The extension looks random.
Please help me to identify the Ransomware.
The case ID: SHA1: a224aacb76ffd8f73f46e50709559e1842bae563[/size]
File extention is: [/size]r23wf10
There are several different ransomware infections which append a random 4, 5, 6, 7, 8, etc character extension to the end of all affected filenames...CTB-Locker, Crypt0L0cker, CryptON (Cry9, Cry36, Cry128, Nemesis), Skull, SynAck, Maktub Locker, Alma Locker, Princess Locker, Locked-In, Mischa, Goldeneye, Al-Namrood 2.0, Cerber v4x/v5x and some Xorist variants.
The best way to identify the different ransomwares that use "random character extensions" is the ransom note (including it's name), samples of the encrypted files, any obvious extensions appended to the encrypted files, information related to any email addresses used by the cyber-criminals to request payment and the malware file responsible for the infection. If you have not done so, I suggest you try uploading both encrypted files and ransom notes together at ID Ransomware since that provides a more positive match.