home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
1796bdae1af4053589202b520dd37722

SHA-1:
66ec97d7424a63bd6d48bf3a9fc92388ab258b65

SHA-256:
54d192b5cd275e0aa46778ba1506d70123f1a1ad8e5efc05635d7116b68499bc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/21/2024 10:26:56 AM UTC  (today)

File size:
4 MB (4,170,728 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\xtrapva.dll

File PE Metadata
Compilation timestamp:
6/10/2016 1:27:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:VLrr4QthQ3pbIJuJKAkD0asuCGpJlWN+GMCMyNtJd6kLZRm:hrs8iZJKAkDvQN+GpjdtZ

Entry address:
0xD75044

Entry point:
50, C7, 04, 24, 77, 22, 5F, 3B, 55, BD, 9A, B2, 9F, 6C, 29, 6C, 24, 04, 5D, 81, 04, 24, C5, 91, E8, 5A, 52, BA, 0D, 21, FF, 7D, 31, 54, 24, 04, 8B, 14, 24, 83, C4, 04, 81, 34, 24, AF, 20, 57, 54, 57, C7, 04, 24, 26, 78, FF, 77, 57, C7, 04, 24, 25, 70, D4, 77, 89, 14, 24, BA, 27, 78, FF, 77, 31, 54, 24, 04, 5A, 83, EC, 04, 89, 14, 24, C7, 04, 24, 33, 94, ED, 77, 81, 04, 24, 01, 00, 00, 00, F7, 1C, 24, 81, 0C, 24, D3, 12, FB, 45, F7, 14, 24, 81, 04, 24, EF, 88, F9, FD, 81, 04, 24, 51, D4, 53, 7E, 81, 2C, 24...
 
[+]

Entropy:
7.9671  (probably packed)

Code size:
6.2 MB (6,500,352 bytes)

The file xtrapva.dll has been seen being distributed by the following URL.

http://op7cdn2.axeso5.com/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.