home

d3dcompiler_46.dll

Microsoft DirectX for Windows

SIEN S.A.

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module d3dcompiler_46.dll, “Direct3D HLSL Compiler” by SIEN S.A has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer.
Publisher:
Microsoft Corporation  (signed by SIEN S.A.)

Product:
Microsoft® DirectX for Windows®

Description:
Direct3D HLSL Compiler

Version:
9.30.9200.20499

MD5:
1931b50a556ee7225fd497a793a9f601

SHA-1:
8ea1556bcee7df17d1e2eccbaeda060218d4ed59

SHA-256:
62ac231b4a567db993309cbea98773c9c68d81f6d5626faf60d81fd24bbe1c18

Scanner detections:
3 / 68

Status:
Potentially unwanted

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/27/2024 3:24:32 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.7237

Dr.Web
Adware.Iminent.55
9.0.1.042

Reason Heuristics
PUP.Sien.SIENSA.Bundler (M)
16.2.11.4

File size:
3.1 MB (3,222,848 bytes)

Product version:
9.30.9200.20499

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
d3dcompiler_46.dll

File type:
Dynamic link library (Win32 DLL)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\beamrise\application\3.27.0.5541\d3dcompiler_46.dll

Digital Signature
Signed by:
SIEN S.A.

Authority:
VeriSign, Inc.

Valid from:
8/21/2012 9:00:00 PM

Valid to:
8/22/2014 8:59:59 PM

Subject:
CN=SIEN S.A., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SIEN S.A., L=Paris, S=France, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
514EA00D30C8C244C3E818890BF73967

File PE Metadata
Compilation timestamp:
8/21/2012 5:27:45 AM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.10

CTPH (ssdeep):
49152:/AKNP99RYiigTKsuI12CzOtXPINjoTl7et+vXLHEpA8:/mgH/1BaFPINjoTl78+vL0A8

Entry address:
0x25EF83

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 91, FA, FF, FF, 5D, E9, 7A, FD, FF, FF, CC, CC, CC, CC, CC, FF, 25, 98, 85, 2F, 10, CC, CC, CC, CC, CC, CC, FF, 25, 90, 85, 2F, 10, CC, CC, CC, CC, CC, CC, FF, 25, 58, 85, 2F, 10, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 8B, F1, FF, 15, F4, 84, 2F, 10, F6, 45, 08, 01, 74, 07, 56, E8, C3, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 6A, 0C, 68, 08, C1, 2E, 10, E8, 6C, 03, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7...
 
[+]

Code size:
2.9 MB (3,063,808 bytes)

Remove d3dcompiler_46.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.