The SDXHelper.exe (Microsoft Office SDX Helper) File Analysis

Updated 7 months ago

Checked by Malaware Check

SDXHelper.exe

Technical Analysis

File Name	SDXHelper.exe
File Type	PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version	1.0.194.174
Database Version	2024-10-27 18:00:27 UTC

✓

Clean File

No threats detected by our scanner

0%

Detection Rate

157,576

File Size (bytes)

2024-10-27

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	2c171f9e72e2de7f58e88c336b5b6d69
SHA1	cbfd09335a868223bf07d9f13511d3c21bdb1558
SHA256	387092704ce4b7d61a96a7e52b4261dba3a4ad29532cb1864a6fb6b4dfe915a3
SHA512	3e245ad9b80d7409da8e97a354ca099aceb19a4b7218995375660ec51077988612bdcd27235a5407490fa6bdfcaef92cc51d3970072bf0bd998fe0569295c70b
ImpHash	7d182624d26c4e7b5bad24c548a57a2e

PE Analysis

Basic Information

▼

Image Base	`0x140000000`
Entry Point	`0x140013ab0`
Compilation Time	2023-05-03 00:27:13
Checksum	0x0002e5c0 (Actual: 0x0002e5c0)
OS Version	6.1
PEiD Signatures	`PE32+ executable (GUI) x86-64, for MS Windows`
PDB Path	`D:\dbs\el\ma3\Target\x64\ship\postc2r\x-none\sdxhelper.pdblper.pdb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000`
Digital Signature	OK
Imports	12 libraries
Exports	0 functions
Resources	2 Resources
Sections	8 Sections

Version Information

▼

CompanyName	Microsoft Corporation
FileDescription	Microsoft Office SDX Helper
FileVersion	16.0.16327.20264
InternalName	SDXHELPER
LegalTrademarks1	Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2	Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename	SDXHELPER.EXE
ProductName	Microsoft Office
ProductVersion	16.0.16327.20264
Translation	0x0000 0x04e4

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	84,299 bytes	84,480 bytes	6.26 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`E240217D5A6CFF6FFE68109BD9CCA23D`
`.rdata`	`0x00016000`	34,814 bytes	34,816 bytes	4.47 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`F05ADA14055F0951E6E69B0D8CD64DEA`
`.data`	`0x0001f000`	8,768 bytes	6,656 bytes	4.05 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`E6CF00C2779DF7002D532DA4FED18092`
`.pdata`	`0x00022000`	4,656 bytes	5,120 bytes	4.67 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`5E748DC67F2B3334AF814D5900557785`
`.didat`	`0x00024000`	1,120 bytes	1,536 bytes	2.63 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`D0173E493C92238BD8E0A1246789DF98`
`.c2r`	`0x00025000`	316 bytes	512 bytes	2.11 (Normal)	`IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`191FB9F219321213BB690821240E6832`
`.rsrc`	`0x00026000`	1,824 bytes	2,048 bytes	4.72 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`30BFB686D94F50E066233258CEAC5E73`
`.reloc`	`0x00027000`	1,512 bytes	1,536 bytes	5.29 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`D59462D01999CF7334D22117F5489B42`

Resource Analysis

▼

Total Resources: 2 (1,662 bytes)

Resource Type	Count	Total Size	Percentage
RT_VERSION	1	1,052 bytes	63.3%
RT_MANIFEST	1	610 bytes	36.7%

Certificate Chain Analysis

▼

Certificate Information

Product	Microsoft Office
Description	Microsoft Office SDX Helper
File Version	16.0.16327.20264
Original Name	SDXHELPER.EXE
Signing Date	12:27 PM 05/04/2023 (766 days ago)
Verification Status	Signed
Signers	Microsoft Corporation; Microsoft Code Signing PCA 2010; Microsoft Root Certificate Authority 2010
Counter Signers	Microsoft Time-Stamp Service; Microsoft Time-Stamp PCA 2010; Microsoft Root Certificate Authority 2010
Internal Name	SDXHELPER

Certificate Chain Summary

Microsoft Corporation #1 Primary

Validity Period: 2023-02-16 20:11:09 → 2024-01-31 20:11:09

Signature Algorithm: sha256RSA

Serial Number: 33 00 00 04 FE 59 CA B7 E6 2A A5 22 C1 00 00 00 00 04 FE

Microsoft Code Signing PCA 2010 #2 Chain

Validity Period: 2010-07-06 20:40:17 → 2025-07-06 20:50:17

Signature Algorithm: sha256RSA

Serial Number: 61 0C 52 4C 00 00 00 00 00 03

Microsoft Time-Stamp Service #3 Chain

Validity Period: 2022-11-04 19:01:40 → 2024-02-02 19:01:40

Signature Algorithm: sha256RSA

Serial Number: 33 00 00 01 CA 4F C2 B3 ED 03 0D 18 6C 00 01 00 00 01 CA

Microsoft Time-Stamp PCA 2010 #4 Chain

Validity Period: 2021-09-30 18:22:25 → 2030-09-30 18:32:25

Signature Algorithm: sha256RSA

Serial Number: 33 00 00 00 15 C5 E7 6B 9E 02 9B 49 99 00 00 00 00 00 15

Microsoft Corporation #5 Chain

Validity Period: 2023-02-16 20:10:05 → 2024-01-31 20:10:05

Signature Algorithm: sha256RSA

Serial Number: 33 00 00 03 3C 2B 0A 49 D9 D2 91 7E AC 00 00 00 00 03 3C

Microsoft Code Signing PCA 2011 #6 Chain

Validity Period: 2011-07-08 20:59:09 → 2026-07-08 21:09:09

Signature Algorithm: sha256RSA

Serial Number: 61 0E 90 D2 00 00 00 00 00 03

✓ This file has been digitally signed and the certificate chain has been verified

The signature ensures file integrity and authenticity from the publisher
Timestamping proves when the signature was applied

Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now

Gridinsoft Anti-Malware