» d3d9.dll
Overview
Analysis
File Details
Downloads (6)

d3d9.dll

File name:

d3d9.dll

MD5:

d86960aa49ed27fc210bf648e3a0e699

SHA-1:

49f550e0ec5a9f060faf5ba7aecce45ad6a8d3ec

SHA-256:

cc86eabf4f9bd1a85136bed92cf7dca61d0642ca497b99a641ebe34e6ef851c7

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 9:50:05 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.Win32.Generic.11ECDEA0!300736160

23.00.65.14121

File size:

1.4 MB (1,507,328 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\autodesk\autodesk autocad civil 3d 2014\d3d9.dll

File PE Metadata

Compilation timestamp:

4/1/2008 10:45:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:p0SuiPm5s6XT4kHLG8J5zIPG8nVglF9uQvKWF:p0S98jdL9d2WF0CR

Entry address:

0xA6CB7

Entry point:

83, 7C, 24, 08, 01, 75, 05, E8, 29, 82, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, ED, FE, FF, FF, 59, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, 83, EC, 0C, DD, 14, 24, E8, 2D, 4C, 00, 00, E8, 0D, 00, 00, 00, 83, C4, 0C, C3, 8D, 54, 24, 04, E8, D8, 4B, 00, 00, 52, 9B, D9, 3C, 24, 8B, 44, 24, 0C, 74, 51, 66, 81, 3C, 24, 7F, 02, 74, 05, E8, 90, 4B, 00, 00, A9, 00, 00, 00, 80, 75, 1F, D9, FA, 83, 3D, F0, 1C, 1E, 10, 00, 0F, 85, 03, 4C, 00, 00, BA, 05, 00, 00, 00, 8D, 0D, 60, E3, 14, 10, E9... 
[+]

Entropy:

6.7160

Code size:

964 KB (987,136 bytes)

The file d3d9.dll has been seen being distributed by the following 6 URLs.

https://docs.google.com/uc?id=0B4DMbZYoTovPaE1yMXJBdGp1NUE&export=download

http://download1728.mediafire.com/yaz16v3brjbg/.../d3d9.dll

http://download1642.mediafire.com/76m2cja9cjsg/.../d3d9.dll

https://mega.nz/temporary/.../l0NDhDCA

https://mega.nz/persistent/.../l0NDhDCA

http://download681.mediafire.com/d8w882dz3wxg/.../d3d9.dll

Scan d3d9.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.