home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
1c2f0af12c3cf23e5fd5614776ac39ca

SHA-1:
2d849d77924c1ae2947e7eb1dd012f36ec5726d1

SHA-256:
c926f05f7d41dc2074fd3bccd5a8ceea261be42fb59c8433b17db25df901763f

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
9/21/2024 10:37:33 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Suspicious
7.1.1

NANO AntiVirus
Virus.Win32.Gen-Crypt.ccnc
0.24.0.52214

File size:
1.3 MB (1,340,392 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean (Korea)

Common path:
C:\Program Files\ogplanet\sd gundam capsule fighter\xtrap\xtrapva.dll

File PE Metadata
Compilation timestamp:
10/10/2012 12:06:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:w5vBFYVZsRkUBEtJ+89uBkh7q4lWOQ5BbGa2DfXWOgHFd+ttkOgzO:0ii+tJPuOxzxQ5BSjD+OgHFsttk

Entry address:
0x396044

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 40, 40, E8, 00, 00, 00, 00, 81, 2C, 24, 58, 60, 79, 40, 81, 04, 24, 00, 50, 79, 40, E9, 95, 1F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8781

Packer / compiler:
PKLITE32, 0x1.1

Code size:
984 KB (1,007,616 bytes)

The file xtrapva.dll has been seen being distributed by the following 2 URLs.

http://op7cdn2.axeso5.com/xtrap/.../XTrapVa.dll

http://download.ongame.vn:3001/gamedownload/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.