» direct3d.dll
Overview
Analysis
File Details
Downloads (1)

direct3d.dll

The library direct3d.dll has been detected as malware by 27 anti-virus scanners. The file has been seen being downloaded from dc731.4shared.com.

File name:

direct3d.dll

MD5:

4e13db321c3e6e18992cdd3f0062e5c1

SHA-1:

3eba3304c7a5dc7ec29dceb77f366c736c459fa2

SHA-256:

e29cef7d22bdd4cf434ec7e6c70bb788e05f5a8d5a2aced8dc8cbeefe5ab476d

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/25/2024 4:42:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.8746965

210

AegisLab AV Signature

DangerousObject.Multi.Gen

2.1.4+

Agnitum Outpost

Trojan.Rogue

7.1.1

Avira AntiVirus

TR/Rogue.8746965

8.3.1.6

Arcabit

Trojan.Generic.D8577D5

1.0.0.425

avast!

Win32:Malware-gen

2014.9-160708

Bitdefender

Trojan.Generic.8746965

1.0.20.950

Bkav FE

HW32.Packed

1.3.0.6979

Clam AntiVirus

Win.Trojan.Wysotot

0.98/21511

Comodo Security

UnclassifiedMalware

22732

Emsisoft Anti-Malware

Trojan.Generic.8746965

8.16.07.08.02

Fortinet FortiGate

W32/Virtum!tr

7/8/2016

F-Secure

Trojan.Generic.8746965

11.2016-08-07_6

G Data

Trojan.Generic.8746965

16.7.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.205.16532

McAfee

Artemis!4E13DB321C3E

5600.6344

MicroWorld eScan

Trojan.Generic.8746965

17.0.0.570

NANO AntiVirus

Trojan.Win32.Rogue.dcduss

0.30.24.2487

nProtect

Trojan.Generic.8746965

15.07.10.01

Panda Antivirus

Trj/Genetic.gen

16.07.08.02

Qihoo 360 Security

Win32/Trojan.7ba

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.14698B38!342461240

23.00.65.16706

Sophos

Troj/Virtum-Gen

4.98

Trend Micro House Call

TROJ_SPNR.14FC13

7.2.190

Trend Micro

TROJ_SPNR.14FC13

10.465.08

VIPRE Antivirus

Trojan.Win32.Generic

41914

File size:

132.5 KB (135,685 bytes)

File type:

Dynamic link library (Win32 DLL)

File PE Metadata

Compilation timestamp:

3/7/2013 2:34:43 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:rbWqZlrhaUfCqSVys0Eogbck30e5ZqGA7GcZqcR/4UwC7ZqW++QKJR:rbWqZlIUaqmy4dnOyDc5wC7ZEGz

Entry address:

0x3B60E

Entry point:

68, 5B, B3, B1, 6C, 60, C7, 44, 24, 20, C2, 73, 69, AF, C6, 44, 24, 18, 3A, C7, 44, 24, 1C, F4, 73, 5A, 81, 66, 89, 14, 24, C6, 04, 24, E1, C6, 04, 24, 82, 8D, 64, 24, 1C, E9, 14, 63, 00, 00, E9, 4F, EE, FE, FF, F9, 85, D2, 60, 9C, E9, 47, DA, FE, FF, 09, C0, E8, 47, 04, 00, 00, FF, 34, 24, FF, 30, 8F, 44, 24, 04, 60, 9C, 68, B7, 28, C8, C1, FF, 74, 24, 2C, C2, 30, 00, 17, 9C, 68, B0, D7, 7F, 35, 55, E8, 22, 28, 00, 00, FD, 81, FE, 71, 1D, 9A, 90, E9, 95, DC, FF, FF, 03, 93, EA, 1C, 1F, A6, 93, 61, 5B, 10... 
[+]

Code size:

35 KB (35,840 bytes)

The file direct3d.dll has been seen being distributed by the following URL.

http://dc731.4shared.com/download/.../Direct3D.dll?tsid=20160325-194634-f582cf53&sbsr=d4ec0e440bf9d342412ea9de3084c9f196c&lgfp=2000

Remove direct3d.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.