Sample details: d5e10cc25d644dcefc7e8c9eccacf122 --

Hashes
MD5: d5e10cc25d644dcefc7e8c9eccacf122
SHA1: e3a8cfd023b9286cd1a95615de3ab4ce2ef33ade
SHA256: c225f5b93195e8c2be3c921ee91216d2395ad280b13a012f778c9c898459ca20
SSDEEP: 6144:WSWT6YfXvxP2SMwFodGQZ0/RNbkBx/MpbPnzLfbfX:6T6YfXZx9udGQW/R6Bx0pbnjf
Details
File Type: PE32
Yara Hits
YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional | YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus | YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet | YRP/UPX_wwwupxsourceforgenet_additional | YRP/MSLRH_V031_emadicius | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/UPX_v0896_v102_v105_v122_Delphi_stub | YRP/UPX_wwwupxsourceforgenet | YRP/Borland | YRP/UPXv20MarkusLaszloReiser | YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser | YRP/UPXProtectorv10x2 | YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/contentis_base64 | YRP/UPX | YRP/suspicious_packer_section |
Sub Files
b4ad5b96082cf9814b60668cf9606fa8
Source
http://hussaintrust.com.pk/ht/mit.exe
Strings
		This program must be run under Win32
Boolean
Integer
ByWl'Word
TObject
rface+
HD@<9999840,g
2w;;thsz
->Vb1*
yHJ%NHJ
J$xtZXtU0u
~KxI[~]
	Vn CG0
SOFTWARE\Borland\Delphi{	
FPUMaskValu
5X0	6s
oXir,v)
w W= Zh
IHZTUWVS
x,(	XO
_-Rf;` 
Hg/stw
8t2S\/
0N|*(}&
V'xpu!h\
j@PVevh
kernel32.dl
l_GetLongPathNameA'
oftware
cales2
?  t.<
!#XGK>8v4#
?y b[j
D^pT.{
&Disabl
FocusDefaultPHotLighk
ive>NoAcc
omboBoxEdit
Window
TOwnND0wSt
|xt''''plhdv!''`\X?
0,($rr2
|tlrrrrhd`prrrrx\XTrrrrPLHDrrrr@<84rrrr0,($rrrr 
|xtrrrrplhdrrrr`\XTrrrrPLHDNNn
BNN0,(
|xrrrrtplhrrrrd`\XrrrrTPLHrrrrD@<8rrrr40,(rrrr$ 
Mageljt
P MSWHEEL
%_ROLL
ORT_(_.SCK
~_LINES/w
jr!/9t
	TFile
	Exception
EOutOfMemorynh
DivByZe
~Range
OvBlow
fv0idOp
TThread
lk8EfHEr?
rEAIt.
0r=<9w9i
\nr@~J
INFNAN
* (()@-
3$-	*-&F&Q{
	$&-[-o
0()(2)Jg
'w~$Prx
40s(=d
twCT?N
GAM/PM
M	ob!N
lwz/L:
r9SU<HtH
@B40-L
kFreeSp(ExA^
{;w$t*a
otAddSub
Xor_Cmp
4FromSt*
TCuNHG4X
Ft?Htb
^KXrH'
Currenc
?Unknow8
J`K	'_Pm
q&A5Pp
	W`rJO
8Aj	o5-wzy
ro@.\r
Alignment
4O	TBiDi
Middle
$w@>LE
sAdapp
'5CQ_m
.TBj|]
V7Pl0X
gGroup
,&Ht1*
$3@DFv
otX[uP
0U)j@_
j7.p-D
0X/7'>
y.>^-I
U`$dr3
F"7Ap&
 C{'4-
BGrCK^
fOQJ^!
V,gYfZk
[7*,(xI
O$Nv0#
O/FX,5
TPropFixup
w+c!`($
gKR>@PS4m
T4YF;w
U&hnMtC
 rq&hP
g%s_%d
1*&i_F
m/_U`?X
AxQhLs/L
(S}81y
4MRXC?
v$dz Wn
0f6ZaQ
o{E]PW
pqr''''stuv''''wxyz''''{|}~''''
`ab''''cdef''''ghij''''klmn''''oPQR''''STUV''''WXYZ''''[\]^''''_@AB''''CDEF''''GHIJ''''KLMN''''O012
cFD2g.
oross&%
>WBthf
edImag
E;@ 10
PXZk)&
LimegY
	FuchsiaAqua>x)
_ppWXk/
/BTgrO
\/Btnu
r3}foBh'
o/=2[	
ANSI_CHARSET
wDEFAULT
SYMBOLc
HIFTJIS
!GJO Ba
GB2312
EASTROPE
3N`7585
DJXV;P
l/I-A-8
,= \R_
wIx3". $$
p(RH^8
2IC^8z
kt$+"(m
p]`d X
J}RjC+
hGSBF<
@$II;E
7([@8k
|B(Vh{
F!Ksi=
?iLw{,
?InitC&mon
/	iSc!wW
^?$t"r
<5XcH*
Z]"u)!
ISPLAY
"GEnum
3Viewe
lZd{40zf-S
L`#$ia
%`&t|'x
A2P	GE>xP
a: t@3
"w@r!C
9@oHxe
 x4lC*
m6uxtheme
	Close!TQx
Xc9t'ugBKm
fHies?gE
IcqIs T
lyTznsp
yO)(a'4Nn
urmn/_dp
On+CPP
&kButt
=D:Cce
#0Qr@c
*]ZRab
GlP.0X
'mdlg_h
HM-t a
IC?.o6
dio'[;
H(p*J>
$D] 2 
I$Visi
)3lCWp
XLPDH<y
y@48,0
TXLPDHy
y<@48,
,DayOfWeek
[Fri+S
^!dAuto,
[(n.i>x
Ur./02
)FP\ss
3r%8s<|!'
f>FFKS9
pp/G32
t<REc]
 2001,
2 Mik2
-ybc'y
okAxE`
+QbV	<
 !"#$%H
y2CTev
9QNm\+
xLx/LrAA
"y	vLength
212\%W
:C4;Ct9
W/}3CG
=g$i;	
t.]Pr="
BUTTON?M
7IE(AL("%s",4),"
,3)" JK13
_WINHEL9
The/-)
d$nu{L
n`0fs1
N	*Jv\
}_0"RF
Wheeli
	9	-`	
l6@GT`
o,4DXO
NyWqDJr
9AIQ^<
$wL{,jEIu>3-
'HSplitV
IkNcAg
fJ+j))
  $$?h
tF-p{>
!6YNiH
,H~DEp
m"9!<<
kW|SF&
xt6AT.R
)C%U}H$mH
/w44\W
IG<H&H
|NT^[W(
w$:BW/g2
Hc[JKT
;v;{Du
SWS?tJ
C^hvg7dy
GP t;+y
DK2S@F
I"F+t 
.ZZZ*-
}J(D:]
n_0r3'
TTx8T1
]^viwh
:T!Q$W
/zI2;5h%
r7=@w0
qOWr%CD@lV
 Wd-Ph
gU(dg}w
g_B8Nm
83p,oa
, vE	c
(0IhwYL/
4@&@H@K
&p5p+*q)DS
Dv$*kE|
PDt1!FW
{u$f2F'F
i3<},;=0
/ t%AR
C<xDfH
4(C{t\
1YaI|e
0$_PXR
$KXrIs<
A*P	/O
\`lukD
$ .fE	
i]_)kJ
qjAo9G
l&29w`!
=tTv(|
@Wqs@=
N !1]	w	R
kB`C!'fI"
#+01z0j
pd4uFy
@o4Hu6
\P?om-
w`Cp)?P
^bO*$M
;0u[-<,
`<rlqA
P	$;CE
BC6CU/)
"S%${B
QROhVcvh
!P{p(d
	M=MximmalCm
fs/7wAn
[Kv n!
h$Ou	O
OwUpdP
`dhlpt
};P8u+~@X>
.5>k>8~
D0KLcX
?+eZF%
qs8VVh
K}$",/j
S,4	ffY
/<PA\Pn0
Rebuil*
rCBXta
TAdxnc}
G,LGOy
kDSeLT
[;>l8Q
D4keysK<
pK$Zdu
Pa!Oii8
1234567890ABC$
GHIJKLMNO
STUVWXYZ
lI=$G`L
?G; S<Y8
xHBAliP)w
]%^S=f
'pL6Ux0
L(WXKX
ZhkIm8f8}7
y5CumA X
~thdAV	
d4z|xcQj
n6ZCpb
1kch"5
QLqOCL
(]YkO&
M>\G=f>
uVmP-?
/:P;^;@C
[u='P*
4FD-#Qlsq
z;PH?X
P_UT})
Ih;J4u
re^h!i
0.	s8P
C /o@.(
{N0FDO+\
1PixTsPi
H_=0YT
):&qL+
!kX%t`
_#lN{b
9d88D9
r-[L"x
qYV~W!
mO32Dh
o( EC'
%-Am5V
`^Jp d
I[Lrlpe
=X,/'P[
ll t*"
ld3u`/
x/ p_1!Ta
?79.:AH
~,`tm`
t;Cpu'
,kHLcp
<AvTf8
xhY0BHI>
}%b%-y^
t#;ADti
`Ao-t1
y]O%f($
5p@7"}-
P''''L04|
LL6PP}VS
@ADdpp
fbH\n	
v!SOo4&
thtg+X
MAINICr
3VhX6EC3
G[t4aM
YS=s%!
_7\[%!
 ;,60Is
r!hP-Z
^<s'DK{`
;sHum|
LD$\id
fP5e$tD`
;i W3sHG
Lwm89&td
|5?be.
T|DZ<@
_xR9x7
YV<(Z?Z
tKpL:8#CA
ReaUE'
g[fL]1
J.Khhn
d.eG<3&
PKRr&T
Y1Tb#-
.vXvtrd
JRL"~U
Ni<-*}
:e",rs
B; -$${z
@MeV"h
!@Fpk>
),>)I:\
4ai7Bq
jhjm6$;j
OHO89C"
S&$pqa3v7
mMW88@K
gh$u<O
uOFPN$3b
uhHfu8voyEeFP?EvR0MNuTJZ
7 ;nx"
)P>"!n
at 0>0
<DLT\d<
Li[gej'#
&-TPF0
<$4HT`
;Mz^TF
y<Vp/&0
F(v\OxO{
H~PwFD
/?N_nVP
.7&@^,
Te7.,8
'4""C['B^{
:L*y8Z?yv]{
J"Q[Q&B"g
Q& :"Q
6Dc1'>fCr
m;`:'Qe
}HDF&rP'
c'?/&x
	3{bD)
'L3'L3
'L'L'M
)57,'m
V!E%-k
g+^ZoAe
KEoK	B
|YJQ<.
/EPTJ_
KE4jjK
v"t,F4
;HwfoQ
x%U*|F
?P>VIz
5h#tE!
+Vl,zN
xYh8G\
~HG-/x
7^-;Oj
tYL2j?
<7,CPL~N
"lO2zW
H!)^rF
D$V1+^y}
z)%I9r$
U6t%p#
<	KCj)
Un>4tJ
n|6"dK3
l7WPo6
_7K<?}
V	cSY7
rj5D``
#[$e"E[
^p*bv2
.XR)$o>
Y`?oJC
zT2l?Hpw
l*U;%\P
|"@`"V
_M@qh 
67b+fI(
w%fs9#
G7@-@h*
/iGr$2k
0G%_/B
x:O$ p_
>R4	sj
RO&+"G`
onI)w}
, J!/>
(y%(~@
m]P(R"
MPm}I:pt
V~%pu0n
9W*~#v
r5Qj:@ROG
C3Iz]M
^Qx5>rN!
"L3pdd
Zzn}5~
QGc]lp
{f\'Dh.o
,V"fAx
IR49d-4
?hYz0b
!,"|6o
-;sR k
PAR^$=
Oo>Q*b
,XEnx9Bw
rQHV-hL`S
BN)///$
AP^uVt
zhE++{
&%IzCK
r|:tnt
i pJsJ
/H^{Dw
oS6>En
PD	v&.
W4Vz~D
w	zCB3
~b&(:i
qbeq;	7?gL
zN>BU(
bhG5Tn:P
TZV:VcL
o!5-fo
,b&xHD
%4	u.b&
OL"12D
	#`f	cN
~?E?Jgz
G~HGC{CbX
#B2AB7
$.:&FQ(
]BJs*f
"#~C P
WS@ZD7
y[(%n=z
<gj+Hzz+?
Kkn/{DP
q[KC}p`
v>k^ok
6B%~Xo
K7|UC2
K7wBOp
'	/[Uh
Vwo&yk
&K]I3tw
_ lQ\P
Ko0PHSg
,,>%M/
xQ@PAA
bGF6Jm
'c_tSFr
*Fikdgo
{rWg*$m
NCFp2i
jCGmkn
+^\`l[
C3l;Fo)'
4)7+;=
k(7xx	
a#dWig
xXK+[T`5\ 
K@KiRQJU
ipbrd(Y
+API*&
IDlgR3
l4r4,{cpyA
SlepEx
LibrOQ
jc]LVW
u4AA#e;m
XhoZZc|
 Ap%F|a3
@U[32A`
dir]%)
Ed?UAn
,`DATS@
XPTPSW
rrr;lllb
L##H)((Sw
ddsJSS
lll4qqqs
EEE%```k
--3#???
33:(???
XXX'|||q
???	kkk=
AAs"--;
KERNEL32.DLL
advapi32.dll
comctl32.dll
comdlg32.dll
gdi32.dll
oleaut32.dll
user32.dll
version.dll
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
RegCloseKey
ImageList_Add
GetOpenFileNameA
SaveDC
VariantCopy
VerQueryValueA