This theme is not so much about the use of the RAT, but rather about the safety and anonymity for the user.
I watched a lot of videos and read quite a few topics resulting to shape the plan of action, that is the best in my opinion. Below I will describe the whole process, all actions and security measures that I have taken. If I am right, maybe it will be useful for someone as a brief guide for the safe use of RAT.

1. Purchase of equipment.

So first, I will give a brief list of what you need to buy.

1.1 Mobile Phone.
1.2 SIM card.
1.3 Laptop.
1.4 Prepaid card WebMoney.
1.5 External WiFi adapter.

1.1) Mobile Phone.
Theoretically, by phone IMEI is possible to determine which store sold it, and turning in this store is possible to determine at what time the phone was sold. If the store has video capture, then knowing the time of the phone sale gives opportunity to find your image on the video, and this is a serious piece of evidence. Therefore, I have found in my city underground shop where they sell used mobile phones without the receipts and with no video capture, and bought the cheapest working mobile phone.
1.2) SIM card.
Of course, SIM card must be anonymous, or framed on a stranger who has nothing to do with you, so I bought in the same underground store, without cameras and without a receipt.
1.3) Laptop.
Next you need to find on the internet to advertise the sale of second-hand laptop, call to the owner (using previously bought mobile phone and SIM card) to arrange a meeting in a place without video capturing and buy this laptop.
1.4) Prepaid card WebMoney.
Because in the future there will be some costs through the Internet, and we will need to pay anonymously, it is best to buy a prepaid card WebMoney. The required amount depends on the further choice of VPN provider and cryptor, which I will describe later. These services cost me $ 170 for the year.
1.5) External WiFi adapter.
For extra insurance, we will need to hack someone’s WiFi router, and for this we need a powerful external WiFi adapter that can work in monitor mode. I chose for this purpose Alfa AWUS036H. Buy it, of course, with no video capture and receipts in the underground store or second-hand by the ad.

2. Setting up the equipment and the use of RAT.

We now proceed to the main point. Briefly further steps:

2.1 Changing the device IDs.
2.2 Hacking someone else’s WiFi router.
2.3 Registration of WebMoney account.
2.4 Purchasing and configuration of VPN.
2.5 Purchasing of cryptor.
2.6 Creating of RAT.
2.7 Spreading of RAT.

2.1) Changing the device IDs.
Before you connect the laptop to the internet, you need to make it as unrecognizable to any servers.
After formatting of the hard drives and reinstalling of Windows you must change:
2.1.1) MAC address. For Windows 7 with this task copes MAC Changer utility (old MAC-addresses will not be restored after a reboot). Just do not forget to change the MAC-address of the external WiFi adapter. The utility is free and it is easy to find on the Internet.
2.1.2) HWID. It is hidden in the registry, namely the HKEY_LOCAL_MACHINESoftwareMicrosoftCryptography.
Figures, perhaps we could put random, but I use the generator.
2.1.3) Volume ID. You can change it using tool from Microsoft.
2.2) Hacking someone else’s WiFi router.
Next, we need to gain access to someone else’s WiFi router. To do this, run on a laptop Live CD with Kali Linux operating system and hack someone else’s WiFi router. I will not write, how to do it because the internet is full of instructions. In the future, all internet connections will go exactly through this router, in case if our methods of protection will not work and our IP address will be detected. After gaining access to the settings of WiFi router, you must to setup port forwarding, as well as to disable logging on the router.
2.3) Registration of WebMoney account.
Register WebMoney account using the Tor (all connections without a VPN need to carry out further through it). To verify the account use the purchased phone and SIM card.
2.4) Purchasing and configuration of VPN.
We will not use DUC, because No-IP are keep the logs and will hand over you to law enforcement on the first request . Therefore, choose a good VPN server that does not keep logs, supports port forwarding, allocates fixed IP address, as well as accepts WebMoney. I choose for the “nVPN”. Account for the year with a permanent private IP costs me $ 60. Do not forget to open the ports in the VPN account. After the purchase, configure VPN, put it in startup and in the future go to the Internet only through him or through Tor.
2.5) Purchasing of cryptor.
Next, buy a good cryptor for the same WebMoney. What cryptor choose and how to use it will be better to read in the other topics on the forum.
2.6) Creating of RAT.
Create your RAT and encrypt it. Do not forget that the network settings of your RAT need to use the IP address that was given by VPN provider and the port, that you have opened at the VPN server and on the router.
2.7) Spreading of RAT.
Well, actually, the last – spread your encrypted RAT. How is it better to do – there are plenty of forum information.
2.*) Just want to draw your attention that for security purposes, prior to each new registration in any of the used Internet services, it is better to change the identity of the your laptop iron (MAC address, HWID or Volume ID). Just when you register you should to use every time a new, random names and nicknames. It is best to use online random generators.

3. Possible threats.

We now analyze whether it is possible to track us. We will rely on worst-case scenarios.

3.1) We assume that the victim called the police. Police checked the victim’s computer, found on what IP it sends requests. This is IP on private VPN server that does not keep logs. If the VPN provider deceived us, and kept some logs, there are the following options:

3.1.1) VPN provider is kept routing logs and give to police your real IP, but the police did not come to you, they will come to the owner of the hacked WiFi router. Then they can see the logs of the router, but there will not be stored information about transmission of the data to devices, because we turned off logging on the router.
3.1.2) VPN provider writes logs of account payments. He gives the police the address of your mail and WebMoney account number. It does not give the police nothing, because All actions are performed through Tor, address registered in false names, and to verify the WebMoney account we used an anonymous SIM card and anonymous phone.
3.2) If somehow the police will know the identity of the your laptop iron (MAC address, HWID or Volume ID), then they will not be able to find its previous owner, to find you, because we changed all of these data.
3.*) As a result, I see in this plan are only 2 options to hunt you down:
3.*.1) If the police will find a WiFi router that you hacked and track the traffic, on which of the MAC address the data is transmitted, and determine the location of your laptop on the signal strength.
3.*.2) If the police will determine the phone number from which was done the verification of WebMoney Account , contact your service provider and if the service provider keeps very accurate triangulation logs of subscribers for all SMS sent, and will give your exact coordinates to police.
3.*.*) Both versions of events, I think it is highly unlikely because they require the concurrence of many circumstances.

======
Do not consider me for the paranoid, but I think that if you decide to do forbidden things you need to do it safely and anonymously as possible.