xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
c79843e248ae83424a29d16dcbbfcb19

SHA-1:
61e08ca1ef205753dae0fc07deaf415cdbccec94

SHA-256:
e69ae477868331c4a991311fa72c791f658a79eb1bd596612060584b1d516b2a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:28:25 PM UTC  (today)

File size:
4 MB (4,203,496 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\xtrapva.dll

File PE Metadata
Compilation timestamp:
6/3/2016 3:53:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:1r+JX3wjgFu4RjRn+LjbLaAgL4a2qC3vb4X:EgcFTRjRn+Plrz

Entry address:
0xD7B044

Entry point:
68, 3D, 40, CC, 1A, 89, 04, 24, 52, BA, 93, E3, DF, 75, 89, 54, 24, 04, 5A, 81, 24, 24, 92, 9A, CE, 7F, 51, B9, 20, 3F, F7, 3F, 21, 4C, 24, 04, 59, 81, 04, 24, C3, 29, FB, 2E, 81, 0C, 24, 76, BF, 9D, 6D, F7, 1C, 24, 81, 04, 24, F7, BF, DD, 6D, 51, C7, 04, 24, 80, 20, EF, 3F, C1, 24, 24, 01, 81, 2C, 24, 68, F3, F3, 47, FF, 0C, 24, FF, 04, 24, 81, 04, 24, 23, BE, C4, FE, F7, 14, 24, FF, 04, 24, 81, 0C, 24, 00, 03, 69, 7E, 81, 04, 24, B1, 5B, B7, 7F, 50, B8, 0B, AD, CE, 80, 81, 6C, 24, 04, C7, 20, 99, 5F, 01...
 
[+]

Entropy:
7.9649  (probably packed)

Code size:
6.2 MB (6,500,352 bytes)

The file xtrapva.dll has been seen being distributed by the following 3 URLs.

http://45.64.187.22/xtrap/.../XTrapVa.dll

http://fhl-lcdn.pandonetworks.com/Xtrap-pb/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security