-
Notifications
You must be signed in to change notification settings - Fork 45
Expand file tree
/
Copy path2021-08-05-blackmatter-ransom-linux-esxcli-func-vk.raww
More file actions
106 lines (91 loc) · 2.74 KB
/
2021-08-05-blackmatter-ransom-linux-esxcli-func-vk.raww
File metadata and controls
106 lines (91 loc) · 2.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
//////////////////////////////////////////////////////////////////
////////////////// BLACKMATTER RANSOM x64 ELF ESXCLI/////////////
//////////////////////////////////////////////////////////////////
bool app::esxi_utils::get_domain_name(std::vector<std::basic_string<char> >&)
bool app::esxi_utils::get_running_vms(std::vector<std::basic_string<char> >&)
bool app::esxi_utils::get_process_list(std::vector<std::basic_string<char> >&)
bool app::esxi_utils::get_os_version(std::vector<std::basic_string<char> >&)
bool app::esxi_utils::get_storage_list(std::vector<std::basic_string<char> >&)
std::string app::esxi_utils::get_machine_uuid()
bool app::esxi_utils::stop_firewall()
bool app::esxi_utils::stop_vm(const string&)
void app::files_proc::remove_info_file(const string&)
void app::files_proc::create_info_file(const string&)
void app::files_proc::wait_for_end()
bool app::files_proc::init_base_config()
void app::files_proc::encrypt_single_file(const string&)
void app::files_proc::worker_proc(size_t)
bool app::files_proc::process_all_files(const std::vector<std::basic_string<char> >&)
bool app::file_encrypter::rename_file(const string&, std::string&)
bool app::file_encrypter::process_file(const string&)
bool app::file_encrypter::run(const string&)
void app::master_proc::apply_info_message(std::shared_ptr<app::setup_impl>)
void app::master_proc::stop_process_list(std::shared_ptr<app::setup_impl>)
void app::master_proc::stop_vms(std::shared_ptr<app::setup_impl>)
bool app::master_proc::process_file_encryption(std::shared_ptr<app::setup_impl>, size_t&, size_t&, size_t&)
bool app::master_proc::run(std::shared_ptr<app::setup_impl>)
bool app::setup_impl::init_cfg()
void app::setup_impl::init_log()
bool app::web_reporter::is_valid_json(const string&)
bool app::web_reporter::encrypt_post_data(const string&, const string&, std::string&)
Encryption Mode:
disk.dark-size
disk.white-size
disk.min-size
Encryption Size:
White Size:
Min Size:
NO File Found
[FILE]
RSA Key OK
Failed to Create Info File,
NO stat available for
Unable to get Size of '
File:
Processing file '
' DONE
' FAILED
Processing File: '
--formatter=csv
--format-param=fields==
M-ID Failed,
worker-concurrency
Threads NUmber:
single
multiple
disk.type
', stored '
', trying to retrieve '
" not used
Waiting for Worker End...
All Workers Ended
vmfs
vffs
process already started
(null)
network
firewall
--enabled
false
wait failure:
FW Stopped
[FW Stopping]
FW Stopping Failed,
uuid
Unable to Get Machine UUID,
storage
filesystem
Unable to get Storage List,
"Product, Version"
Unable to Get OS Version,
"Id,CommandLine,Name"
process
Unable To Get Process List,
"WorldID,DisplayName"
Unable to get VM List,
Unable to get Domain Name,
kill
--type=force
--world-id=
VM Stopping Failed,
/sbin/esxcli