Babuk2

Babuk RaaS 2021 Russia. AES-GCM AAD encrypted authentication. GetTickCount64 triple anti-debug. The victim source code was you.

Threat Profile
Type Ransomware
Programming LanguageC
C2 ProtocolHTTPS
First Seen2021
Targets Küresel Kurumsal
Purpose / Capabilities
  • ransomware
No C2 servers have been identified for this family yet.

Research Reports (1)

High

Babuk2 Ransomware -- AES-GCM AAD Ek Kimlik Doğrulama Verisi, Üçlü Anti-Debug | Yüksek

Babuk2 2MB. AES-GCM AAD cannot be input after data to be encrypted. GetTickCount64+GetTickCount+IsDebuggerPresent uclu anti-debug.

Read Report →