
[trinity] — — Message 4/15
how many computers you want to decrypt?
[0012] — — Message 5/15
only 1 server
[trinity] — — Message 6/15
price 0.5 bitcoin
[trinity] — — Message 7/15
after payment you will receive the decryption program
[trinity] — — Message 8/15
host.docker.internal
[redacted] C :\930 D :\1.81 [redacted]... SYNOLOGYNAS1
[redacted] 3.57Tb [redacted]...
[0012] — — Message 9/15
Can you provide me a Chat link where I can write?
[0012] — — Message 10/15
And ban this one?
[trinity] — — Message 11/15
you can only chat with your ID. only here
[0012] — — Message 12/15
fuck this
[trinity] — — Message 13/15
we don't work with middlemen write so that the client can see
[0012] — — Message 14/15
middlemen fuck you
[trinity] — — Message 15/15
ok