So I know how to create an “exe” for the rat but how do I not trigger windows defender or any other anti virus software with it? I can’t even drag and drop the “exe” into my VM without disabling windows defender on both my host and vm all together so it’ll def be a little hard to rat the scammer haha! Any advice is appreciated. 
You’ll need something called a crypter, that will keep the file encrypted up until its run. Most good ones cost money though, such as Spartan or Cyber Seal. I have yet to find a free one that actually works, so just keep that in mind.
@SeventhCube2832#26618 Yes, trust me, I know lol. I don’t actively search for/download these types of things (or even use them), but If I ever do, they will always be run in a virtual machine. This is a very good point to bring up though, something that anyone looking into doing these types of things should be well aware of, especially with RATs.