Ransomware Research
Bucbi Ransomware
Bucbi is a malicious ransomware strain that encrypts victim files and demands ransom payment for decryption. First observed in the wild on March 1, 2014, this ransomware has been actively targeting systems worldwide.
Quick Facts
- Ransomware Family
- Bucbi
- First Seen
- March 1, 2014
How Bucbi Ransomware Works
Targeted Files
https://www.bleepingcomputer.com/forums/t/619055/help-needed-unknown-ransomware-or-cryptoware/ https://app.any.run/tasks/6736bcb9-6f78-4f3d-9e88-2302e3344f5c
Ransom Note and Payment Demands
After encrypting files, Bucbi displays ransom notes demanding payment for file recovery:
README.txt
Ransom message:
notes/README.txt
Ransom message:
notes/note.txt
Note locations:
Login
Technical Indicators
Associated Executable Files
The following executable files are associated with Bucbi ransomware:
Bucbi
myfile.exe
171a6135369c.exe
211e5c13c904a9.exe
c904a9.exe
file-6751296_exe
12.exe
FileCrypt.exe
edtalgnm.exe
Elastio Can Help You
Don't let Bucbi ransomware take over your data
Elastio provides advanced ransomware protection and recovery solutions to keep your organization safe.
About This Analysis
This Bucbi ransomware analysis is part of Elastio's comprehensive ransomware detection database. Elastio provides advanced ransomware protection and recovery solutions, helping organizations defend against and recover from ransomware attacks like Bucbi.
Last updated: July 30, 2025