Xandora

File SHA1: 4dcddb3b2dcd0447026443847c6a1f5c058f9fa2
File MD5 : c9657881feaa464e7e25bf9bb9dd55d5
File Type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Additonal Info: UPX v0.89.6 – v1.02 / v1.05 -v1.24 -> Markus & Laszlo [overlay]
Source: Generated
Date: Sat Jul 31 07:08:33 MYT 2010
Final Score: 3
Possible Malware: NO

#– Files Created: –

#– Registry Created: –

[SOFTWARE]
[SYSTEM]
[SECURITIES]
[DEFAULT]
[NTUSER]

#– Malicious Running Processes: –

#– Malicious Processes Dump: –

cmd.exe::PID=1376:1384::UID=0::Action=
cmd.exe::PID=1412:1420::UID=0::Action=

#– Malware Traffic – DNS: –

#– Malware Traffic – Connections: –

#– Malware Traffic – www: –

#– Static Header: –

FILE HEADER INFORMATION

TimeStamp: 48FDE3B2 Tue Oct 21 22:14:10 2008
Subsystem: 2 (Windows GUI)
Image Base: 00400000 Size: 0001E000
Code Base: 00018000 Size: 00005000
Data Base: 0001D000 Size: 00001000 (plus 00017000 uninitialized)
Entry Point: 0001C540 (file offset 00004940)

SECTIONS

1: UPX0 RVA: 00001000 Offset: 00000400 Size: 00000000 Flags: E0000080 (UERW)
2: UPX1 RVA: 00018000 Offset: 00000400 Size: 00004800 Flags: E0000040 (DERW)
3: .rsrc RVA: 0001D000 Offset: 00004C00 Size: 00000600 Flags: C0000040 (DRW)

#– Screenshots: –