Categories: Trojan

Trojan.Packed.Themida information

The Trojan.Packed.Themida is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Packed.Themida virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Attempts to connect to a dead IP:Port (5 unique times)
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Checks for the presence of known windows from debuggers and forensic tools
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a registry key
  • Attempts to create or modify system certificates
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

telete.in
apps.identrust.com
yearofthepig.top

How to determine Trojan.Packed.Themida?



File Info:

crc32: F2E0321Amd5: 85c239324e0b5a8ebbb3dd93ca4628a0name: 85C239324E0B5A8EBBB3DD93CA4628A0.mlwsha1: 1d5c42f4a70a90e2023c4683b2b8a59ece5e7960sha256: 266f8215ba1b531f93fb7567c34088e49ad4de63d9c2726e11caaa6158be9d9asha512: ca4928d2a2b3619c5ed623e32fec7082660a49f6e7195b7e653868bf6902f84480eb8d2f02c997002c9a0f4f6bc650bebb6f6618d231c991b89ed837214963dassdeep: 49152:AsRxfsHfO4GNXV/S9LZP1FHQGWZZhPzk0KcBY64aUma9kf:ts/lGD69lPTWZZhbT3YoUma9Itype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: xa9 x41cx43ex44f x41ax43ex43cx43fx430x43dx438x44f. x412x441x435 x43fx440x430x432x430 x437x430x449x438x449x435x43dx44b.InternalName: myfile.exeFileVersion: 1.0.0.0CompanyName: x41cx43ex44f x41ax43ex43cx43fx430x43dx438x44fProductName: x41dx430x437x432x430x43dx438x435 x43fx440x43ex433x440x430x43cx43cx44bProductVersion: 1.0.0.0FileDescription: x41ex43fx438x441x430x43dx438x435 x43cx43ex435x433x43e x43fx440x438x43bx43ex436x435x43dx438x44fOriginalFilename: myfile.exeTranslation: 0x0409 0x04b0

Trojan.Packed.Themida also known as:

Bkav W32.AIDetectGBM.malware.02
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.36273230
FireEye Generic.mg.85c239324e0b5a8e
CAT-QuickHeal Trojan.RacealerRI.S18206399
Qihoo-360 Win32/Trojan.Razy.HxMBBrcC
McAfee Artemis!85C239324E0B
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0056043f1 )
BitDefender Trojan.GenericKD.36273230
K7GW Trojan ( 0056043f1 )
Cybereason malicious.24e0b5
Cyren W32/Trojan.YEMR-5780
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:PWSX-gen [Trj]
Kaspersky Trojan-PSW.Win32.Racealer.kns
Alibaba TrojanPSW:Win32/Racealer.8b54096d
NANO-Antivirus Virus.Win32.Gen-Crypt.ccnc
ViRobot Trojan.Win32.Z.Themida.2280672
Rising Trojan.Razy!8.73AD (CLOUD)
Ad-Aware Trojan.GenericKD.36273230
Emsisoft Trojan.GenericKD.36273230 (B)
Comodo Malware@#3bnkxwwd8joyw
F-Secure Trojan.TR/Crypt.XPACK.Gen2
Zillya Trojan.Themida.Win32.64037
TrendMicro TROJ_GEN.R002C0DAU21
McAfee-GW-Edition Artemis!Trojan
Sophos Mal/Generic-S
Ikarus Trojan.Win64.Themida
Jiangmin Trojan.PSW.Racealer.btu
Avira TR/Crypt.XPACK.Gen2
Microsoft Trojan:Win32/Razy.BM!MSR
Gridinsoft Trojan.Heur!.012160B1
Arcabit Trojan.Generic.D2297C4E
ZoneAlarm Trojan-PSW.Win32.Racealer.kns
GData Trojan.GenericKD.36273230
Cynet Malicious (score: 85)
AhnLab-V3 Malware/Win32.Generic.C4302074
Acronis suspicious
BitDefenderTheta Gen:NN.ZexaF.34574.lM2@aCwJkbni
ALYac Trojan.GenericKD.36273230
MAX malware (ai score=81)
VBA32 BScope.Trojan.Chapak
Malwarebytes Trojan.Packed.Themida
Panda Trj/CI.A
ESET-NOD32 a variant of Win32/Packed.Themida.HQI
TrendMicro-HouseCall TROJ_GEN.R002C0DAU21
Tencent Win32.Trojan-qqpass.Qqrob.Ecak
Yandex Trojan.TPM!h27aFNnrhko
SentinelOne Static AI – Malicious PE
eGambit PE.Heur.InvalidSig
Fortinet W32/PossibleThreat
AVG Win32:PWSX-gen [Trj]
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
MaxSecure Trojan.Malware.1728101.susgen

How to remove Trojan.Packed.Themida?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: apps.identrust.commyfile.exetelete.inTrojan.Packed.Themidayearofthepig.top
3 years ago

Recent Posts

What is “MSIL/TrojanDropper.Agent.BVT”?

The MSIL/TrojanDropper.Agent.BVT is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Should I remove “Generic.Dacic.94CCEEA9.A.A4A6DA47”?

The Generic.Dacic.94CCEEA9.A.A4A6DA47 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Malware.AI.524217860 removal tips

The Malware.AI.524217860 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Trojan:Win32/Koutodoor.F removal tips

The Trojan:Win32/Koutodoor.F is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

How to remove “Malware.AI.1412460714”?

The Malware.AI.1412460714 is considered dangerous by lots of security experts. When this infection is active,…

1 day ago

Generic.Dacic.8952383F.A.5EC8C34B removal instruction

The Generic.Dacic.8952383F.A.5EC8C34B is considered dangerous by lots of security experts. When this infection is active,…

1 day ago