× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 829efa5ded052e1604fc838f3ddc79eabb0ffd50379550de9a211f1f57afd562
File name: xproto.dll
Detection ratio: 0 / 46
Analysis date: 2013-04-12 14:01:12 UTC ( 5 years, 4 months ago )
Antivirus Result Update
Yandex 20130412
AhnLab-V3 20130411
AntiVir 20130412
Antiy-AVL 20130412
Avast 20130412
AVG 20130412
BitDefender 20130412
ByteHero 20130322
CAT-QuickHeal 20130412
ClamAV 20130412
Commtouch 20130412
Comodo 20130412
DrWeb 20130412
Emsisoft 20130412
eSafe 20130407
ESET-NOD32 20130412
F-Prot 20130412
F-Secure 20130412
Fortinet 20130412
GData 20130412
Ikarus 20130412
Jiangmin 20130412
K7AntiVirus 20130411
Kaspersky 20130412
Kingsoft 20130408
Malwarebytes 20130412
McAfee 20130412
McAfee-GW-Edition 20130412
Microsoft 20130412
eScan 20130412
NANO-Antivirus 20130412
Norman 20130412
nProtect 20130412
Panda 20130411
PCTools 20130412
Rising 20130412
Sophos AV 20130412
SUPERAntiSpyware 20130412
Symantec 20130412
TheHacker 20130411
TotalDefense 20130411
TrendMicro 20130412
TrendMicro-HouseCall 20130412
VBA32 20130411
VIPRE 20130412
ViRobot 20130412
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2009-2010 RAIDCALL.COM, All rights reserved

Publisher RAIDCALL.COM
Product xproto
Original name xproto.dll
File version 1.0.4851.410
Description Raidcall X-Proto Kernel Component
Comments Powered by Team Raidcall.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-03-09 09:05:35
Entry Point 0x00073F36
Number of sections 5
PE sections
PE imports
DeregisterEventSource
RegisterEventSourceA
ReportEventA
GetSystemTime
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LoadResource
LoadLibraryW
WaitForSingleObject
GetVersionExW
FreeLibrary
FindFirstFileW
HeapDestroy
ExitProcess
GetThreadLocale
GetVersionExA
LoadLibraryA
lstrlenW
GetLocalTime
DeleteCriticalSection
SizeofResource
GetWindowsDirectoryW
GetLocaleInfoA
GetCurrentProcessId
LockResource
LoadLibraryExW
MultiByteToWideChar
HeapSize
CreateDirectoryW
GetProcAddress
GetPrivateProfileIntW
QueryPerformanceCounter
GetProcessHeap
RaiseException
WideCharToMultiByte
GetModuleFileNameW
InterlockedExchange
FindResourceExW
CloseHandle
GetSystemTimeAsFileTime
OutputDebugStringA
GetACP
HeapReAlloc
GetModuleHandleW
SetEvent
LocalFree
GetFileType
GlobalMemoryStatus
GetModuleFileNameA
CreateEventW
GetVersion
InitializeCriticalSection
OutputDebugStringW
FindResourceW
FindClose
lstrcatW
FormatMessageA
GetTickCount
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?copy@?$char_traits@G@std@@SAPAGPAGPBGI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?compare@?$char_traits@G@std@@SAHPBG0I@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?_Nomemory@std@@YAXXZ
?_Xran@_String_base@std@@QBEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Xlen@_String_base@std@@QBEXXZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$char_traits@G@std@@SAPBGPBGIABG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?move@?$char_traits@G@std@@SAPAGPAGPBGI@Z
_purecall
rand
malloc
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??1type_info@@UAE@XZ
fread
fclose
strcat
__dllonexit
abort
_setmode
fgets
fflush
fopen
strlen
_except_handler3
?terminate@@YAXXZ
realloc
memset
fwrite
fseek
qsort
_onexit
wcslen
ftell
_snprintf
??_V@YAXPAX@Z
_fileno
srand
_memccpy
sprintf
free
__CxxFrameHandler
_CxxThrowException
tolower
_itoa
??1exception@@UAE@XZ
_adjust_fdiv
time
??3@YAXPAX@Z
?what@exception@@UBEPBDXZ
__security_error_handler
atoi
vfprintf
_callnewh
memcpy
_vsnprintf
ctime
memmove
_atoi64
??0exception@@QAE@XZ
__CppXcptFilter
wcsstr
fprintf
_initterm
strcmp
memchr
_iob
PathFindFileNameA
PathFindFileNameW
SetWindowLongW
GetUserObjectInformationW
RegisterClassExW
RegisterClassW
DefWindowProcW
GetDesktopWindow
MessageBoxA
CreateWindowExW
GetWindowLongW
GetProcessWindowStation
CharNextW
PostMessageW
DestroyWindow
timeKillEvent
timeSetEvent
timeGetTime
Ord(12)
Ord(3)
Ord(11)
Ord(10)
Ord(1)
Ord(23)
Ord(101)
Ord(20)
Ord(111)
Ord(103)
Ord(108)
Ord(17)
Ord(16)
Ord(2)
Ord(19)
Ord(4)
Ord(115)
Ord(8)
Ord(112)
WSAIoctl
Ord(9)
CoTaskMemFree
StgCreateDocfile
StgOpenStorage
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL DEFAULT 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Powered by Team Raidcall.

InitializedDataSize
237568

ImageVersion
0.0

ProductName
xproto

FileVersionNumber
1.0.4851.410

UninitializedDataSize
0

LanguageCode
Process default

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
7.1

FileOS
Win32

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.4851.410

TimeStamp
2013:03:09 09:05:35+00:00

FileType
Win32 DLL

PEType
PE32

ProductVersion
1.0.4851.410

FileDescription
Raidcall X-Proto Kernel Component

OSVersion
4.0

OriginalFilename
xproto.dll

LegalCopyright
Copyright (C) 2009-2010 RAIDCALL.COM, All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
RAIDCALL.COM

CodeSize
516096

FileSubtype
0

ProductVersionNumber
1.0.4851.410

EntryPoint
0x73f36

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 9701389c27fb8cdb113b70d8b414c902
SHA1 dacf36555b57678098fa7149c501978664a55dee
SHA256 829efa5ded052e1604fc838f3ddc79eabb0ffd50379550de9a211f1f57afd562
ssdeep
12288:o1npH3XuvvYHMFuMofeZ0GBX1mmss2+JVe7xAGvG6mciLm6elFDxH7Cf52TXXGVg:OUfmRx9x7CfITXXGVzhnW

File size 728.0 KB ( 745472 bytes )
File type Win32 DLL
Magic literal
MS-DOS executable PE for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
Tags
pedll

VirusTotal metadata
First submission 2013-04-12 14:01:12 UTC ( 5 years, 4 months ago )
Last submission 2013-04-12 14:01:12 UTC ( 5 years, 4 months ago )
File names vt-upload-1wLCC
xproto.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!