As title :)
This tool is coded in C/C++, had a good anti-reverse protection. Needed a couple of weeks to crack (thanks to @MiamTrack78). It is said to be the best RAT in 2021/22.
Features:
-
Create a client that connects either straight to your own DNS/IP or:
-
Via a Tor hidden service (RAT can generate your private v3 .onion address in a few seconds with a single click for enhanced privacy from the settings)
-
By using the Tor hidden service method, you do not need to forward any ports.
-
Lite mode for minimal resource usage
-
Native client coded in C/C++
-
Fully Unicode compatible
-
Telegram Bot - Control your bots from Telegram channel
-
Downloader - Generate a downloader for any exe of your choice with options of execution from memory (RunPE) or disk
-
UAC Exploit for elevated privileges (Admin rights without UAC notice on Windows 10)
-
Protect process
-
Kill Windows Defender
-
DLL injector (x86/x64)
-
Multi-mode, capable of handling both Tor and direct connected bots
-
On-Join/Connect tasks/Auto-commands
-
Group view
-
Desktop preview option in connection list/table
-
Thumbnail previews for either screen or webcam that you can move and place anywhere on your screen
-
Process manager
-
Remote shell
-
Connection manager
-
Services manager
-
Software manager
-
Window manager
-
Registry manager
-
Firewall (IP blacklist from settings)
-
Change Background/Wallpaper
-
Black Screen + Disable input
-
USB spreader
-
Clear saved data from browsers (Chrome, Firefox, Edge, Opera, IE, Vivaldi, Brave, Chromium, Torch, UCBrowser)
-
Clipboard manager
-
HVNC
-
Hidden Remote Browser (Chrome, Firefox, Chromium-Based)
Connection capacities:
- Capable of managing well over 10 000 bots with a lag-free and relatively low CPU usage thanks to FastObjectListview.
- 1000 bots on a Intel Core i7-6650U and 8 GB RAM result in an average of 1.5% CPU usage of the RAT.
Binder:
- Bind up to 5 files.
- Select to execute from memory or disk.
- Run-once option
- Change icon of any executable file with ease.
Remote browser:
- Currently supported browsers: Chrome and All Windows versions starting from 8 and up.
- Supports Webgl.
- High FPS cap with to 60 FPS.
- Uses existing profile by default if Chrome is unused or creates a new one if in use.
Password recovery:
- Powerful recovery with support of over 30 browsers and over 500 applications in total, email clients, IMs, etc..
XMR Miner:
- Utilizing XMRig
- Stealth mining. Miner will be paused whenever target is active and resumed when idle.
- CPU: Hashing speed of up to 2000 H/s on a modern strong i7 processor.
- GPU: Utilizes XMRig-CUDA whenever possible for even higher hash speed rate.
- Advanced options include; select threads, algorithm, donation value, process priority and more.
- 64-bit option for faster mining [Recommended].
- Live statistics in a managed table of all mining bots with total hash rate.
- Individual log view.
Reverse proxy:
- SOCKS4 mode
- Very fast, stable and supports multi-tabbing without any problems (Open ports are required).
- Full statistics include speed and traffic information.
- Easy swap between bots.
Remote Desktop:
- Advanced and native remote desktop
- Capable of easily reaching speeds over 40 FPS.
- Full keyboard and mouse control with possibility of live mouse movement.
- Dual screen mode; View and control 2 monitors at the same time.
- Color or gray-scale mode for even faster speeds.
Webcam live feed:
- Supports any webcam thanks to OpenCV libraries.
- Capable of easily reaching speeds of up to 40 FPS.
File manager:
- Multi file and recursive directory download/upload.
- Secure delete options.
- Thumbnail/Gallery mode for smooth view of folders containing images.
- ZIP Compression of file and directories.
- Advanced search.
- Common Windows file operations supported.
Keylogger:
- ADS stored and encrypted logs for enhanced stealth.
- Online/Live keylogger.
- Clipboard monitor.
- Offline keylogger with date management.
Audio live feed:
- Listen live through a microphone.
- Options include sample rate and duration.
- Save samples individually or select multiple samples to create a MP3 output.
SOCKS5 Proxy:
- Utilize SOCKS5 on your bots by attempting to automatically forward ports via UPnP.
I've shared this for educational purposes (and because I liked to reverse it). Please DON'T use this for illegal purposes. NEVER!!