MD5 Hash: 3f4fe39dc82c4a5de6e4e72d7ee4e7aa
SHA256 Hash: 7f8973a0b47e545f644c46281b8f1412e95ceae4c122c6e9a5a7c3e46a979ac5
File size: 87128 bytes (85 KB.)
Last analysis: 22 Dec, 2019 00:12:39

Analysis MD5: 3f4fe39dc82c4a5de6e4e72d7ee4e7aa

Analysis of the file classifies it as a class A (Safe). The file is safe to use. The trust index of this analysis is 62 % (moderate).We would like to receive a copy of this file for further analysis..



SDXHelper.exe is part of Microsoft Office developed by Microsoft Corporation.

Filename: SDXHelper.exe (Microsoft Office)
Threat analysis: Safe
Analysis trust:
Recent activity:
First seen: 14 Oct, 2018
Last seen: 14 Oct, 2018
Last analysis: 22 Dec, 2019
Possible infection: Clean

SDXHelper.exe Microsoft Office

Application: Microsoft Office
Developer: Microsoft Corporation
File version: 16.0.10827.20138
File size: 87128 bytes (85 KB.)
Recent activity:
Historic activity:
MD5 hash: 3f4fe39dc82c4a5de6e4e72d7ee4e7aa
SHA1 hash: c3bbf4f541ded25255b4df87afe38439f03de211
SHA256 hash: 7f8973a0b47e545f644c46281b8f1412e95ceae4c122c6e9a5a7c3e46a979ac5

File entropy

File entropy match: File code

This file contains (executable) code.

File signature

Executable file

An executable file causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful.

The determination of a file type is done with a signature or magic-numbers. Files are identified using by comparing the first set of bytes in the file header. Using this method type of files are recognised no matter the extension used. This information is useful to for example recognise executable files cloaked as images or movies.


Fuzzy hash a.k.a. Context Triggered Piecewise Hashing


Context Triggered Piecewise Hashing, also called Fuzzy Hashing, can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length. Comparing a fuzzyhash is a good way to detect morphing malware. Malware which include random code in every copy to change its properties. Agics uses ssdeep to make create a fuzzyhash.

SSDEEP: 1536:bZ/foNpUUfa158O88G/IfUfL31VSm5Td4Ru+a1DQUGSKOfPSsBO:bZipUUfa1irhQCQm5Tdd+a1DQTCSJ

No match found


Online virus scanners

Detection ration:

0 %

Not available on is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code. Presence of the sample on this site indicates that the file is (Once considered) being malicious.

National Software Reference Library

Not on the nsrl list

The NSRL contains a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts.


Statistic analysis

Statistic analysis of the file

Deviates from other files with the same name (imitation)
File is not known for a long time
The certificate can not be determined
This is a very common file
Normal code

Neural network analysis

Analysis: Low risk

A neural network is a type of artificial intelligence. It recognized patterns nog clear for a human viewer. Our neural network is surprisingly accurate in recognizing dangerous files. The value below is the predicted chance the file is malicious.

10%10 %


User feedback

Read feedback on this file from other users. Help other users by providing feedback yourself.

You can earn reputation points !

You are currently not logged in. Login, or Create an account

Feedback users:

There has been no user feedback provided yet.
You are not logged in. Only registered users can provide feedback. Login and help other users.

Login Create an account