» pidgenx.dll
Overview
Analysis
File Details
Downloads (6)

pidgenx.dll

Microsoft Office

Microsoft Corporation

File name:

pidgenx.dll

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Office

Description:

Office Pid Generation

Version:

14.0.0370.400 (longhorn(wmbla).090811-1826)

MD5:

51c64839a4f552a0809225d06dbe7af8

SHA-1:

1f18d40e1a574053db4b52841a24ea4948b9587f

SHA-256:

48b8b32b9ffe3734207205bdf0adb4c75a2110d9cb48370bcb88f6e46d28075c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

12/26/2024 3:49:16 PM UTC (today)

File size:

1.4 MB (1,463,568 bytes)

Product version:

14.0.0370.400

Original file name:

pidgenx.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\excel.ww\pidgenx.dll

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

7/13/2009 6:00:18 PM

Valid to:

10/13/2010 6:10:18 PM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

6105F71E000000000032

File PE Metadata

Compilation timestamp:

8/11/2009 8:53:42 PM

OS version:

6.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:BQQhr9ikZk4SnuzLeyYQ6yMqUT5EcC3OR9qrF88uSFYYyzT8WrvO+snD:BQGBij66yT/kqrF88u6YJzevD

Entry address:

0xA0E28

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 8B, FA, 49, 8B, D8, 48, 8B, F1, 83, FA, 01, 75, 12, E8, 8F, 90, FB, FF, 85, C0, 79, 09, E8, F2, F7, 05, 00, 33, C0, EB, 1E, 48, 8B, 05, 33, E4, FB, FF, 48, 8B, CE, 4C, 8B, C3, 8B, D7, FF, D0, 85, FF, 8B, D8, 75, 05, E8, D2, F7, 05, 00, 8B, C3, 48, 8B, 74, 24, 38, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, C3, F3, 0F, 6F, 02, 33, C0, F3, 0F, 7F, 41, 28, C3, 33, C0, 48, 3B, D0, 75, 06, B8, 57, 00, 07, 80, C3, F3, 0F, 6F, 41, 28, F3, 0F, 7F, 02, C3, 90... 
[+]

Entropy:

6.8693

Code size:

1.2 MB (1,254,400 bytes)

The file pidgenx.dll has been seen being distributed by the following 6 URLs.

https://mega.nz/temporary/.../n98kzLoY

ftp://192.168.2.250/YEDEK PROGRAMLAR/OFFICE2010/OFFICE 2010 Professional Plus VL (64 BIT)/.../PidGenX.dll

ftp://dl.sbu.ac.ir/Programs & Tools/OFFICE/Microsoft Office 2010 Professional Plus SP1 64bit/.../PidGenX.dll

ftp://smftp.sundarammutual.com/sbfs/Office 2010 64 Bit/.../PidGenX.dll

ftp://10.1.0.5:30/office 2010/x64 Microsoft Office 2010 Professional/.../PidGenX.dll

https://www.dropbox.com/meta_dl/.../AAO70pfKmwDZaB_FvYtdL8Cjdn44FrdlsteXW2eT6A0A9A?dl=1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.