DNSService.exe

DnsService

CSIS Security Group A/S

It runs as a separate (within the context of its own process) windows Service named “Heimdal Secure DNS Service”.
Publisher:
Microsoft  (signed by CSIS Security Group A/S)

Product:
DnsService

Version:
1.7.1.459

MD5:
f80513713e1a749e7391ac9e4b5c9a99

SHA-1:
09c5ec5f73d4ac78990dece971633b78b8c1d6f7

SHA-256:
f1eea2714620eb8ee4ce245e1daa187ba0433f3257b2b56e205590809489b6f1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 3:39:08 PM UTC  (today)

File size:
92.2 KB (94,432 bytes)

Product version:
1.7.1.459

Copyright:
Copyright © Microsoft 2011

Original file name:
DNSService.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\heimdal\heimdalsecuredns\dnsservice.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/9/2013 3:59:02 PM

Valid to:
4/10/2015 3:59:02 PM

Subject:
CN=CSIS Security Group A/S, OU=Operations, O=CSIS Security Group A/S, L=Copenhagen K, S=Copenhagen, C=DK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112117733A725AC5CF64748BE84EB14D0F05

File PE Metadata
Compilation timestamp:
5/6/2013 1:04:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:hectJZymRThEPcz3R8Avnk2qc4nLvbFSNI8BiEqLlk4D+Whbi:8mthCgR8AvJKjFSNqpklZ

Entry address:
0x16A0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
83 KB (84,992 bytes)

Service
Display name:
Heimdal Secure DNS Service

Service name:
HeimdalSecureDNS

Type:
Win32OwnProcess

Depends on:
tcpip


Scan DNSService.exe - Powered by Reason Core Security