d3dcompiler_47.dll

Direct3D HLSL Compiler for Redistribution

Shan Feng

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module d3dcompiler_47.dll, “Direct3D HLSL Compiler for Redistribution” by Shan Feng has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by Shan Feng)

Product:
Microsoft® Windows® Operating System

Description:
Direct3D HLSL Compiler for Redistribution

Version:
10.0.10586.15 (th2_release.151119-1817)

MD5:
729abbdd27327855df83280ada49574b

SHA-1:
0254f2b258d45acbf7040562390f1fc21447a351

SHA-256:
e3d9dad30e8262610723d13a9474f23e0f443e2702a31a21e4c141cdf1cc8667

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 3:54:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex (M)
16.8.3.9

File size:
3.5 MB (3,698,560 bytes)

Product version:
10.0.10586.15

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
d3dcompiler_47.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\toolduck\toolduck\d3dcompiler_47.dll

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
5/5/2016 7:30:00 PM

Valid to:
2/3/2017 7:29:59 PM

Subject:
CN=Shan Feng, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
1B853FB691BA9396C7738041A583DCD1

File PE Metadata
Compilation timestamp:
11/20/2015 12:23:44 AM

OS version:
10.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.10

CTPH (ssdeep):
49152:iXxztRVg63VCssRWQnP73DPFeYjLpZyLpsRug4TJz07+G3:iBzrVgoVCbLxTpkpsRugYi3

Entry address:
0x2B3610

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 08, 08, 00, 00, 5D, E9, 2A, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, B8, 63, 73, 6D, E0, 39, 45, 08, 75, 0D, FF, 75, 0C, 50, E8, 67, 06, 00, 00, 59, 59, 5D, C3, 33, C0, 5D, C3, CC, CC, CC, CC, CC, 6A, 30, 68, C0, 06, 36, 10, E8, 80, 08, 00, 00, C7, 45, E0, 01, 00, 00, 00, 33, F6, 89, 75, FC, 8B, 45, 0C, 83, F8, 01, 77, 05, A3, 00, 10, 36, 10, 83, 7D, 0C, 00, 75, 11, 83, 3D, 70, 72, 36, 10, 00, 75, 08, 89, 75, E0, E9, 39, 02, 00, 00, 8B, 45, 0C, 83...
 
[+]

Code size:
3.4 MB (3,537,920 bytes)

Remove d3dcompiler_47.dll - Powered by Reason Core Security