Spreading Windows RAT

[h04x]

Hi, I've recently developed a shellcode loader that dll sideloads a legitimate github Windows application to download a 2nd stage payload (which in turn sideloads Onedrive.exe for persistence) before running the RAT shellcode to harvest sensitive data from the host. Upon testing it evades most if not all anti-viruses programs. What I would need now is a way to spread this RAT to Windows machines as much as possible. Are there any spreading services or something similar to do it for me? I already tried making a YouTube video, posting "cracks" on shitty forums and posting fake job offers on Freelancers.com and other shit but the results are underwhelming. I'm aiming for at least a dozen downloads every day to make this profitable.

----------------------

Привет, недавно я разработал загрузчик шеллкода, который dll загружает легитимное приложение github Windows для загрузки полезной нагрузки второго этапа (которая, в свою очередь, загружает Onedrive.exe для сохранения) перед запуском шеллкода RAT для сбора конфиденциальных данных с хоста. По результатам тестирования он обходит большинство, если не все, антивирусные программы. Теперь мне нужен способ распространить эту RAT на Windows-машины, насколько это возможно. Существуют ли какие-либо службы распространения или что-то подобное, чтобы сделать это за меня? Я уже пробовал снимать видео на YouTube, публиковать "крэки" на дерьмовых форумах, размещать фальшивые предложения о работе на Freelancers.com и прочее дерьмо, но результаты не впечатляют. Я стремлюсь к тому, чтобы каждый день скачивать хотя бы дюжину файлов, чтобы это приносило прибыль.

 

[msfconsolee]

Try torrent spread, that will give you Good result
upload some legit tool and use injection dll base don't use bind shit

 

[shook_1]

github, make a repo for one of the most popular FPS games out right now, saying its a private cheat you are finally releasing public because you and your devs are discontinuing your paid cheat service....the even better thing about this is that most game hacks need AV completely disabled, so if you were to put that in the repo it would not be suspicious in the least...i am sure I do not have to tell you to not use a github you already have, or one that could be traced to you, make a fresh one...make sure to put a good description from a real paid cheat service, make it look as legit as possible, I have gotten 100 in a day before.

 

[m3srine]

Try torrent spread, that will give you Good result
upload some legit tool and use injection dll base don't use bind shit

Hi can u explain more about the method of dll injection cuz i am always get banned from torrent site

 

[pierre777reborn]

github, make a repo for one of the most popular FPS games out right now, saying its a private cheat you are finally releasing public because you and your devs are discontinuing your paid cheat service....the even better thing about this is that most game hacks need AV completely disabled, so if you were to put that in the repo it would not be suspicious in the least...i am sure I do not have to tell you to not use a github you already have, or one that could be traced to you, make a fresh one...make sure to put a good description from a real paid cheat service, make it look as legit as possible, I have gotten 100 in a day before.

it will wring you poor slaves (kids)

 

[pierre777reborn]

Try torrent spread, that will give you Good result
upload some legit tool and use injection dll base don't use bind shit

what you mean dont bind shit? How to do dll injection

 

[shook_1]

it will wring you poor slaves (kids)

You are correct you will get a lot of younger ones, but you would be surprised with certain FPS games these days, most are between the ages of 18-36, and even out of the kids you get, some of them have VERY wealthy parents....and the kids usually are dumb as can be with things like crypto wallets/no MFA, things like this...So even if most of your clients end up being kids, it only takes a couple whales, lets say one being that 18-36 year old, another being that rich kid, you are set already. And i think you also are missing my other point, that 99% of game hacks/cheats REQUIRE A.V. of any kind to BE TURNED OFF, this in itself its extremely beneficial even if he is bypassing A.V. currently, we all know that can be hit or miss and might change any day.

 

[xp0devv]

You are correct you will get a lot of younger ones, but you would be surprised with certain FPS games these days, most are between the ages of 18-36, and even out of the kids you get, some of them have VERY wealthy parents....and the kids usually are dumb as can be with things like crypto wallets/no MFA, things like this...So even if most of your clients end up being kids, it only takes a couple whales, lets say one being that 18-36 year old, another being that rich kid, you are set already. And i think you also are missing my other point, that 99% of game hacks/cheats REQUIRE A.V. of any kind to BE TURNED OFF, this in itself its extremely beneficial even if he is bypassing A.V. currently, we all know that can be hit or miss and might change any day.

That's true.

 

[liuxing]

Disguised as a commonly used tool like VPN porn ....

 

[pierre777reborn]

You are correct you will get a lot of younger ones, but you would be surprised with certain FPS games these days, most are between the ages of 18-36, and even out of the kids you get, some of them have VERY wealthy parents....and the kids usually are dumb as can be with things like crypto wallets/no MFA, things like this...So even if most of your clients end up being kids, it only takes a couple whales, lets say one being that 18-36 year old, another being that rich kid, you are set already. And i think you also are missing my other point, that 99% of game hacks/cheats REQUIRE A.V. of any kind to BE TURNED OFF, this in itself its extremely beneficial even if he is bypassing A.V. currently, we all know that can be hit or miss and might change any day.

I get your point. This spreading method is still very low-level and not really sophisticated... You'll end up with a lot of discord tokens lol

I'm not into gaming, so where would you find the clean cracked version? So you can after bind your payload to it

 

[1434]

Hi can u explain more about the method of dll injection cuz i am always get banned from torrent site

Hmmmm you still there , you remmber my FUD torrents my old accounts still alive i never get banned