Bart

Description

(Proofpoint) Bart ransomware appeared for exactly one day on June 24, 2016. It was a secondary payload downloaded by RockLoader, the initial payload in a large email campaign using zipped JavaScript attachments. The Bart ransom screen was visually similar to Locky’s but Bart had one important distinction: it could encrypt files without contacting a command and control server. However, we have not seen Bart since, suggesting that this was either an experiment or that the ransomware did not function as expected for TA505.

Names

Name
Bart

Type

Ransomware

Information

https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.bart

Playbook

https://labs.bitdefender.com/2017/04/bart-ransomware-decryption-tool-released-works-for-all-known-samples/
https://www.nomoreransom.org/uploads/Avast_how-to-guide.pdf

Other Information

Uuid

6b83a611-9d11-4f1c-b4b5-a6854cb17df7

Last Card Change

2021-04-25

Threat Intelligence Garden

Explorer

Bart

Bart

Description

Names

Category

Type

Information

Malpedia

Playbook

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks