Sample details: 50fd69a6ed5673b6f188b443c8c1e2eb --

Hashes
MD5: 50fd69a6ed5673b6f188b443c8c1e2eb
SHA1: 6fcab09c8004fb54d2f426b47dde2b44a38d62a5
SHA256: 731c7d17d5931d37e085876613f1ca5f1e2168b1bac8d924dfb1aa08499ae86d
SSDEEP: 6144:02b/f8hW1iMq0vv7iFi/SPgowR0tAm95feY1RwkHPwg6UZcRgLI4mdM+WKG:02b/fEWw30vv7iR4xWtbfxqkHP4U1I1g
Details
File Type: PE32
Yara Hits
YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional | YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus | YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet | YRP/UPX_wwwupxsourceforgenet_additional | YRP/MSLRH_V031_emadicius | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/UPX_v0896_v102_v105_v122_Delphi_stub | YRP/UPX_wwwupxsourceforgenet | YRP/Borland | YRP/UPXv20MarkusLaszloReiser | YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser | YRP/UPXProtectorv10x2 | YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/contentis_base64 | YRP/UPX | YRP/suspicious_packer_section |
Sub Files
fabdaecd93282c572545f0a3fec79a62
Source
http://hussaintrust.com.pk/ht/jam.exe
Strings
		This program must be run under Win32
Boolean
Integer
ByWl'Word
TObject
rfaceK
;2w;;ths
{x@(>@
>c{"Q[
<(K!$]
9F+=N/
,$YG	;
<HJ%NHJ
+t_wss
$xtZXtU0u
o"	w%9
SOFTWARE\
Borland\Delphi\RTL
FPUMaskValu
d;_&40
5=::v<A
ZTUWVS
Bwa8TB
_-Rf;` 
0N|*(}&
wdcot8'
R9CRa}'$d
s Spsb)0I
'4@LH'
KP(>*D
	7:$CG
kernel32.dll
_GetLongPathNameA'
oftware
cales2k
?  t.<
}Q-@g8n
Uap.Cr@\apl
&Disabl
FocusDefaultPHotL
ive>NoAcc
omboBoxEdit
TOwnND0
PrrrrLHD@rrrr<840rrrr,($ rrrr
''''|xtp''''lhd`''''\XTP''''LHD@
rrrr|xtprrrrlhd`rrrr\XTPrrrrLHD@rrrr<840rrrr,($ rrrr
8 MSWHEEL
%_ROLL
ORT_(_.S
CK_LINES/
$o:/)r|
	Exception
EOutOfM.
EDivByZe
~Range
fv0idOp
0|S0X">
TThread?
^F\_rL
x$b}Data
O(OR}wd
N|U'\:
780rEAIt.
<*R0r=<9w9i
_gaPW.|
INFNAN
QS<$EA
(()@-3$-	*-&F
	$&-[-oyv
kDX/`G
6,fk<d
.t", 4
6Izu?r
LYXP#	
_AM/PMv
&G?#*$3
>5"gu4v
Pw'	+L
eZ^g( 
I:S0#7@f
ETxE2~0
\U<HtH
G.W.'5(
}<r{x$
sPk=fE
dkFreeSp
otAdd<
gGf_nOr
Xor_Cm
p4FromSt*
y?sv`O
Ft?Htb
t6[u&h
!Bb=%'HL
*7?CFD`'
kT`-%=
(/N(G_
^MplQ8POj
	[3QA	
i>	/,Kj/G{
5a7oxB
@.BYx 
%G)EYP
a~bCYx
Jmo X"'
Currenc-
igO`ng0V
?Unkno
']J<AE
"U7]NE(
O)IPB{
8Aj	o5-wz
_h@_%p7n
2lignmen]
).LeftJ
O	TBiDi
Middle
THBESK
Bi>OkN
TBjicA
"gGroup
EBdCS(
|z@xKE
OA*G7f
`mb88D	5
0wf+"5
t<ePhL
8{G2uF
%s[%d]
~ME95T
&.Aptp
#nhERnR
TPropFixup
= &5)t
8~+SOi:(:
[-miP_bb
)0B|R*
a^<"F&bLi
UtC71As
rL!9"U
8OXFRH
N&YD@RH
SP9'}jkc
01l% |
@-Et5#ZC
u'1?i8
nb@p(P
q>TwEKu
K:*o1|z W
VwWKle
#P`set6>
(hYsfz
E2lrge
 oross&%
K1<arFKO
U8NB8UV
gresdo
/h2ol>8
MuE;@ 
:-\0:[(1
FuchsiaAqua
ppWXk;
/BtnFU
?foBh1
ANSI_CHARSET
kwDEFAULT5
SYMBOLc_MAC
HIFTJIS
["NGEU
GB2312
GREEKGA
TURK*H
C/BA@/
/4t. '!8I
~d/<bG
E3t0,_
R-R,,GV
G :I?	
iN=4VV
	w<#`$
5}tWmU
rA8gc\r
OGZ{gQVX
U\n$GT
J(mui4[
eicobmp }
0#!mLz
)|2:s7
O%1J|0
H2lcd!
	>p\r"
/ ?6F)
N2zC"uA
k-aiYc
i@(vEb
 EMFtG
V|Y(3}Y
m&3y<7
j&d?RH
2&64P}
,$8|II
!tVk([
r2XxU(
P!v4dw
Pm0ABq
InitC&mon
-''|x \
6,S&6>
ISPLAY
num&lay
&0W<74
mr=MEI
0|K%bYPgt6V2
RyL0Pr 
 LXtRy
X ^SB'U
 $(GFFF,048
Z,Q	 ]AU
NH)|*,
He@,t0 
/6uxtheme
Close!NX
lyTznsp
urmn/n
xWX>Yo
^8>8{v*D
cCPP6^
"Hc3LhHA
NopWpd
RMI"lu
lpt<rx
n\H\O	 
.pXF,@
9hxD[D:.
h	k	/Pc
&\wpFp5
x'rE?u
_Ign@e
B.yv+W
+GH,X@8
>=5UC}
mdlg_hf
cPtr%.8X
raiLsxVz
	Popup
SEg\:C&p
;:Tim$
 s	|B09Q
$B>Hv6
"64BC<
BevzAg
lUB>-.
>umn5r
gSM  '
|8@^$7
P;A8)`\
% ldVh
|WZ0s0
Zai,<(G
d|D`G_Sp
TXLPDHy
y<@48,
ypdh\`
H<@48,
TNum=s
>$I!W	v
Du\pHPn
Up  FM
CXRRZeF
+&KKkX
_BNs6;
7?tw4tw
y>RGJP
_REVIEWGLYPH
8DLGTEM"
<L&HYE
ieCdx$.(
D7;x t2
R(Kv=j
!)8P!O8:
Zntr ,
+_rttxt1
 VI%%xG
.	-h3,Lp_
R	vp\la
iPhDR7
B>WA+@
2TH_PT
 (	e{_
PFM}	39
 2001,
2 Mik2
aN&Olb^[
\=L~0`b
 !"#$%
2He$g%h
StdV0XXn@.0w
B/Leave
 C"#Tr
.#D V@
[lPSgJ
Ghz|hD
5|PhOY
Z.2$OE
DVCT.Ta
TI?Y\&
BUTTON
jLF6;Q
`H`!x|
1K8<L-
oH" ^z
)l8da)
@w7IE(AL("%s",4),"*
,3)" JK1AB
JumpID
_WINHELP
.%U*o)
5<4Wh_
|6<5x>p7
nH0fs1?^
blujRFS_
Wheeli
d*V`0)
Up`#8p
<G\bv	
#P%.T',
!WE'Up
HSplitVx^
  $$((
_LtDhL
ps&*Hd
ZNJ]<)v
;DA<AiB
S\Z0N*
}_Vu+k
RUuI7$
}<trP\
\,`1Z6
?QXMh_
pj_guC
XLu7;64
_9Wv99`90
r\@v;{Du
GR9).ZZZ	#
H/h	!&
	X^\pY
C;JX,	
xWmk#-"
; 8{2,
7u+/PNT
[QRP\7
ZbqOTEr
V_1t&fWp
$MSiZ1:@@&@H 1
-PWI,l
+*q)DS'[C
HTrV&&
:2Iw@5
k-X@)q
JR0P4RN6O
PDt1!8g~
vaKGGj
c[h)X#
LXf\OWY
N,Qp0B]
0$_PXR
G^t(M"b
(D)$@3
N".sFke
Xx8TD+
!]LzK 
-d4y(A$-
RUGQ_W
HV8@TBR
cn	 &0
q#T<X<
jmT_CG`U
 B8v2zXU
`/  F-)t
V{f<lt
#blw^VK%
XdtX-@
j7][";
hEFH%@
wMFLBl.X!M
tK;JMZ;
NU%A(I
=i;0u[1m
tfvYuI
-i.aN&,
0LEx6/
}M^imm7v
`,//AY
fs/7wAnZ
TNExOE
@A(Hsl
@He.6q
xJLB^sT]
w0lci=
;P8u+~
*;~8Pt
LL88<<
>]ptF)d!
-eA+(a
#%/Ud`m
Ztl?!p
lER'$c
0R@:9;F|
FO2BHL'
J0XZXBXw
QGzIcR
A>J\yC
TAdxno#U
0}ZFl$
jO[;':
keysK<
1y<t	^
bZW	x4
m	 *ibH
123456789
h0CxGHIJKLMN
STUVWXYZ
v%) ?;
ow}n7:@
HXN[8+1`
>>D-"H
H.nh B
DDDp5J
?l}FM82
 CAoTX
BiL'oD
$N;P]H0
G&xGP+qb!
,)x}Cp
}Thumb
Vn`a`$x
SAPq^>F
qTWMH"
	yrH33Kq
pv+~`4:
4 p31rx
$KP)F2
tMZ/0 
h2$ad9
U4BJ	D
WeiGwS9
aS+BiBn
`^Jp@ 
]XpY$/'P
t#{PVsnsx
|Iz}%!$
3<$X(M]
t;Cpunk
DdwJ!n
!(CkLU
UG@![t
LLIENTo
t#;ADti{
XkG5Ig
u)$EFe
!30 p|GD
mR%@X+
M0e>S1
|U!g_"
::hiu]
px@ |I+
)BNNd@
4vZI_X
ZyYQX7
3`_ZhQ
dL9Dd(
*AE5L+
A\m(/K
loNsH/
&_<iOi`6
MAINIC
E>BL=$m
w-}/_W
k0.)tZ!~Q&
~-Lk`ke
WvcltT3
C!3\;t
B'<%z8/
Hq8!i&
"$)7jTW
!)pRwx
yFNXxi
Fcg!1k
G#BSNx
;2Tw**
rL|8UP
/WK@^JT
 	oE\`
h4`WhS
BubnKW
>t5*uR
4L{,c!
H-<FE)t
,L_uofs
A<a'vH
ljGc&!
l/);*_
Removp
EnKP8p .
@,9|7)
w2>(@UGw
H>Q3Ch c
1p	%1<
%i0{)4
)0=k}.=
"8Px!	
5	A!)0j
FZc<~@
5ed\ED-I
i:p9$F)
WL)G@%
FC0a0t:8
(0J>M0
2ZxzS?
b\<.HD
s23HfT
?G\L\}
X-41QW
mbaF@}8
{D$b${
;!*od$
w]a@dB>\
2=63=94=12
47789=2e
ed89201
N3>PoL(4
hQ\!ic
Su|!t]}0
\[";pK
n2vC4%
'(t`yU#
/o8;?M
%G('4'
7V8:Jd
;,AXx[]Q
J}]GEd
;kLw'mt
5a:XWt\
^p@\[/
T\\tth
S~	K3ly
gGGc2-m3gG
5L}nV6% _
DJoT@R
lj"&tB
E	f;+>RSH.
^3T/(u
6BDo@GL
FFQWrFU
Q(iubx=
",S|8/
/;x@uZ*j
!3q=3	
H`@nv=
;7!bM"
L\%c=)
M]t<!D
iaL"94
)&l5qB	
R4v%XHf
ZX{-/*#
d-=(A/b
A7)A8:
kk@@a@
QZx;p|#:
yi@.dJVF
JTr].>
0Hg6ED)k
I!MTU-]
URt6S1
q`V C]
7Z.[-n
i<@fU?
6%V.FSe
5ogBa(
[<z$"|
#5O(N2
4(@[>J
*Co',x^!
P\CEZ=
_?Wc#/
"Z\}ap
jvjcdgab
	k#:ru
7oa1ogh
<'h\i 
bst@F>
Y@_cbO?mP[
uwi%m|u
' ivv'%
2A<plT27
o^o6YxxEQlyMNDknZyjnyB4y
x5UsxTKceMnhxQRlFjaYNlP1
4[sx!B 
<4<DLT
}TPF0A
X6$_"{
N@V6`g
>d=88,
?^d'yO	
moWG_o
'1MQR'
'4""C['
N:L*y8Z?y
vJ"Q[Q&Bk
6Dc1'>fC
Q?&Xvo'H
HDF&rP'9
c'?/&x
'L3'Ln
3'L'L'M9'
r%3+uvf%r~
?sU2[^
<JV'vl
q	^+&1p
fpDIj!
?+$A:(
q"FDaE
R1?_Yo
O.	veQ
*%@ 1<D
=d{zl;p
m`chtKi
>ogpUt
7{IE3v
kh[`.P:
>L.O[M
OqVW7h
!i.x.|Q
Mc+YDz
'7ex"\e^
j(%P r?
N zwaC 
\ \:Pr
I?e!_J@
z|sG3Z
U_*?]&
`sbvUs
HG<';/
#2<W"iO[G
-G.UwoP
OWv[uHa
+y}HLh
bq*thDC
Xh.l$a
/,VVr	ra
UTL]Lbdm
_P Tn3
7I?Y/u
"KR>=l
43NL-4
(<|JYG
Svz.P4
>B/O/M/
b}-B%^
B?HYHj	pbP$
 lbJII,`
9pE"	4
63;|Vw
`}1P-F=kuD
K'	IdQ
$~'l6s
Czn7M*
lfq&u"
h2?`6*
wBAQ|:?
T>Y1zr+!
cVK[tX
&G"oc*O
%DVTXH
*->?Ieu
i:N~'5d
.d+0YbadN
F|yQ;cv
A\,{qG
P~/QPv
,YD"vH
Ch*|}'-
(Ra.Oj
fbqp+[
r(P7E-dqo
*MnH/j3
%t6+03
4o&<&?
J;=sl<qu
VTr+y,h
q7u5M%ZC
}YGx]M
bB"A(#
.O|I8)
:My6>`
NuG0D4J
i<-sdpJ
b^%^E<Rj
hCP<!v`C
_P:q(d
~Dh1dv
+s(~BcbV
?QL}bC%
&0H	F3p
1t~{@J,
1My,BR\6
T#2r'u
Pq|<pI
;Bg%'Sz
ze	kam
Vu"TQ|
cvE*[H
,8Inv]M
&{	vs9
:)lu;,
8!0& !
<{0CP5
E(fPx3
xbbKHM
uuP(0P
]%B3^n
3pUv m
+a/Hdp
~)|Af:)F`
9qnZ)m
u7a{4d
j	0t";6
=m#M(zk
fhP..B
sd{1.F
oj%p b"
p}"cQuTxF
h?s"XD&
|jks	f
t|cVQ|
BGU)5qW
sHO^&"
25tK`L
7;bZbQ
KUDH1v
-x_tSFrq
^i2moW
gWs#t{3
a{ispX
n/\1<x
&?S$_ps
.pzGg0X
-:c'kz
]WKk'2
oUGpr{
C+|ny{h
3 U8:N
sK,B+/eg
V;%z8	c}
vggx!I
D~7v=L
vAPI*&
T5>-![h
6Sleep
28l|cpyA
Librar0
@UUnh	dp
9/%B~n0
;M%g""tB K
!N	MBl
m1-`Y+o
M$4fR-!D
utl*8H,
X(;Eop
)^UB21
n}GA*0
	U!)cu
+xa#l)
%i'PE?d8Z
IsZ.dJ
JN-TF-
fk[E6L
XPTPSW
P+0r6fl
20Zj42_>
KERNEL32.DLL
advapi32.dll
comctl32.dll
comdlg32.dll
gdi32.dll
ole32.dll
oleaut32.dll
user32.dll
version.dll
winmm.dll
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
RegCloseKey
ImageList_Add
GetOpenFileNameA
SaveDC
CoInitialize
VariantCopy
VerQueryValueA
sndPlaySoundA