home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
b76a23b1a0a508dab1c8ddd1a33c1ec6

SHA-1:
002bea114394a1c91c5df064a4cffa1eb3af1ff4

SHA-256:
237dfa62366742d2e36a84eeacdbf04bba9bdab75e9ed3e1d9e63639c269980d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:53:17 PM UTC  (today)

File size:
4 MB (4,166,632 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean (Korea)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\xtrapva.dll

File PE Metadata
Compilation timestamp:
6/2/2016 2:37:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:Ap6xncXpx8w/Iq95xpwxtAccmilGs7zab4uSpUA3ZOa2oyZT:E6xn8qwgqnxcbilr7zab4uSZB0

Entry address:
0xD6C044

Entry point:
53, 51, B9, 44, 8C, AB, 27, 89, 4C, 24, 04, 59, 56, BE, BC, 73, 54, D8, 81, 6C, 24, 04, AA, E9, 57, 7E, 01, 74, 24, 04, 81, 44, 24, 04, AA, E9, 57, 7E, 5E, 57, C7, 04, 24, B0, 76, FF, 7D, FF, 04, 24, 81, 24, 24, 51, F1, ED, 3D, C1, 24, 24, 04, F7, 1C, 24, 81, 2C, 24, 01, C4, FD, 36, 57, BF, C5, 2C, D1, 71, 29, 7C, 24, 04, 5F, 89, 1C, 24, C7, 04, 24, 01, 00, 00, 00, 55, C7, 04, 24, D1, 6A, EA, 71, 89, 2C, 24, 89, 3C, 24, C7, 04, 24, 0E, D2, EF, 3F, 81, 04, 24, 99, 90, B2, 6E, 81, 2C, 24, 00, 68, 67, 3E, 81...
 
[+]

Entropy:
7.9671  (probably packed)

Code size:
6.2 MB (6,492,160 bytes)

The file xtrapva.dll has been seen being distributed by the following 11 URLs.

http://es.cfpatch.z8games.com/xtrap/.../XTrapVa.dll

http://hero.gscdn.netgame.com/hero/patch/x-trap/.../XTrapVa.dll

http://wiacdn2.axeso5.com/xtrap/.../XTrapVa.dll

http://downloads.ogplanet.com/XTrap/NewLaTale/.../XTrapVa.dll

https://s3.amazonaws.com/redbana-xtrap/.../XTrapVa.dll

http://xtrap.ongame.com.br/m2/.../XTrapVa.dll

http://zmrcdn2.axeso5.com/xtrap/.../XTrapVa.dll

http://xtrap.mayngames.com/eu/.../XTrapVa.dll

http://patch.crossfire.web.id/xtrap/.../XTrapVa.dll

http://patch.cdn.gamigo.com/lc/xtrap/.../XTrapVa.dll

http://es.cfpatch.z8games.com/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.