This post is by a banned member (RegisteredUser) - Unhide
OP 23 May, 2021 - 05:38 PM
Reply
Use it on your own risk, we are not responsible for anything.
Hidden Content
You must register or login to view this content.
About this rat:Main Features - .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger
Please give me likes and rap if you enjoyed this rat!!!!  
(E-Whoring) if you know any good apps to use for cashout dm me
I live in europe :)
This post is by a banned member (Hans1998) - Unhide
23 May, 2021 - 05:55 PM
Reply
(23 May, 2021 - 05:38 PM)RegisteredUser Wrote: Show MoreUse it on your own risk, we are not responsible for anything.
About this rat:Main Features - .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger
Please give me likes and rap if you enjoyed this rat!!!!
virustotal does not like this hahaha
This post is by a banned member (RegisteredUser) - Unhide
OP 23 May, 2021 - 08:00 PM
Reply
(23 May, 2021 - 05:55 PM)Hans1998 Wrote: Show More (23 May, 2021 - 05:38 PM)RegisteredUser Wrote: Show MoreUse it on your own risk, we are not responsible for anything.
About this rat:Main Features - .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger
Please give me likes and rap if you enjoyed this rat!!!!
virustotal does not like this hahaha
It trully doesn't it has many features and stuff that's why it has so many detections but i'd recommend for you to protect the file in some way yk. 
(E-Whoring) if you know any good apps to use for cashout dm me
I live in europe :)
This post is by a banned member (killer126867) - Unhide
23 May, 2021 - 08:07 PM
Reply
(23 May, 2021 - 05:38 PM)RegisteredUser Wrote: Show MoreUse it on your own risk, we are not responsible for anything.
About this rat:Main Features - .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger
Please give me likes and rap if you enjoyed this rat!!!!
scawwy
This post is by a banned member (tnks26) - Unhide
29 May, 2021 - 04:39 PM
Reply
thanks for sharing good job......
This post is by a banned member (ghosty400) - Unhide
30 May, 2021 - 05:13 PM
Reply
(23 May, 2021 - 05:38 PM)RegisteredUser Wrote: Show MoreUse it on your own risk, we are not responsible for anything.
About this rat:Main Features - .NET
- Coded in Visual Basic .NET, Client required framework 2.0 or 4.0 dependency, And server is 4.0
- Connection
- Using pastebin.com as ip:port , Instead of noip.com DNS. And Also using multi-ports
- Plugin
- Using plugin system to decrease stub's size and lower the AV detection
- Encryption
- The communication between server & client is encrypted with AES
- Spreading
- Infecting all files and folders on USB drivers
- Bypass
- Low AV detection and undetected startup method
- Lightweight
- Payload size is about 25 KB
- Anti Virtual Machines
- Uninstall itself if the machine is virtual to avoid scanning or analyzing
- Ransomware
- Encrypting files on all HHD and USB with .Lime extension
- XMR Miner
- High performance Monero CPU miner with user idle\active optimizations
- DDoS
- Creating a powerful DDOS attack to make an online service unavailable
- Crypto Stealer
- Stealing Cryptocurrency sensitive data
- Screen-Locker
- Prevents user from accessing their Windows GUI
- And more
- On Connect Auto Task
- Force enable Windows RDP
- Persistence
- File manager
- Passowrds stealer
- Remote desktop
- Bitcoin grabber
- Downloader
- Keylogger
Please give me likes and rap if you enjoyed this rat!!!!
you are the best
This post is by a banned member (usenari) - Unhide
31 May, 2021 - 03:57 AM
Reply
This post is by a banned member (frana03) - Unhide
02 June, 2021 - 08:12 AM
Reply
The AES connection looks pretty interesting... thanks for sharing
|
