Xandora

File SHA1: 309e3f638f289262698526fa856e447843cb699a
File MD5 : 3d24b73ed3af34c0534b4eb0a49e3205
File Type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Additonal Info: PeCompact 2.xx –> BitSum Technologies
Source: Generated
Date: Sat Jul 31 07:08:10 MYT 2010
Final Score: 3
Possible Malware: NO

#– Files Created: –

#– Registry Created: –

[SOFTWARE]
[SYSTEM]
[SECURITIES]
[DEFAULT]
[NTUSER]

#– Malicious Running Processes: –

#– Malicious Processes Dump: –

cmd.exe::PID=1000:1044::UID=0::Action=
cmd.exe::PID=1188:1196::UID=0::Action=

#– Malware Traffic – DNS: –

#– Malware Traffic – Connections: –

#– Malware Traffic – www: –

#– Static Header: –

FILE HEADER INFORMATION

TimeStamp: 4C505C7C Thu Jul 29 00:36:12 2010
Subsystem: 2 (Windows GUI)
Image Base: 10000000 Size: 00020000
Code Base: 0001B000 Size: 00000000
Data Base: 00005000 Size: 0000F000
Entry Point: 00001000 (file offset 00000400)

SECTIONS

1: jthtrhgt RVA: 00001000 Offset: 00000400 Size: 00011800 Flags: DC000040 (DSRW)
2: .rsrc RVA: 0001E000 Offset: 00011C00 Size: 00002000 Flags: E0000020 (CERW)

#– Screenshots: –