home

dxva2.dll

DirectX Video Acceleration 2.0 DLL

Microsoft Corporation

It is included with the Windows 7 OS. The file has been seen being downloaded from cloclo9.cldmail.ru and multiple other hosts.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
DirectX Video Acceleration 2.0 DLL

 
Part of the Windows 7 Operating System

Version:
6.1.7600.16385 (win7_rtm.090713-1255)

MD5:
1f27643c4c626457fce8f047ae1cd7e1

SHA-1:
fa488ec7d2cf7ed9da7a82520b8522c50898f41c

SHA-256:
68e2367b9aa21c1bde7fea566d5f0dbdf1e246cb53e949622f8edc810aa95956

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 1:51:23 AM UTC  (today)

File size:
86 KB (88,064 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
dxva2.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Windows\System32\dxva2.dll

File PE Metadata
Compilation timestamp:
7/13/2009 9:06:26 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:IA7dGTZgpFx4qdJuQKcxAfoQTs6lgr6/:xET6pbfdJ+tfoMnlgrm

Entry address:
0x14271

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 7F, 15, FF, FF, 5D, E9, 02, FD, FF, FF, 90, 90, 90, 90, 90, 8B, FF, 55, 8B, EC, 83, EC, 18, 8B, 45, 08, 53, 8B, 5D, 14, 56, 8B, 73, 08, 33, 30, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0B, 8B, 4E, 04, 03, CF, 33, 0C, 38, FF, 55, 0C, 8B, 4E, 0C, 8B, 56, 08, 03, CF, 33, 0C, 3A, FF, 55, 0C, 8B, 45, 10, F6, 40, 04, 66, 0F, 85, 0A, 01, 00, 00, 8D, 4D, E8, 89, 4B, FC, 8B, 5B, 0C, 89, 45, E8, 8B, 45, 18, 89, 45, EC, 83, FB...
 
[+]

Code size:
80 KB (81,920 bytes)

The file dxva2.dll has been seen being distributed by the following 2 URLs.

https://cloclo9.cldmail.ru/8goM5x1U21A3KfjxVmV/G/.../epoxD5rkh?key=293fab1ff73de87e013f798414eeda0631362c45

https://cloclo26.cldmail.ru/Q4gfoomKZ1aYub6JUGj/G/.../epoxD5rkh?key=88d63b87f29358aac17027f52590129e93c1fadc

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.