» d3dcompiler_46.dll
Overview
Analysis
File Details

d3dcompiler_46.dll

Microsoft DirectX for Windows

ClaraLabSoftware

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The module d3dcompiler_46.dll, “Direct3D HLSL Compiler” by ClaraLabSoftware has been detected as a potentially unwanted program by 4 anti-malware scanners.

File name:

d3dcompiler_46.dll

Publisher:

Microsoft Corporation (signed by ClaraLabSoftware)

Product:

Microsoft® DirectX for Windows®

Description:

Direct3D HLSL Compiler

Version:

9.30.9200.20789

MD5:

3967fd6cfa5d9c9c7b72dc7f945d5ec8

SHA-1:

93653c63f4f8b3cb07d17a0c6f5adce1a8b82b2c

SHA-256:

bd523472d622f06d7ea2162cbd93c2a3bf71c5835904424dc32ad2f1b091fc7e

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

4/20/2024 4:39:48 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.Iminent.49

9.0.1.0201

Malwarebytes

PUP.Optional.Clara.A

v2015.07.20.07

Reason Heuristics

PUP.ClaraLabSoftware

15.4.19.3

Trend Micro House Call

Suspicious_GEN.F47V0510

7.2.201

File size:

3.1 MB (3,222,152 bytes)

Product version:

9.30.9200.20789

Original file name:

d3dcompiler_46.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\bobrowser\application\39.0.2132.13\d3dcompiler_46.dll

Digital Signature

Signed by:

ClaraLabSoftware

Authority:

GlobalSign nv-sa

Valid from:

1/20/2015 2:40:38 AM

Valid to:

1/21/2016 2:40:38 AM

Subject:

CN=ClaraLabSoftware, O=ClaraLabSoftware, L=Paris, C=FR

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112123154E5E0FD1C6C84C77F8890B7472E0

File PE Metadata

Compilation timestamp:

8/3/2013 1:17:55 AM

OS version:

6.2

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.10

CTPH (ssdeep):

49152:4AzNP99RYiigTKsuI12CzOtXPINjoTl7et+vXLHEpAx:4dgH/1BaFPINjoTl78+vL0Ax

Entry address:

0x25EF83

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 91, FA, FF, FF, 5D, E9, 7A, FD, FF, FF, CC, CC, CC, CC, CC, FF, 25, 98, 85, 2F, 10, CC, CC, CC, CC, CC, CC, FF, 25, 90, 85, 2F, 10, CC, CC, CC, CC, CC, CC, FF, 25, 58, 85, 2F, 10, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 8B, F1, FF, 15, F4, 84, 2F, 10, F6, 45, 08, 01, 74, 07, 56, E8, C3, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 6A, 0C, 68, 08, C1, 2E, 10, E8, 6C, 03, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7... 
[+]

Code size:

2.9 MB (3,063,808 bytes)

Remove d3dcompiler_46.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.