Anda di halaman 1dari 10

How to spread your Rat/Bot/Trojan

a couple of ways that I have found out how to spread my Trojan and
this method can also work for Bots/Rats.

#1- Social Network Spreading Part 1

You can spread your bot/rat/Trojan by using social networking. I use

Facebook and Tagged.


1. You need a very good crypt with low dependency and 100%FUD.
I would recommend Dark eye crypter or Agis Crypter. Dark eye
crypter can be purchased from dark eye on HF and Aegis crypter
with unique private stub can be purchased from heyHoLetsGo on
BMR. Crypt your Rat/Trojan/bot.

Agis Crypter(crypting 1).png (121.47 KiB) Viewed 480 times

Agis Crypter(crypting 2).png (121.43 KiB) Viewed 480 times

2. After you have crypted your Trojan/bot/Rat, then you need to bind
it with a sexy picture ( you can buy a E-whoring pack, with tons of
female pics of the same person from Fake on BMR)

Agis Crypter(Binding 1).png (141.8 KiB) Viewed 480 times

Agis Crypter(Binding 2).png (107.65 KiB) Viewed 480 times

3. After you have binded the two files it becomes one, now you need
to change the icon of the binded file (so it looks a lot more
convincing) You need to download what is called a icon changer.
There are tons of them that are free and will work.

fileicon.jpg (129.3 KiB) Viewed 480 times

file icon 2.jpg (129.66 KiB) Viewed 480 times

File Icon Changer 3 .png (84.08 KiB) Viewed 480 times

4. After you have changed the Icon you can Spoof the extension so
that they wont recognize it is an .exe file.

Agis Crypter(Spoofing 1).png (91.46 KiB) Viewed 480 times

Agis Crypter(Spoofing 2).png (91.95 KiB) Viewed 480 times

Now you are ready to spread your Trojan/rat/bot, via Facebook or

tagged. Open up both sites and create a new account. Use the
pictures from the E-whoring pack you purchased and save them to
your profile, add one as your profile picture and use a girl name and
a young age (18+) when creating your profile. Do the same with
tagged. Now just add friends (you probably don't have to add any if
your pics are hot).
Start talking to them and ask them for there e-mail so you can send
them sexy pictures, when they give you you upload your crypted
Trojan and send it to them. This works but is time consuming.

#2-Social Network Spreading Part 2


1. Create a drop box account(it's free) at dropbox[dot]com. Then

upload your crypted Trojan to drop box and rename the file as

Dropbox.png (150.47 KiB) Viewed 480 times

2. Now click the link icon and get the link. The link is what is
highlighted in the picture.

Dropbox2.png (59.1 KiB) Viewed 480 times

Now this is a secret am going to share with you about dropbox. The
link that you have is only going to show your potential slaves the
.exe, but it wont download it. So you need to force the link to
automatically download the file when potential slaves visit the link.
To do this we need add a few modifications to the link. The link is
like this now:, we
have to change it to this:
So e have our direct download link, so now we post it. Go to and and sign in. Now post something
catchy and add your direct download link(make sure its catchy like:
Please support me modeling by watching me on webcam)

Optimized-Facebook spreading 1.jpg (86.87 KiB) Viewed 480


Facebook spreading 2.png (209.7 KiB) Viewed 480 times

Tagged spreading.png (246.31 KiB) Viewed 480 times

#3 - P2P spreading


1. First we need to download Utorrent. Then we open Utorrent and

go to file create torrent.

P2P spreading first.png (245.61 KiB) Viewed 480 times

2. Upload your crypted Trojan where it says select source. Then
click create.

P2P spreading first middle.png (147.48 KiB) Viewed 480 times

3. After we click create it's going to ask us what/where do we want

to save it. Save it as a popular video game or as a popular movie that
is at the theater. Save it to your desktop.

P2P spreading Middle.png (176.75 KiB) Viewed 480 times

4. When finished it should look like this:

P2P spreading last.png (83.93 KiB) Viewed 480 times

Now go to Google and type in best torrent sites. Sign up on those

sites and upload your torrent. Sit back and view your C&C and view
the slaves piling in.
#3 - YouTube spreading


1. Download a legit video from YouTube( something like free

bitcoin generator) using

2. Sign up for an account on YouTube and upload a video, put the

same description as in the original video but change the download
link to your direct download link.
People will be foolish and download it and they get infected.

#4 -Omeagle Spreading


1. Download Omeagle Spreader from:
tid=2435973&highlight=omegle+spreader. Please leave a thank you
to the creator who is hosting the download.

Omeagle spreader.png (131.86 KiB) Viewed 480 times

2. Fire up the Omeagle spreader and in the settings, click add text.
Add any text but make sure to add your direct download link as well.

Omeagle spreader 2.png (118.49 KiB) Viewed 480 times

3. Start the Omeagle spreader by clicking start in the settings tab and
when the pop up says hide browser while working, click yes. This
program is very good because it shows how many people talked to
and how many times your direct download link was spread.

Omeagle spreader 3.png (116.48 KiB) Viewed 480 times

Omeagle spreader 4.png (129.71 KiB) Viewed 480 times

Omeagle spreader 5.png (154.02 KiB) Viewed 480 times

#4 -Buying Loads


1. You can buy loads from a vendor on HF named redbull, I

purchased from him as well. He sold me 500 loads for $50. If you
dont know what loads are then read

#5 -Exploit paks


1. You can rent a exploit pak from HF, the prices are $20 for one day
with a traffic limit of 10,000. You can rent 1 week for $100 with a
traffic limit of 50,000. You can also rent an exploit pak for $300 for
one month. You can buy an exploit pak from the original creators for
$3000 but there website closed registration for English speakers. I
was told that it inst worth it to buy an exploit pack because the
exploits are all java script and you can get the same exploits on
metasploit framework , which is true-- thanks for that Orochi. If you
dont know what exploit paks are then you need to read
#5 -Java Silent Drive By


1. Java silent drive by is where a website (usually your own) is

infested with malware, and the victim visits your webpage and your
execution(Trojan/rat/bot) is immediately downloaded, with out the
victim knowing. There is also java drive by, which is similar but you
see a java notification pop-up say "java needs a plugin in order to
run this website" and there is an option that say get plugging, once
clicked then your execution will be downloaded immediately.

2. You can have a custom built java drive by from Foxxy Java on
HF( I purchased from them) its $20 for a regular java drive by and
$70 for a silent java drive by, they also provide free hosting and

Just a comment about the "Silent Java Drive by" - This actually
means exploitation of bugs in various Java versions. You should find
out what is being exploited. Java 6 all revisions had a few good ones
recently, and they won't be patched because Oracle are no longer
supporting it. Under normal operation, Java will always pop the
box.-- by: edc