home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
6bb35dbbac44c341500f0174a61413f5

SHA-1:
553bd4d32f5f8297c723c41b32b9e7ad9c651956

SHA-256:
2c9225d17a8318a79c343b814f310cf65e62043b8780645554dd2ad6794f8398

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 11:28:14 PM UTC  (a few moments ago)

File size:
4 MB (4,162,536 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\xtrapva.dll

File PE Metadata
Compilation timestamp:
6/21/2016 12:20:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:GEoSpB5oVvKh9xGdBC0nmxtHDYK9X0JePdMrEMsQ1pkImsQ3/6/EEtTG3EsRs3g:WuBuVZW0m8KuJePCXsQPkImTjE9G0Hw

Entry address:
0xD72044

Entry point:
52, 89, E2, 56, BE, 04, 00, 00, 00, 01, F2, 5E, 81, EA, 04, 00, 00, 00, 87, 14, 24, 5C, 89, 3C, 24, C7, 04, 24, 98, 0B, 93, 75, C1, 2C, 24, 05, 81, 04, 24, A4, 67, 53, FC, 52, C7, 04, 24, 9B, C1, A7, 0B, 89, 14, 24, C7, 04, 24, BA, BB, BC, 7A, 87, 04, 24, F7, D0, 87, 04, 24, 81, 0C, 24, 9A, 65, EB, 6F, C1, 2C, 24, 03, 81, 2C, 24, 4A, FF, EE, 3B, 81, 2C, 24, 70, 6D, 0E, E2, 51, C7, 04, 24, 66, C5, FF, 7F, C1, 2C, 24, 08, 50, 57, 68, 85, AF, 15, 3F, 5F, C1, E7, 08, 81, E7, A2, C8, EA, 47, C1, EF, 08, 81, EF...
 
[+]

Code size:
6.3 MB (6,615,040 bytes)

The file xtrapva.dll has been seen being distributed by the following 9 URLs.

http://cfsapatch.z8games.com/xtrap/.../XTrapVa.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapVa.dll

http://patch.crossfire.web.id/xtrap/.../XTrapVa.dll

http://update.cfire.ru/xtrap/.../XTrapVa.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapVa.dll

http://update.cfire.ru/xtrap/.../XTrapVa.dll

http://cf.cdn.patchgamerage.com/livepatch/xtrap/.../XTrapVa.dll

http://patch.crossfire.web.id/xtrap/.../XTrapVa.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.