| File Name | PDX.dll |
| File Type |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
| Scanner Version | 1.0.210.174 |
| Database Version | 2025-03-16 22:01:11 UTC |
Malware family: Heuristic
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
84a5a271cd05fc5aef0fb1e66f1a42e7
|
|
| SHA1 |
959bb5e7bc3d68323dd1d30f46ad014bd7f03d7c
|
|
| SHA256 |
ef4f24922ebbfe18a348fd18fac7601df5af028e36f5800b0d445c16f451a300
|
|
| SHA512 |
9d781b5dee7e936980f8303207677d43c89f5ef822393dfe01542704fafdbe7729bcc0c48abcf11b293b0e67259ebbf2b194924e63b9761cb3028560bbc5ecf4
|
|
| ImpHash |
fc7124d57387852c0a6a634e9130bf57
|
| Image Base | 0x13000000 |
| Entry Point | 0x13001334 |
| Compilation Time | 2020-07-18 13:47:30 |
| Checksum | 0x00000000 (Actual: 0x0017c55c) |
| OS Version | 6.0 |
| PEiD Signatures |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports |
1 libraries
KERNEL32 |
| Exports | 1 functions |
| Resources | 1 Resources |
| Sections | 10 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
3,128 bytes | 3,584 bytes | 5.36 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
46E37126C3417DDB359CF3571A53AFED |
.rdata |
0x00002000 |
2,644 bytes | 3,072 bytes | 4.59 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C99DE37632060A12CA17514B43962F30 |
.data |
0x00003000 |
208 bytes | 512 bytes | 0.45 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
3E54B380C18E9FB1C3756C3724029E08 |
.pdata |
0x00004000 |
372 bytes | 512 bytes | 6.12 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
3ACD70D3616A89FB277A77F7D37AC0DA |
.pdx0 |
0x00005000 |
248 bytes | 512 bytes | 4.30 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
962DE12293E39F2F447D7C32CCC8009D |
.data2 |
0x00006000 |
94,208 bytes | 94,208 bytes | 1.76 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
A269AC63AEC6D26C2CD71FD1CACD3DFE |
.pdx |
0x0001d000 |
208,896 bytes | 208,896 bytes | 0.78 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
DB6B82C9EB5C2915EF90525CAF5FC46A |
.pdx1 |
0x00050000 |
1,227,956 bytes | 1,228,288 bytes | 7.10 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
4B7A2A6F08142E31D7A6A8E96E51FDF6 |
.reloc |
0x0017c000 |
180 bytes | 512 bytes | 1.66 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
A5182DBD3AEE7C99127F7EC47F719853 |
.rsrc |
0x0017d000 |
233 bytes | 512 bytes | 2.53 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
147CC9380E51A723EA6FA466C8081E87 |
1 section(s) with elevated entropy (≥6.5) - possible compression
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_MANIFEST | 1 | 145 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Trojan.Heur!.030120A2 without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
