d3dcompiler_43.dll

Microsoft DirectX for Windows

SIEN S.A.

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module d3dcompiler_43.dll, “Direct3D HLSL Compiler” by SIEN S.A has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the SIEN SuperInstall installer.
Publisher:
Microsoft Corporation  (signed by SIEN S.A.)

Product:
Microsoft® DirectX for Windows®

Description:
Direct3D HLSL Compiler

Version:
9.29.952.3111

MD5:
fa746ba2e0749032da2a03fdf0321a5a

SHA-1:
517a70cb14d86c52afc08581543dd89fb40f01f8

SHA-256:
485a0e8f42228d8bae3fe2bec3fcfb5990bea4d6320b3a6759ad4f8dc4f3fca9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/2/2024 5:30:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sien (M)
17.3.1.13

File size:
2 MB (2,106,680 bytes)

Product version:
9.29.952.3111

Copyright:
Copyright © Microsoft Corp. 1994-2007

Original file name:
d3dcompiler_43.dll

File type:
Dynamic link library (Win32 DLL)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\1stbrowser\application\32.1.1700.77\d3dcompiler_43.dll

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
8/21/2012 9:00:00 PM

Valid to:
8/22/2014 8:59:59 PM

Subject:
CN=SIEN S.A., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SIEN S.A., L=Paris, S=France, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
514EA00D30C8C244C3E818890BF73967

File PE Metadata
Compilation timestamp:
5/21/2010 10:24:09 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

Entry address:
0x1EC09B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, D9, 0B, 00, 00, 5D, E9, 7A, FD, FF, FF, CC, CC, CC, CC, CC, 3B, 0D, 98, 00, 1F, 10, 75, 03, C2, 00, 00, E9, 63, 0C, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 81, EC, D0, 02, 00, 00, A1, 98, 00, 1F, 10, 33, C5, 89, 45, FC, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC, FD, FF, FF, 66, 8C, 95, F8, FD, FF, FF, 66, 8C, 8D, EC, FD, FF, FF, 66, 8C, 9D, C8, FD, FF, FF, 66, 8C...
 
[+]

Code size:
1.9 MB (2,023,936 bytes)

Remove d3dcompiler_43.dll - Powered by Reason Core Security