Testing Themida with Vscans

[Samueldo]

I know you're probably aware of this already, but I might as well document it.

I got a file and packed it with Themida Demo. I thought I would test both the original and the packed to see the difference between them.

Here's the original file:
Virustotal. MD5: d9cdccc00cd8e4b96b37bf56c148cb4b Suspicious.Insight

Here's the Themida-packed file:
Virustotal. MD5: 55adfdeda9269e86b3d09b0b297e1101 Suspicious.Insight Heuristic.LooksLike.Win32.Suspicious.K Backdoor.Bot!IK

Oh and by the way I won't be releasing this file to the public for a while, and if you check the Themida scan you'll see what program it is.

What do you think about this? /discuss

[Jabuuty671]

Wow, so this Themedia is a shitty ripoff version of Winrar that puts viruses?

[Bombsaway707]

Wow, so this Themedia is a shitty ripoff version of Winrar that puts viruses?

No, themidia is a tool used to pack hacks, it prevents decompiling and reverse engineering. Baically Stops Leechers

[Samueldo]

No, themidia is a tool used to pack hacks, it prevents decompiling and reverse engineering. Baically Stops Leechers

Yep, I've even tested decompiling. I've done it with my own code before.

Packing (like Themida) and compressing (like 7-Zip or WinRAR) are two different things.

[Jabuuty671]

No, themidia is a tool used to pack hacks, it prevents decompiling and reverse engineering. Baically Stops Leechers

Oh, i see now. h*mm
So is the FalseVirusScan the Demo versions fault, or the whole software all-in-all?

Yep, I've even tested decompiling. I've done it with my own code before.
Packing (like Themida) and compressing (like 7-Zip or WinRAR) are two different things.

Ohh, so Themida is just like something that can secure your hack so it doesn't get altered etc;?
and when you mean compressing, do you mean zipping/archiving?

[Samueldo]

Oh, i see now. h*mm
So is the FalseVirusScan the Demo versions fault, or the whole software all-in-all?


Ohh, so Themida is just like something that can secure your hack so it doesn't get altered etc;?
and when you mean compressing, do you mean zipping/archiving?

1. Yep, Themida is choob-proof.
2. Compressing, zipping and archiving are all the same thing.

[Jabuuty671]

1. Yep, Themida is choob-proof.
2. Compressing, zipping and archiving are all the same thing.

If you say it's ChoobProof.
Then how about like mastercoders/hackers/ people who know their way in..
Like picklockers of .exe files
They can find a way to get into your hack anyways right?

Ehh, i was thinking about my post
If they can find their way in, then they should be able to code their own hacks as well...

[Samueldo]

If you say it's ChoobProof.
Then how about like mastercoders/hackers/ people who know their way in..
Like picklockers of .exe files
They can find a way to get into your hack anyways right?

Ehh, i was thinking about my post
If they can find their way in, then they should be able to code their own hacks as well...

They won't be able to get into Themida, (so far) there's not a single soul who has or can.

[CRUSTY]

You can unpack .exes packed with themidia if it is a certain version...

[[MPGH]AVGN]

They won't be able to get into Themida, (so far) there's not a single soul who has or can.

Not true. it can be done it just takes hours and hours of manual labor. so to speak

Here are some tuts, Note that this is for Themida 1.8 not 2.0



Source: https://www.mpgh.net/forum/34-assembl...tions-tut.html

Original Source: https://richie86.*********.com/2008/0...inlicense-18x/

[CRUSTY]

And davidrc82 hits the nail right on the head

[Samueldo]

And davidrc82 hits the nail right on the head

Fuck.

On the up side I used the latest version (2.0.4.0) :P

[CRUSTY]

I'm pretty sure nobody out there is gonna devote that much time to unpacking, decompiling, reverse engineering an injector...

[Bombsaway707]

I'm pretty sure nobody out there is gonna devote that much time to unpacking, decompiling, reverse engineering an injector...

True dat, injectors are a dime a dozen

[Samueldo]

I'm pretty sure nobody out there is gonna devote that much time to unpacking, decompiling, reverse engineering an injector...

It would actually be quicker to make your own injector, but if it's that good some people might actually go for it.