Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Ransom Note: booba.txt

Group: Booba

Dear Valued Partners,

We represent the Booba team, specializing in data decryption services. As part of our interaction, we have successfully extracted data from your network prior to system lockdown. We guarantee that, in accordance with our agreement, you will receive a functional decryption tool and have the opportunity to test it before making payment.

To familiarize yourself with our work, we invite you to visit our blog where we publish the list of "Silence Keepers": http://7t3zi3e7ki6iseun77ofqtr6wmbpgnpc2ada6gstcxp54lw6q2zb7jad.onion

Instructions for Contact:

1. Install the TOR browser at torproject.org/download/ to access our chat.
2. Copy this link — http://eazk7las3xsvsyxgww3jgzammqjevso2ydnmlopdhl3u2muyrmmilrqd.onion.
3. Use authorization code — [snip] — to log into our chat.

Note: Any independent attempts to recover files may result in their damage, rendering further assistance impossible. We suggest resolving this matter professionally and confidently finding an optimal solution.

Best Regards,
The Booba Team

Indicators of Compromise
Type IOC
onion url http://7t3zi3e7ki6iseun77ofqtr6wmbpgnpc2ada6gstcxp54lw6q2zb7jad.onion
onion url http://eazk7las3xsvsyxgww3jgzammqjevso2ydnmlopdhl3u2muyrmmilrqd.onion