Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Malware-Misc-RE/2021-08-05-blackmatter-ransom-linux-esxcli-func-vk.raww
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
106 lines (91 sloc)
2.74 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ////////////////////////////////////////////////////////////////// | |
| ////////////////// BLACKMATTER RANSOM x64 ELF ESXCLI///////////// | |
| ////////////////////////////////////////////////////////////////// | |
| bool app::esxi_utils::get_domain_name(std::vector<std::basic_string<char> >&) | |
| bool app::esxi_utils::get_running_vms(std::vector<std::basic_string<char> >&) | |
| bool app::esxi_utils::get_process_list(std::vector<std::basic_string<char> >&) | |
| bool app::esxi_utils::get_os_version(std::vector<std::basic_string<char> >&) | |
| bool app::esxi_utils::get_storage_list(std::vector<std::basic_string<char> >&) | |
| std::string app::esxi_utils::get_machine_uuid() | |
| bool app::esxi_utils::stop_firewall() | |
| bool app::esxi_utils::stop_vm(const string&) | |
| void app::files_proc::remove_info_file(const string&) | |
| void app::files_proc::create_info_file(const string&) | |
| void app::files_proc::wait_for_end() | |
| bool app::files_proc::init_base_config() | |
| void app::files_proc::encrypt_single_file(const string&) | |
| void app::files_proc::worker_proc(size_t) | |
| bool app::files_proc::process_all_files(const std::vector<std::basic_string<char> >&) | |
| bool app::file_encrypter::rename_file(const string&, std::string&) | |
| bool app::file_encrypter::process_file(const string&) | |
| bool app::file_encrypter::run(const string&) | |
| void app::master_proc::apply_info_message(std::shared_ptr<app::setup_impl>) | |
| void app::master_proc::stop_process_list(std::shared_ptr<app::setup_impl>) | |
| void app::master_proc::stop_vms(std::shared_ptr<app::setup_impl>) | |
| bool app::master_proc::process_file_encryption(std::shared_ptr<app::setup_impl>, size_t&, size_t&, size_t&) | |
| bool app::master_proc::run(std::shared_ptr<app::setup_impl>) | |
| bool app::setup_impl::init_cfg() | |
| void app::setup_impl::init_log() | |
| bool app::web_reporter::is_valid_json(const string&) | |
| bool app::web_reporter::encrypt_post_data(const string&, const string&, std::string&) | |
| Encryption Mode: | |
| disk.dark-size | |
| disk.white-size | |
| disk.min-size | |
| Encryption Size: | |
| White Size: | |
| Min Size: | |
| NO File Found | |
| [FILE] | |
| RSA Key OK | |
| Failed to Create Info File, | |
| NO stat available for | |
| Unable to get Size of ' | |
| File: | |
| Processing file ' | |
| ' DONE | |
| ' FAILED | |
| Processing File: ' | |
| --formatter=csv | |
| --format-param=fields== | |
| M-ID Failed, | |
| worker-concurrency | |
| Threads NUmber: | |
| single | |
| multiple | |
| disk.type | |
| ', stored ' | |
| ', trying to retrieve ' | |
| " not used | |
| Waiting for Worker End... | |
| All Workers Ended | |
| vmfs | |
| vffs | |
| process already started | |
| (null) | |
| network | |
| firewall | |
| --enabled | |
| false | |
| wait failure: | |
| FW Stopped | |
| [FW Stopping] | |
| FW Stopping Failed, | |
| uuid | |
| Unable to Get Machine UUID, | |
| storage | |
| filesystem | |
| Unable to get Storage List, | |
| "Product, Version" | |
| Unable to Get OS Version, | |
| "Id,CommandLine,Name" | |
| process | |
| Unable To Get Process List, | |
| "WorldID,DisplayName" | |
| Unable to get VM List, | |
| Unable to get Domain Name, | |
| kill | |
| --type=force | |
| --world-id= | |
| VM Stopping Failed, | |
| /sbin/esxcli |