Releases: 0x00000FF/rensenware_force
Forcer without Touhou game
Previous version of Forcer requires Touhou game, which is not for free.
It made victims to buy games to neutralize rensenWare, and It's total waste of money.
So I release new version today.
This version of Forcer does not require any version of Touhou game, just run it.
- Microsoft Visual C++ 2017 Runtime is necessary to run this forcer. You can get it from here : https://aka.ms/vs/15/release/VC_redist.x86.exe
Enhanced Forcer for rensenWare
- rensenWare Protector is available on https://github.com/0x00000FF/rensenware-protect/releases
Added setting function of user customized value for further variants
it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.
DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.
VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/
VirusTotal for THIS :
https://virustotal.com/en/file/3ceda8fca9bb42ea537ab5f8f58044fdbb14e1f29a05df0ffb66901e52b368fd/analysis/1491628924/ (misdiagnosed by CrowdStrike Falcon (ML))
rensenWare_Forcer
initial version of rensenWare_Forcer.
it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.
DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.
VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/
VirusTotal for THIS :
https://virustotal.com/en/file/76899c4db020d26d2c6638ffa33fb6abb57306903f57388dd210833a1b78f042/analysis/1491535051/