There are several different ransomware infections which append a random 4, 5, 6, 7, or 8 character extension to the end of all affected filenames (i.e. CTB-Locker, Crypt0L0cker, Maktub Locker, Alma Locker, Princess Locker, Locked-In, Mischa, Goldeneye, Al-Namrood 2.0, Cerber v4x/v5x and some Xorist variants).
Did you upload both encrypted files and ransom notes together? Doing that provides a more positive match and helps to avoid false detections.
Did the cyber-criminals provide an email address to send payment to? If so, what is the email address?
The best way to identify the different ransomwares that use "random character extensions" is the ransom note (including it's name), samples of the encrypted files, the malware file itself or at least information related to the email address used by the cyber-criminals to request payment.
Based on infection rates we see, you are most likely dealing with CTB-Locker or the newest Crypt0L0cker variant. If the extension is not random...it's something new.