File name:

DirectX Repair.exe

Full analysis: https://app.any.run/tasks/fca07b70-5981-464a-bd59-561b60a2e98b
Verdict: Malicious activity
Analysis date: November 10, 2023, 19:40:19
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5:

554D12FAA10E3B00EDCA22BAE9EDACF3

SHA1:

206A3B9BADDD47C77E2F9616ADFB9E579AAF9CF0

SHA256:

4D0050504AB9E911DE2698A6BA22CB50F4988B7543415285FBB24BEC761E6501

SSDEEP:

24576:IY1E0HjVHgof0J9DZZNZbi2ifTjmwv51sQzNQ/M58ojxDQwiEjdNwdBT:IY1E0DVHgof0J9DZZNZbRifTjmwv51sr

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Creates a writable file the system directory

      • DirectX Repair.exe (PID: 3508)

    • Drops the executable file immediately after the start

      • DirectX Repair.exe (PID: 3508)

  • SUSPICIOUS

    • Searches for installed software

      • DirectX Repair.exe (PID: 3508)

    • Reads the Internet Settings

      • DirectX Repair.exe (PID: 3508)

    • Process drops legitimate windows executable

      • extrac32.exe (PID: 3852)
      • DirectX Repair.exe (PID: 3508)
      • extrac32.exe (PID: 3860)
      • extrac32.exe (PID: 3880)
      • extrac32.exe (PID: 3836)
      • extrac32.exe (PID: 3952)
      • extrac32.exe (PID: 3900)
      • extrac32.exe (PID: 3988)
      • extrac32.exe (PID: 3736)
      • extrac32.exe (PID: 3764)
      • extrac32.exe (PID: 3992)
      • extrac32.exe (PID: 4012)
      • extrac32.exe (PID: 4000)
      • extrac32.exe (PID: 3968)
      • extrac32.exe (PID: 3964)
      • extrac32.exe (PID: 4076)
      • extrac32.exe (PID: 3956)
      • extrac32.exe (PID: 2064)
      • extrac32.exe (PID: 4052)
      • extrac32.exe (PID: 4084)
      • extrac32.exe (PID: 3532)
      • extrac32.exe (PID: 3792)
      • extrac32.exe (PID: 3028)
      • extrac32.exe (PID: 4028)
      • extrac32.exe (PID: 3708)
      • extrac32.exe (PID: 2068)
      • extrac32.exe (PID: 3648)
      • extrac32.exe (PID: 3760)
      • extrac32.exe (PID: 2116)
      • extrac32.exe (PID: 3672)
      • extrac32.exe (PID: 3808)
      • extrac32.exe (PID: 1436)
      • extrac32.exe (PID: 3820)
      • extrac32.exe (PID: 300)
      • extrac32.exe (PID: 2060)
      • extrac32.exe (PID: 1628)
      • extrac32.exe (PID: 1752)
      • extrac32.exe (PID: 1608)
      • extrac32.exe (PID: 1508)
      • extrac32.exe (PID: 1808)

    • Reads settings of System Certificates

      • DirectX Repair.exe (PID: 3508)

  • INFO

    • Checks supported languages

      • DirectX Repair.exe (PID: 3508)
      • wmpnscfg.exe (PID: 3776)

    • Reads the computer name

      • DirectX Repair.exe (PID: 3508)
      • wmpnscfg.exe (PID: 3776)

    • Reads the machine GUID from the registry

      • DirectX Repair.exe (PID: 3508)
      • wmpnscfg.exe (PID: 3776)

    • Create files in a temporary directory

      • DirectX Repair.exe (PID: 3508)
      • extrac32.exe (PID: 3852)
      • extrac32.exe (PID: 3860)
      • extrac32.exe (PID: 3836)
      • extrac32.exe (PID: 3900)
      • extrac32.exe (PID: 3952)
      • extrac32.exe (PID: 3988)
      • extrac32.exe (PID: 3736)
      • extrac32.exe (PID: 3764)
      • extrac32.exe (PID: 3992)
      • extrac32.exe (PID: 4000)
      • extrac32.exe (PID: 4012)
      • extrac32.exe (PID: 3968)
      • extrac32.exe (PID: 3964)
      • extrac32.exe (PID: 3956)
      • extrac32.exe (PID: 4076)
      • extrac32.exe (PID: 3880)
      • extrac32.exe (PID: 4084)
      • extrac32.exe (PID: 3532)
      • extrac32.exe (PID: 2064)
      • extrac32.exe (PID: 3792)
      • extrac32.exe (PID: 3028)
      • extrac32.exe (PID: 4028)
      • extrac32.exe (PID: 3708)
      • extrac32.exe (PID: 3760)
      • extrac32.exe (PID: 2068)
      • extrac32.exe (PID: 3648)
      • extrac32.exe (PID: 2116)
      • extrac32.exe (PID: 3672)
      • extrac32.exe (PID: 300)
      • extrac32.exe (PID: 3808)
      • extrac32.exe (PID: 2060)
      • extrac32.exe (PID: 3820)
      • extrac32.exe (PID: 1436)
      • extrac32.exe (PID: 1628)
      • extrac32.exe (PID: 1752)
      • extrac32.exe (PID: 1808)
      • extrac32.exe (PID: 1508)
      • extrac32.exe (PID: 4052)
      • extrac32.exe (PID: 1608)

    • Drops the executable file immediately after the start

      • extrac32.exe (PID: 3852)
      • extrac32.exe (PID: 3880)
      • extrac32.exe (PID: 3860)
      • extrac32.exe (PID: 3836)
      • extrac32.exe (PID: 3952)
      • extrac32.exe (PID: 3988)
      • extrac32.exe (PID: 3900)
      • extrac32.exe (PID: 3736)
      • extrac32.exe (PID: 3764)
      • extrac32.exe (PID: 3992)
      • extrac32.exe (PID: 4012)
      • extrac32.exe (PID: 3968)
      • extrac32.exe (PID: 4000)
      • extrac32.exe (PID: 3964)
      • extrac32.exe (PID: 4076)
      • extrac32.exe (PID: 3956)
      • extrac32.exe (PID: 2064)
      • extrac32.exe (PID: 4084)
      • extrac32.exe (PID: 4052)
      • extrac32.exe (PID: 3532)
      • extrac32.exe (PID: 3028)
      • extrac32.exe (PID: 3708)
      • extrac32.exe (PID: 4028)
      • extrac32.exe (PID: 2068)
      • extrac32.exe (PID: 3760)
      • extrac32.exe (PID: 2116)
      • extrac32.exe (PID: 3672)
      • extrac32.exe (PID: 3648)
      • extrac32.exe (PID: 3808)
      • extrac32.exe (PID: 3820)
      • extrac32.exe (PID: 300)
      • extrac32.exe (PID: 2060)
      • extrac32.exe (PID: 1436)
      • extrac32.exe (PID: 1628)
      • extrac32.exe (PID: 1752)
      • extrac32.exe (PID: 1608)
      • extrac32.exe (PID: 1508)
      • extrac32.exe (PID: 3792)
      • extrac32.exe (PID: 1808)

    • Reads Environment values

      • DirectX Repair.exe (PID: 3508)

    • Manual execution by a user

      • wmpnscfg.exe (PID: 3776)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Generic CIL Executable (.NET, Mono, etc.) (56.7)
.exe | Win64 Executable (generic) (21.3)
.scr | Windows screen saver (10.1)
.dll | Win32 Dynamic Link Library (generic) (5)
.exe | Win32 Executable (generic) (3.4)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2021:07:29 12:57:02+02:00
ImageFileCharacteristics: Executable, 32-bit
PEType: PE32
LinkerVersion: 8
CodeSize: 1059840
InitializedDataSize: 4608
UninitializedDataSize: -
EntryPoint: 0x104b3e
OSVersion: 4
ImageVersion: -
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 4.1.0.30770
ProductVersionNumber: 4.1.0.30770
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: Application
CompanyName: zhangyue667@263.net
FileDescription: DirectX Repair
FileVersion: 4.1.0.30770
InternalName: DirectX Repair.exe
LegalCopyright: Copyright © 2005-2021
OriginalFileName: DirectX Repair.exe
ProductName: DirectX Repair
ProductVersion: 4.1.0.30770
AssemblyVersion: 4.1.0.30770
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
79
Monitored processes
42
Malicious processes
1
Suspicious processes
10

Behavior graph

Click at the process to see the details
start directx repair.exe extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs wmpnscfg.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs extrac32.exe no specs directx repair.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
300extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx9_42.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1436extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx10.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1508extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\X3DAudio1_0.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1608extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx11_43.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1628extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx10_42.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1752extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx10_43.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
1808extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx11_42.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
2060extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx9_43.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
2064extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx9_27.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
2068extrac32.exe /Y "C:\Users\admin\AppData\Local\Temp\Data\A\d3dx9_35.dll_x86.cab" "*.dll" /l "C:\Users\admin\AppData\Local\Temp\Data\AC:\Windows\System32\extrac32.exeDirectX Repair.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft® CAB File Extract Utility
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\extrac32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll
Total events
3 667
Read events
3 652
Write events
12
Delete events
3

Modification events

(PID) Process:(3508) DirectX Repair.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\17A\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3776) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{07067484-F217-44C6-8C67-5C20B1DF0B51}\{8251FC95-1AD2-4A40-BCF6-1B6ECEC161EB}
Operation:delete keyName:(default)
Value:
(PID) Process:(3776) wmpnscfg.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\{07067484-F217-44C6-8C67-5C20B1DF0B51}
Operation:delete keyName:(default)
Value:
(PID) Process:(3776) wmpnscfg.exeKey:HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Health\{CFE2D308-A91E-4F1E-BC2F-F94549021680}
Operation:delete keyName:(default)
Value:
Executable files
97
Suspicious files
40
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
3880extrac32.exeC:\Users\admin\AppData\Local\Temp\Data\A\d3dcompiler_34.dllexecutable
MD5:75F206C195BBACA6EF28565B1C0CD75C
SHA256:5044A5810FD931339933A8D0C56115A5A5C27D8C0D8E348977E2724A032ACCF0
3508DirectX Repair.exeC:\Users\admin\AppData\Local\Temp\Data\A\d3dcompiler_34.dll_x86.cabcompressed
MD5:19383CBADA5DF3662303271CC9882314
SHA256:8EC971C91040618338AC2369188F3E5D7C85A5B1E3B9FC8E752DD845D295CDBA
3508DirectX Repair.exeC:\Windows\system32\d3dcompiler_33.dllexecutable
MD5:FAE7E1D578C42A7C3D9D61A99D178BD5
SHA256:12E238AF4B4EDC1F774213709A87A91B77B2C9D2D18FE475B027872923B6FA17
3508DirectX Repair.exeC:\Users\admin\AppData\Local\Temp\Data\A\d3dcompiler_36.dll_x86.cabcompressed
MD5:3D9A0C59156D03DA0F19C2440E695637
SHA256:BDF7FB01C02783A4F8C9F5E7911F5CAE3E2A7CBC425B90B36F9EA6EEF2C27DE3
3880extrac32.exeC:\Users\admin\AppData\Local\Temp\Data\A\d3dx10_34.dllexecutable
MD5:5AA9987F2E62B56D7661B6901901F927
SHA256:330E120D745E1132252DF81800362A7AE0B61A9060AFC800165BA8A1D55D3FB3
3508DirectX Repair.exeC:\Windows\system32\d3dcompiler_34.dllexecutable
MD5:75F206C195BBACA6EF28565B1C0CD75C
SHA256:5044A5810FD931339933A8D0C56115A5A5C27D8C0D8E348977E2724A032ACCF0
3508DirectX Repair.exeC:\Users\admin\AppData\Local\Temp\Data\A\d3dcompiler_33.dll_x86.cabcompressed
MD5:F784B8A0FD84C8AC3F218A9842D8DA56
SHA256:949068035CE57BBB3658217EC04F8DE7A122C6E7857B6F8B0CA002EB573DF553
3508DirectX Repair.exeC:\Windows\system32\d3dcompiler_37.dllexecutable
MD5:EA752DBCE35045D3C830DC16578CC8AB
SHA256:715876D15B590936E4D32602A764D810650EEC134922B32EEA742E2FA71791C1
3900extrac32.exeC:\Users\admin\AppData\Local\Temp\Data\A\D3DCompiler_37.dllexecutable
MD5:EA752DBCE35045D3C830DC16578CC8AB
SHA256:715876D15B590936E4D32602A764D810650EEC134922B32EEA742E2FA71791C1
3508DirectX Repair.exeC:\Windows\system32\d3dcompiler_35.dllexecutable
MD5:5B441670A4F5F8BCCE76741902B8AF56
SHA256:5A866CDF74F981E783624DAFB0E72F133AD9F9B293856D7A18C7558FA357BEB1
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
38
TCP/UDP connections
7
DNS requests
2
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/APR2007_d3dx10_33_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/JUN2007_d3dx10_34_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Nov2007_d3dx10_36_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/JUN2008_d3dx10_38_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Aug2008_d3dx10_39_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Nov2008_d3dx10_40_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Jun2010_D3DCompiler_43_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Feb2005_d3dx9_24_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Apr2005_d3dx9_25_x86.cab
unknown
unknown
3508
DirectX Repair.exe
GET
302
104.122.27.233:80
http://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/Aug2005_d3dx9_27_x86.cab
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2588
svchost.exe
239.255.255.250:1900
whitelisted
4
System
192.168.100.255:137
whitelisted
868
svchost.exe
95.101.148.135:80
Akamai International B.V.
NL
unknown
4
System
192.168.100.255:138
whitelisted
868
svchost.exe
184.30.24.134:80
armmf.adobe.com
AKAMAI-AS
DE
unknown
3508
DirectX Repair.exe
104.122.27.233:80
download.microsoft.com
AKAMAI-AS
DE
unknown
3508
DirectX Repair.exe
104.122.27.233:443
download.microsoft.com
AKAMAI-AS
DE
unknown

DNS requests

Domain
IP
Reputation
armmf.adobe.com
  • 184.30.24.134
whitelisted
download.microsoft.com
  • 104.122.27.233
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
DirectX Repair.exe