home

d3dx9_38.dll

Microsoft DirectX for Windows

Microsoft Corporation

Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® DirectX for Windows®

Version:
9.23.949.2378

MD5:
e5ec2ab7156a752f9614cda4be66efe8

SHA-1:
08be46f96fb866b3b0bfee3bf204c4240344db5a

SHA-256:
b54e832bd8d7e94772c680f49c31b86f9c5db456f8e5cac66720d533896f1cfe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/19/2024 1:09:46 AM UTC  (today)

File size:
4.8 MB (4,991,496 bytes)

Product version:
9.23.949.2378

Copyright:
Copyright © Microsoft Corp. 1994-2007

Original file name:
D3DX9D.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\d3dx9_38.dll

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
8/23/2007 2:23:13 AM

Valid to:
2/23/2009 1:33:13 AM

Subject:
CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
610F784D000000000003

File PE Metadata
Compilation timestamp:
5/21/2008 4:06:15 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:wXTY5IqEze+lMHiYSTlu6hs88Y6bdEMDSgEymuRY8y3mLK/klK124XZMpzLyNbZJ:O+CJe8A9rLLK/p24XZMNygY

Entry address:
0x464CBC

Entry point:
48, 55, 56, 53, 48, 83, EC, 20, 4C, 89, C6, 89, D5, 48, 89, CB, 83, FD, 01, 75, 05, E8, 16, 0D, 00, 00, 49, 89, F0, 89, EA, 48, 89, D9, 48, 83, C4, 20, 5B, 5E, 5D, E9, 06, 00, 00, 00, CC, CC, CC, CC, CC, CC, 48, 83, EC, 78, 4C, 89, 84, 24, 90, 00, 00, 00, 89, 94, 24, 88, 00, 00, 00, 48, 89, 8C, 24, 80, 00, 00, 00, C7, 44, 24, 28, 01, 00, 00, 00, 8B, 84, 24, 88, 00, 00, 00, 89, 05, 18, 74, 02, 00, 85, C0, 75, 10, 83, 3D, E5, 73, 02, 00, 00, 75, 07, 31, C0, E9, 6A, 01, 00, 00, 83, BC, 24, 88, 00, 00, 00, 01...
 
[+]

Code size:
4.5 MB (4,760,064 bytes)

The file d3dx9_38.dll has been seen being distributed by the following 3 URLs.

http://es.originaldll.com/.../16100.dll

http://originaldll.com/.../16100.dll

http://dc614.4shared.com/download/.../d3dx9_38.dll?tsid=20140430-185054-24e11ecc&lgfp=2000

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.