home

xtrapva.dll

Wiselogic Co., Ltd.

Publisher:
Wiselogic Co., Ltd.  (signed and verified)

Description:
Online Game Security Solution

Version:
1, 0, 0, 1

MD5:
82f3a93b6e529959cd4474be6e9ca725

SHA-1:
b79aabd994b159a51f8fe38b774aeabcbb28bf61

SHA-256:
f544fc774374ea1fea2fac8e800daec46675b4955ac89a210bb381501a85f5ac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/15/2024 9:56:16 PM UTC  (today)

File size:
1.4 MB (1,416,472 bytes)

Copyright:
Wiselogic Co., Ltd.

Trademarks:
X-TRAP

File type:
Dynamic link library (Win32 DLL)

Language:
Korean (Korea)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\content.ie5\88h0si6i\xtrapva.dll

Digital Signature
Signed by:
Wiselogic Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
10/23/2012 8:00:00 AM

Valid to:
11/23/2013 7:59:59 AM

Subject:
CN="Wiselogic Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Wiselogic Co., Ltd.", L=Gangnam gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13BEF1CE41B008BD8BD048FEEE0268AA

File PE Metadata
Compilation timestamp:
5/30/2013 10:42:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:7PBioCzRnkeYjMJKVx2fB4iQ6qS/9KN32BDq2kk60uTKLSWe19M/QVeE1UYOC:7PBinkeD2xViQU9Ml0RxQt

Entry address:
0x3DC044

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 40, 40, E8, 00, 00, 00, 00, 81, 2C, 24, 58, C0, 7D, 40, 81, 04, 24, 00, B0, 7D, 40, E9, 95, 1F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8978

Packer / compiler:
PKLITE32, 0x1.1

Code size:
1.1 MB (1,122,304 bytes)

The file xtrapva.dll has been seen being distributed by the following 5 URLs.

http://fhl-lcdn.pandonetworks.com/X-Trap/.../XTrapVa.dll

http://sacdn2.axeso5.com/xtrap/.../XTrapVa.dll

http://cfsapatch.z8games.com/xtrap/.../XTrapVa.dll

http://update.cfire.ru/xtrap/.../XTrapVa.dll

http://download.gameclub.com/cf/xtrap/.../XTrapVa.dll

Scan xtrapva.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.