This PS script will encrypt all of the files in a target folder to a selected location.

Sim-PSEncFiles.ps1

######################
# Sim-PSEncFiles.ps1: Simulate file encrption using PSRemoting
# Purpose:  This PS script will encrypt all of the files in a target
#           folder to a selected location. The purpose of this script
#           is to perform actions similar to the actions performed by
#           ransomware. These actions will touch a large number of files,
#           create new files with different extension, and encrypt the
#           file to a new location. The original file is not modified
#
# Author: Don C. Weber (cutaway)
# Date:   20240721
#
# Usage: 
#       1. Modify the $targetDir variable with a file name with a lot of files.
#       2. Modify the $destDir variable with location that has enough space
#          to save the copied files.
#       3. Run the script using `.\Sim-PSEncFiles.ps1`
#           3a. For PSRemoting run `Invoke-Command -ComputerName <computerName> \ 
#               -ScriptBlock { .\Sim-PSEncFiles.ps1 }`
#           3b. To PSRemote to multiple systems use `$results: Invoke-Command \ 
#               -ComputerName <computerName1> <computerName2> -ScriptBlock { .\Sim-PSEncFiles.ps1 }`
#           3c. Enabling $showHashes will print a hash for each file to show it
#               has been saved modified and also to increase CPU utilization.
#
# TODO:
#       Determine if this triggers any EDR or anti-malware solutions
#       Add more Methods from Atomic Red Team T1486: Data Encrypted for Impact
#       Add support for usernames and passwords for remote systems 
######################

######################
# Functions
######################

function Prt-Date {
    param ($InStr="Current Time")
    $currDate=(Get-Date)
    Write-Output "$InStr : $currDate"
}
function Test-FolderExists {
    param ($InDir)
    # Default to does not exist
    $Exists = $false

    # Check if the directory exists
    if (Test-Path -Path $InDir) {
        # If the directory exists, stop the script and display a message
        $Exists = $true
    }
    return $Exists
}

function Test-FolderCreate {
    param ($InDir)
    # Default to does not exist
    $Exists = $false

    # Check if the directory exists
    if (Test-Path -Path $InDir) {
        # If the directory exists, stop the script and display a message
        $Exists = $true
    } else {
        # If the directory does not exist, create it
        New-Item -Path $InDir -ItemType Directory
    }
    return $Exists
}

######################
# Globals
######################
$Debug       = $false
$showHashes  = $false
$slowRun     = $true
$encIter     = 100000
$targetHosts = ''
## Run as a user with the proper privileges
## NOTE: Currently not implemented, run with user with permissions
# $user      = ''
# $upwd      = ''
$encDepth    = 5
$encExt      = '.encDaFile'
$encPwd      = 'CutSecRocks'
$targetDir   = 'C:\Users\cutsec\Documents\Tools'
$destDir     = 'C:\Users\cutsec\Downloads\test_enc'


######################
# Methods from Atomic Red Team T1486: Data Encrypted for Impact
# URL: https://atomicredteam.io/impact/T1486/
# For testing: Windows OpenSSL Downloads https://slproweb.com/products/Win32OpenSSL.html
######################
## Locate OpenSSL Executable
######################
$opensslPath = (Get-Command openssl.exe1 -ErrorAction SilentlyContinue).Source
if ( -Not ( $opensslPath ) ) {
    Write-Output "OpenSSL Not Found. Aborting..."
    exit
}

######################
# Start Processing
######################
# Print Starting Time to track run times
######################
if ( $Debug ) { Prt-Date("Starting")}

# Create the directory if it doesn't exists
######################
if ( -Not ( Test-FolderCreate($destDir) ) ) {
    Write-Output "Exiting due to Folder Create issue at $destDir"
    exit
}

# Make all of the directories for target
######################
Get-ChildItem -Directory -Recurse -Path $targetDir | ForEach-Object {      
    # Get the sub folder path for the file and build destination path
    $relativePath = $_.FullName.Substring($targetDir.Length)
    $destPath = Join-Path -Path $destDir -ChildPath $relativePath

    # Create the directory if it doesn't exists
    if ( -Not ( Test-FolderCreate($destPath) ) ){
        if ( $Debug ) { Write-Output "Exiting due to Folder Create issue at $destPath" }
        #exit
    }
}

# Encrypt all files in the directories
######################
Get-ChildItem -File -Recurse -Path $targetDir | ForEach-Object {      
    # Get the sub folder path for the file and build destination path
    ######################
    $relativePath = $_.FullName.Substring($targetDir.Length)
    $destPath = Join-Path -Path $destDir -ChildPath $relativePath
    $encFile  = $destPath + $encExt

    if ($Debug ) { Write-Output "Encrypting file: $_.FullName" }

    # Slow and Fast run is system dependent. The more iterations the slower the run the more CPU utilization
    ######################
    if ($slowRun){
        $encParams = "enc -in ""$($_.FullName)"" -out ""$encFile"" -e -aes256 -iter $encIter -k $encPwd"
    }else{
        $encParams = "enc -in ""$($_.FullName)"" -out ""$encFile"" -e -aes256 -pbkdf2 -k $encPwd"
    }

    # Encryption occurs here
    ######################
    & "$opensslPath" $encParams.Split(" ")
    if ($showHashes){
        $origHash=(Get-FileHash $_.FullName).Hash
        Write-Output "$($_.Fullname) : $origHash)"
        $newHash=(Get-FileHash $encFile).Hash
        Write-Output "$encFile : $newHash"
    }
}

# Print Finish Time
if ( $Debug ) { Prt-Date("Finished")}