Sorry!! But my friend he sent me some versions as a contribution, unknowns to me for a week i kept these files up. They were infected with neshta (file infecting virus) I had to twice scanover my directory and find clean verison. If you are infected forgive my friend because he also didnt know he was infected.
INFECTED PEOPLE READ!! Download DR WEB CUREIT, it not interferes with you current AV and will cure files instead of deleting directly like many antivirus do.
CLEAN YOUR SYSTEM (CURE NESHTA): https://www.softpedia.com/get/Antivirus/Dr-WEB-CureIt.shtml
CHECK FOR BACKDOOR (FOR YOUR SAFETY): https://www.bleepingcomputer.com/download/rkill/
This is a collection, it's not organized. It's not a collection of the best versions, every single one is being archived.
It's simply a collection of every njrat version ever made, any version with backdoors, I will add info.
If I can clean the backdoor or remove it, I will do so. Otherwise i've written info about the backdoor.
I will add anything based on the released/decompiled njRAT/njRDP/njWorm source codes.
This is for archival purposes only, I am not responsible for any of your usage or any problems that you will run into.
Unarchived: ARES RAT
Reason: Unnecessarily large WAV file in resources taking up 48+ MB of space.
Cannot be uploaded because of the filesize.
Unarchived: njRAT 0.7d Green Edition (RUS)
Reason: Instantly drops a backdoor when launched to owners PC.
If I clean this I will upload it, else, no..
500+ MB of njRAT edition
NjRAT is a Remote Administration Tool. This repository contains a Njrat Editions.
Versions have been cleaned manually of backdoors or viruses except for few.
(No file-infectors (Neshta, etc.) or Backdoors (Will be removed.)
It is still adviced to run all versions in a virtual machine or VPS.
version: NjRAT 0.11g
connects to: pastebin(.)com/raw/jPBSDMAg
payload: njRAT
info: adds connection to stub and victim connects to it.
status: inactive
cleaned status: not cleaned
version: NjRAT 0.12g
connects to: pastebin(.)com/raw/TvVzx1WV
payload: njRAT
info: adds connection to stub and victim connects to it.
status: inactive
cleaned status: not cleaned
version: CobianRAT
connects to: pastebin(.)com/raw/G22qkgYa
payload: njRAT
info: adds connection to stub and victim connects to it.
status: inactive
cleaned status: not cleaned
version: NjRAT Danger Edition
connects to: hakim32.ddns(.)net
payload: njRAT
info: adds secret connection to stub a day after last execution.
status: inactive
cleaned status: not cleaned
version: NjRAT Dangerous Edition 2019
connects to: pujakumari.duckdns(.)org
payload: 888 RAT & Neshta
info: when the builder is opened it tries to execute "Hacker.jpg" and "loader.exe".
extra info: the "plugin compiler" was infected with the neshta.
status: inactive
cleaned status: cleaned (removed backdoors from files, will error when trying to find them.)
version: NjRAT ACS Edition
connects to: elektraal.duckdns(.)org
payload: H-Worm
info: pw.dll plugin drops backdoor to victim also.
status: active
cleaned status: replaced pw.dll plugin
version: ZikuRAT VIP
connects to: kasper76.ddns(.)net
payload: njRAT
info: the stub also connects to the domain above.
extra info: used same pw.dll plugin as ACS, replaced pw.dll
status: inactive
cleaned status: partially
version: Winner RAT
connects to: ar1x(.)com
payload: Unknown
info: the stub also connects to the domain above.
extra info: the domain is for sale the malware is no active.
status: inactive
cleaned status: not cleaned