» d3dcompiler_47.dll
Overview
Analysis
File Details

d3dcompiler_47.dll

Direct3D HLSL Compiler for Redistribution

Mengmeng Wang

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module d3dcompiler_47.dll, “Direct3D HLSL Compiler for Redistribution” by Mengmeng Wang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

d3dcompiler_47.dll

Publisher:

Microsoft Corporation (signed by Mengmeng Wang)

Product:

Microsoft® Windows® Operating System

Description:

Direct3D HLSL Compiler for Redistribution

Version:

10.0.10586.212 (th2_release_sec.160328-1908)

MD5:

bc770873df8bd1166f5be7073ddebd2f

SHA-1:

1d7d783b8b2026eb3ab9b552974da6914d3726c7

SHA-256:

f07d409602c98f60724cbe94a7101ca22fc9615049eb5f595e02f71ea0cd831b

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/16/2024 5:43:16 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Elex.MW (M)

17.3.16.10

File size:

3.5 MB (3,699,384 bytes)

Product version:

10.0.10586.212

Original file name:

d3dcompiler_47.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\firefox\d3dcompiler_47.dll

Digital Signature

Signed by:

Mengmeng Wang

Authority:

thawte, Inc.

Valid from:

10/13/2016 5:00:00 PM

Valid to:

10/13/2017 4:59:59 PM

Subject:

CN=Mengmeng Wang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

57FCDAB4B0C6202BC89A0DDD4A742960

File PE Metadata

Compilation timestamp:

3/28/2016 11:30:51 PM

OS version:

10.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

12.10

Entry address:

0x2B3610

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 08, 08, 00, 00, 5D, E9, 2A, 00, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, B8, 63, 73, 6D, E0, 39, 45, 08, 75, 0D, FF, 75, 0C, 50, E8, 67, 06, 00, 00, 59, 59, 5D, C3, 33, C0, 5D, C3, CC, CC, CC, CC, CC, 6A, 30, 68, C0, 06, 36, 10, E8, 80, 08, 00, 00, C7, 45, E0, 01, 00, 00, 00, 33, F6, 89, 75, FC, 8B, 45, 0C, 83, F8, 01, 77, 05, A3, 00, 10, 36, 10, 83, 7D, 0C, 00, 75, 11, 83, 3D, 70, 72, 36, 10, 00, 75, 08, 89, 75, E0, E9, 39, 02, 00, 00, 8B, 45, 0C, 83... 
[+]

Entropy:

6.5558

Code size:

3.4 MB (3,537,920 bytes)

Remove d3dcompiler_47.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.