Latest release

Forcer without Touhou game

@0x00000FF 0x00000FF released this Dec 17, 2017 · 1 commit to master since this release

Previous version of Forcer requires Touhou game, which is proprietary.

It made victims to buy games for disabling rensenWare, and It's wasting money of course.

So I release new version today.

This version of Forcer does not require any version of Touhou game, just run it.

Enhanced Forcer for rensenWare

@0x00000FF 0x00000FF released this Apr 8, 2017 · 16 commits to master since this release

Added setting function of user customized value for further variants

it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.

DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.

VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/

VirusTotal for THIS :
https://virustotal.com/en/file/3ceda8fca9bb42ea537ab5f8f58044fdbb14e1f29a05df0ffb66901e52b368fd/analysis/1491628924/ (misdiagnosed by CrowdStrike Falcon (ML))

rensenWare_Forcer

@0x00000FF 0x00000FF released this Apr 7, 2017 · 19 commits to master since this release

initial version of rensenWare_Forcer.

it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.

DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.

VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/

VirusTotal for THIS :
https://virustotal.com/en/file/76899c4db020d26d2c6638ffa33fb6abb57306903f57388dd210833a1b78f042/analysis/1491535051/