× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 60e4038f39935ec9eacae4f04f465735253fa602ad4bec927a9885ae9b12c8f1
File name: xproto.dll
Detection ratio: 0 / 46
Analysis date: 2013-08-15 17:25:07 UTC ( 5 years, 7 months ago )
Antivirus Result Update
Yandex 20130814
AhnLab-V3 20130815
AntiVir 20130815
Antiy-AVL 20130815
Avast 20130815
AVG 20130815
BitDefender 20130815
ByteHero 20130814
CAT-QuickHeal 20130814
ClamAV 20130815
Commtouch 20130815
Comodo 20130815
DrWeb 20130815
Emsisoft 20130815
ESET-NOD32 20130815
F-Prot 20130815
F-Secure 20130815
Fortinet 20130815
GData 20130815
Ikarus 20130815
Jiangmin 20130815
K7AntiVirus 20130814
K7GW 20130814
Kaspersky 20130815
Kingsoft 20130723
Malwarebytes 20130815
McAfee 20130815
McAfee-GW-Edition 20130815
Microsoft 20130815
eScan 20130815
NANO-Antivirus 20130815
Norman 20130815
nProtect 20130815
Panda 20130815
PCTools 20130815
Rising 20130815
Sophos AV 20130815
SUPERAntiSpyware 20130815
Symantec 20130815
TheHacker 20130814
TotalDefense 20130814
TrendMicro 20130815
TrendMicro-HouseCall 20130815
VBA32 20130815
VIPRE 20130815
ViRobot 20130815
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2009-2010 RAIDCALL.COM, All rights reserved

Publisher RAIDCALL.COM
Product xproto
Version 1.0.2507.364
Original name xproto.dll
File version 1.0.2507.364
Description Raidcall X-Proto Kernel Component
Comments Powered by Team Raidcall.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-06 05:24:11
Entry Point 0x000725E6
Number of sections 5
PE sections
PE imports
DeregisterEventSource
RegisterEventSourceA
ReportEventA
FindFirstFileW
GetSystemTime
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LoadResource
LoadLibraryW
WaitForSingleObject
GetVersionExW
FreeLibrary
QueryPerformanceCounter
HeapDestroy
ExitProcess
GetThreadLocale
GetVersionExA
LoadLibraryA
lstrlenW
GetLocalTime
DeleteCriticalSection
SizeofResource
GetWindowsDirectoryW
GetLocaleInfoA
GetCurrentProcessId
LockResource
LoadLibraryExW
MultiByteToWideChar
HeapSize
CreateDirectoryW
GetProcAddress
GetPrivateProfileIntW
GetProcessHeap
RaiseException
WideCharToMultiByte
GetModuleFileNameW
InterlockedExchange
FindResourceExW
CloseHandle
GetSystemTimeAsFileTime
OutputDebugStringA
GetACP
HeapReAlloc
GetModuleHandleW
SetEvent
LocalFree
GetFileType
GlobalMemoryStatus
GetModuleFileNameA
CreateEventW
GetVersion
InitializeCriticalSection
OutputDebugStringW
FindResourceW
FindClose
lstrcatW
FormatMessageA
GetTickCount
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?copy@?$char_traits@G@std@@SAPAGPAGPBGI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?compare@?$char_traits@G@std@@SAHPBG0I@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?_Nomemory@std@@YAXXZ
?_Xran@_String_base@std@@QBEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Xlen@_String_base@std@@QBEXXZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$char_traits@G@std@@SAPBGPBGIABG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?move@?$char_traits@G@std@@SAPAGPAGPBGI@Z
_purecall
rand
malloc
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??1type_info@@UAE@XZ
fread
fclose
strcat
__dllonexit
abort
_setmode
fgets
fflush
fopen
strlen
_except_handler3
?terminate@@YAXXZ
realloc
memset
fwrite
fseek
qsort
_onexit
wcslen
ftell
_snprintf
??_V@YAXPAX@Z
_fileno
srand
_memccpy
sprintf
free
__CxxFrameHandler
_CxxThrowException
_itoa
??1exception@@UAE@XZ
_adjust_fdiv
time
??3@YAXPAX@Z
?what@exception@@UBEPBDXZ
__security_error_handler
atoi
vfprintf
_callnewh
memcpy
_vsnprintf
ctime
memmove
_atoi64
??0exception@@QAE@XZ
__CppXcptFilter
wcsstr
fprintf
_initterm
strcmp
memchr
_iob
PathFindFileNameA
PathFindFileNameW
SetWindowLongW
GetUserObjectInformationW
RegisterClassExW
RegisterClassW
DefWindowProcW
GetDesktopWindow
MessageBoxA
CreateWindowExW
GetWindowLongW
GetProcessWindowStation
CharNextW
PostMessageW
DestroyWindow
timeKillEvent
timeSetEvent
timeGetTime
Ord(3)
Ord(1)
Ord(101)
Ord(111)
Ord(103)
Ord(115)
Ord(11)
Ord(20)
Ord(17)
WSAIoctl
Ord(52)
Ord(9)
Ord(112)
Ord(4)
Ord(19)
Ord(2)
Ord(12)
Ord(10)
Ord(23)
Ord(108)
Ord(16)
Ord(8)
CoTaskMemFree
StgCreateDocfile
StgOpenStorage
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL DEFAULT 1
PE resources
ExifTool file metadata
FileDescription
Raidcall X-Proto Kernel Component

Comments
Powered by Team Raidcall.

InitializedDataSize
233472

ImageVersion
0.0

ProductName
xproto

FileVersionNumber
1.0.2507.364

UninitializedDataSize
0

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
7.1

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.2507.364

TimeStamp
2012:11:06 06:24:11+01:00

FileType
Win32 DLL

PEType
PE32

ProductVersion
1.0.2507.364

SubsystemVersion
4.0

OSVersion
4.0

OriginalFilename
xproto.dll

LegalCopyright
Copyright (C) 2009-2010 RAIDCALL.COM, All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
RAIDCALL.COM

CodeSize
507904

FileSubtype
0

ProductVersionNumber
1.0.2507.364

EntryPoint
0x725e6

ObjectFileType
Unknown

File identification
MD5 b6a99da612229fd50ab1a5ad5d955920
SHA1 ca1fca6858435993578cd4cca22f0fd3ae2bc69b
SHA256 60e4038f39935ec9eacae4f04f465735253fa602ad4bec927a9885ae9b12c8f1
ssdeep
12288:WMacgg7MVMipc1bVLttvXmA4vK/8b0YnmK2siea0WNMV2SH7NnX87mTXu0OFD7:DGp0CBX8KTXu0O

File size 716.0 KB ( 733184 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2013-08-15 16:48:11 UTC ( 5 years, 7 months ago )
Last submission 2013-08-15 17:25:07 UTC ( 5 years, 7 months ago )
File names vt-upload-RR9Ff
vt-upload-HsRoK
xproto.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!