Create new Desktop and hide old Desktop

Details

This article describes how to design a function to create a new desktop and then switch to it.
 

 

This is a very nice and interesting function that creates a new desktop window to which it will switch to.
In simplicity, a new, clean desktop will be displayed to the user loaded under the desktop after launching this function than the one under which it was logged on.

The function can be used when writing malware, such as RansomWare, where we want the user to hide the current desktop and launch a new desktop.


  void CreateNewDesktop(::std::vector<char*>inputrunprocess)
  {
    char * desktop_name = "MyDesktop";
    char explorer_path[MAX_PATH];
    ::HDESK newdesktop = NULL;
    ::HDESK olddesktop;
    ::STARTUPINFOA d_STARTUPINFOA = {0};
    ::PROCESS_INFORMATION d_PROCESS_INFORMATION = {0};

    ::ExpandEnvironmentStringsA("%windir%\\explorer.exe", explorer_path, MAX_PATH-1);
    newdesktop = ::OpenDesktopA(desktop_name, NULL, FALSE, GENERIC_ALL);

    if(!newdesktop)
    {
       newdesktop = ::CreateDesktopA(desktop_name, NULL, NULL, 0, GENERIC_ALL, NULL);
       if(newdesktop)
         {
            if(SetThreadDesktop(newdesktop))
            {
               d_STARTUPINFOA.cb = sizeof(d_STARTUPINFOA);
               d_STARTUPINFOA.lpDesktop = desktop_name;

               ::CreateProcessA(explorer_path, NULL, NULL, NULL, FALSE, 0, NULL, NULL, &d_STARTUPINFOA, &d_PROCESS_INFORMATION);

               for (std::vector<char*>::iterator it = inputrunprocess.begin() ; it != inputrunprocess.end(); ++it)
               {
                  ::CreateProcessA(*it, NULL, NULL, NULL, FALSE, 0, NULL, NULL, &d_STARTUPINFOA, 
                                   &d_PROCESS_INFORMATION);
               }

               ::SetThreadDesktop(olddesktop);

               }
            }
         }

      if(newdesktop!=null)
      {
        ::SetThreadDesktop(newdesktop);
        ::SwitchDesktop(newdesktop);
      }
      ::CloseHandle(newdesktop);
  }



In the block // Block for creating processes from files that we want to run on the new desktop // we add program execution, ie creating processes of those programs that we want to start when loading the new desktop.

 

 

 

-----------------------------------------------------------------

The whole function is built into header WinAPI.h WinAPI.h


#include "WinAPI.h" //https://www.netbot.sk/en/14-blog-headers/44-winapi-en

int _cdecl main (void) 
{
   ::std::vector<char*>runmodules; 

   //Block for create processes from file, what we want on new desktop//
   runmodules.push_back("c:\\windows\\notepad.exe");
   runmodules.push_back("c:\\windows\\regedit.exe");
   //-----//

   ::Diall_WinApi::WinApi::GetInstance()->CreateNewDesktop(runmodules);

   return 0;
}