× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8bcfe4f27e4a13a03bb3873e6ec6c18826ffcd375806494ac01e195ae52bbae3
File name: 8bcfe4f27e4a13a03bb3873e6ec6c18826ffcd375806494ac01e195ae52bbae3.dll
Detection ratio: 0 / 65
Analysis date: 2017-08-15 21:07:33 UTC ( 3 days, 4 hours ago )
Antivirus Result Update
Ad-Aware 20170815
AegisLab 20170815
AhnLab-V3 20170815
Alibaba 20170815
ALYac 20170815
Antiy-AVL 20170815
Arcabit 20170815
Avast 20170815
AVG 20170815
Avira (no cloud) 20170815
AVware 20170815
Baidu 20170815
BitDefender 20170815
Bkav 20170815
CAT-QuickHeal 20170814
ClamAV 20170815
CMC 20170815
Comodo 20170815
CrowdStrike Falcon (ML) 20170804
Cylance 20170815
Cyren 20170815
DrWeb 20170815
Emsisoft 20170815
Endgame 20170721
ESET-NOD32 20170815
F-Prot 20170815
F-Secure 20170815
Fortinet 20170815
GData 20170815
Ikarus 20170815
Sophos ML 20170607
Jiangmin 20170815
K7AntiVirus 20170814
K7GW 20170815
Kaspersky 20170815
Kingsoft 20170815
Malwarebytes 20170815
MAX 20170815
McAfee 20170815
McAfee-GW-Edition 20170815
Microsoft 20170815
eScan 20170815
NANO-Antivirus 20170815
nProtect 20170815
Palo Alto Networks (Known Signatures) 20170815
Panda 20170815
Qihoo-360 20170815
Rising 20170815
SentinelOne (Static ML) 20170806
Sophos AV 20170815
SUPERAntiSpyware 20170815
Symantec 20170815
Symantec Mobile Insight 20170815
Tencent 20170815
TheHacker 20170814
TotalDefense 20170815
TrendMicro 20170815
TrendMicro-HouseCall 20170815
Trustlook 20170815
VBA32 20170814
VIPRE 20170815
ViRobot 20170815
Webroot 20170815
WhiteArmor 20170815
Yandex 20170815
Zillya 20170815
ZoneAlarm by Check Point 20170815
Zoner 20170814
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
©

Product SSME - Skyrim Startup Memory Editor
Original name d3dx9_42.dll
Internal name d3dx9_42
File version 1.8.0.0
Description SSME - Skyrim Startup Memory Editor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-26 21:35:45
Entry Point 0x00001000
Number of sections 5
PE sections
PE imports
SetFilePointer
GetModuleHandleA
lstrcatA
GetPrivateProfileIntA
VirtualProtect
WriteFile
CloseHandle
SetEndOfFile
CreateFileA
GetModuleFileNameA
DisableThreadLibraryCalls
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.8.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
19456

EntryPoint
0x1000

OriginalFileName
d3dx9_42.dll

MIMEType
application/octet-stream

FileVersion
1.8.0.0

TimeStamp
2014:01:26 22:35:45+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
d3dx9_42

ProductVersion
1.8.0.0

FileDescription
SSME - Skyrim Startup Memory Editor

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Author: William Hedrick

CodeSize
1536

ProductName
SSME - Skyrim Startup Memory Editor

ProductVersionNumber
1.8.0.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 effd4d8d4be1e23149674d9f63729cb4
SHA1 cf57353300f08ecf33d263f69301e0a55c6ec222
SHA256 8bcfe4f27e4a13a03bb3873e6ec6c18826ffcd375806494ac01e195ae52bbae3
ssdeep
384:wVnlDcGSlm2RLbJTxv+83mAbnVZa1sYp5ddQ3Oc+sjec/i2RNyX2OqibjA5BaLHP:VGgm2lbJTxv+83mAb6OOc+sjec/i2RNm

authentihash 6f9e4a83df14d8a3625d8230e0558017bb345b0154668d51d16bdcf795a4cc3f
imphash b03339a0bef68743124b6f6bc3f46898
File size 21.0 KB ( 21504 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
pedll

VirusTotal metadata
First submission 2014-01-26 21:46:46 UTC ( 3 years, 6 months ago )
Last submission 2017-08-15 21:07:33 UTC ( 3 days, 4 hours ago )
File names d3dx9_42.dll
d3dx9_42
file-6524697_dll
d3dx9_42.dll
d3dx9_42.dll
d3dx9_42.dll
d3dx9_42.dll
d3dx9_42.dll
cf57353300f08ecf33d263f69301e0a55c6ec222
d3dx9.dll
d3dx9_42.dll
8bcfe4f27e4a13a03bb3873e6ec6c18826ffcd375806494ac01e195ae52bbae3.dll
d3dx9_42.dll
d3dx9_42.dll
d3dx9_42.dll
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!