Skip to content

@0x00000FF 0x00000FF released this Dec 17, 2017 · 2 commits to master since this release

Previous version of Forcer requires Touhou game, which is not for free.

It made victims to buy games to neutralize rensenWare, and It's total waste of money.

So I release new version today.

This version of Forcer does not require any version of Touhou game, just run it.

Assets 3

@0x00000FF 0x00000FF released this Apr 8, 2017 · 17 commits to master since this release

Added setting function of user customized value for further variants

it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.

DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.

VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/

VirusTotal for THIS :
https://virustotal.com/en/file/3ceda8fca9bb42ea537ab5f8f58044fdbb14e1f29a05df0ffb66901e52b368fd/analysis/1491628924/ (misdiagnosed by CrowdStrike Falcon (ML))

Assets 3

@0x00000FF 0x00000FF released this Apr 7, 2017 · 20 commits to master since this release

initial version of rensenWare_Forcer.

it changes memory of TH12 ~ Undefined Fantastic Object for making rensenWare to do decryption.

DO NOT TRY TO OTHER BUILDS OF RENSENWARE IF YOU ARE NOT SURE IT'S INITIAL VERSION OF RENSENWARE. INITIAL VERSION OF RENSENWARES DOES NOT HAVE MEMORY MANIPULATION DETECTING LOGIC, BUT OTHER BUILDS MAY HAVE IT.

VirusTotal for original version of rensenWare :
https://virustotal.com/ko/file/7bf5623f0a10dfa148a35bebd899b7758612f1693d2a9910f716cf15a921a76a/analysis/1491487316/

VirusTotal for THIS :
https://virustotal.com/en/file/76899c4db020d26d2c6638ffa33fb6abb57306903f57388dd210833a1b78f042/analysis/1491535051/

Assets 3
You can’t perform that action at this time.