home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
6be3539e78c464ab416a48da33fc0283

SHA-1:
801060311ad7e9c65ba4ade6cc5738aca4c48b8f

SHA-256:
59a1b8618960bc5dccf9781b8240c5b493fca5af09e1f8141f09d9ea27f26df1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 4:45:40 AM UTC  (today)

File size:
4.2 MB (4,367,336 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\xtrap\xtrapva.dll

File PE Metadata
Compilation timestamp:
7/5/2016 3:17:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:8uLz9TmY3aiIcyqjYi7DAANYYR4lZKcRnLDNl1sl5Z:xLzJd3aiIcrjYi7YlHKcRLf1slv

Entry address:
0xE70044

Entry point:
56, 52, 83, EC, 04, 89, 2C, 24, BD, BE, 36, 6C, 3F, BA, BE, 36, 6C, 3F, 31, EA, 8B, 2C, 24, 83, C4, 04, 89, 54, 24, 04, 5A, 81, EC, 04, 00, 00, 00, 89, 04, 24, 89, 2C, 24, 57, 68, 01, 00, 00, 00, 5F, 89, 7C, 24, 04, 5F, 55, C7, 04, 24, 36, 3F, BA, 7F, 81, 34, 24, 5D, 89, 41, 0C, 81, 04, 24, 20, 5B, F9, 69, FF, 04, 24, FF, 0C, 24, 81, 04, 24, 32, 1E, ED, 7D, 81, 04, 24, D8, 92, ED, 08, C1, 2C, 24, 02, C1, 2C, 24, 01, 57, BF, 52, F8, D9, 4C, 31, 7C, 24, 04, 5F, E8, 00, 00, 00, 00, 81, 2C, 24, BD, 00, 27, 41...
 
[+]

Code size:
7.2 MB (7,512,064 bytes)

The file xtrapva.dll has been seen being distributed by the following 5 URLs.

http://download.priston.com.br/XtrapB5h/.../XTrapVa.dll

http://xtrap.ongame.com.br/m2/.../XTrapVa.dll

http://download.talesrunner.com/Talesrunner/hackguard/xtrap/.../XTrapVa.dll

http://download.tr.ogplanet.com/Xtrap/.../XTrapVa.dll

http://cf.cdn.patchgamerage.com/livepatch/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.