Need help unpacking Themida 3.x x64

deepzero · #1 05-19-2026, 15:15

The E8 imports should be doable with a script (attaching a pe section and putting the jump-thunk there then point the E8s at that). There is also a tool for this, but I dont have it anymore, ImportFixer 1.2 I think it was called.

But the real problem is obviously the VM. There is no public way to defeat it.

1ST · #2 05-19-2026, 15:51

Quote:

Originally Posted by deepzero

The E8 imports should be doable with a script (attaching a pe section and putting the jump-thunk there then point the E8s at that). There is also a tool for this, but I dont have it anymore, ImportFixer 1.2 I think it was called.

But the real problem is obviously the VM. There is no public way to defeat it.

This is UIF (Universal Import Fixer) v1.2 by Magic_h2001 — it fixes Themida's E8-style "Directly Imports" in memory. But it's 32-bit only — won't work on our x64 target.

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

The Following 2 Users Say Thank You to deepzero For This Useful Post:
1ST (05-19-2026), niculaita (05-22-2026)

The Following User Says Thank You to 1ST For This Useful Post:
niculaita (05-20-2026)