DNSService.exe

DnsService

CSIS Security Group A/S

It runs as a separate (within the context of its own process) windows Service named “Heimdal Secure DNS Service”.
Publisher:
Microsoft  (signed by CSIS Security Group A/S)

Product:
DnsService

Version:
1.9.42.606

MD5:
ce546bf3a7d637ae7d699f09ad8f48ef

SHA-1:
c884693aa6d81a7cce648bcea1022d6cfe07e43d

SHA-256:
ea3ea12b3c05afff9c760445845a888e6ab973c6a997ddb5e17485204eaba186

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 5:39:38 PM UTC  (today)

File size:
526.7 KB (539,296 bytes)

Product version:
1.9.42.606

Copyright:
Copyright © Microsoft 2011

Original file name:
DNSService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\heimdal\heimdalsecuredns\dnsservice.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/9/2013 3:59:02 PM

Valid to:
4/10/2015 3:59:02 PM

Subject:
CN=CSIS Security Group A/S, OU=Operations, O=CSIS Security Group A/S, L=Copenhagen K, S=Copenhagen, C=DK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112117733A725AC5CF64748BE84EB14D0F05

File PE Metadata
Compilation timestamp:
5/28/2014 11:14:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:whyToeXG9GUvEAyX20yNu2iFfUw/fXCkuByuFO16G9GUvEAyX20yNu2iFfUw/fX5:wMoeX02flUmxMN4602flUmxMN

Entry address:
0x8342E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.5417

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
517.5 KB (529,920 bytes)

Service
Display name:
Heimdal Secure DNS Service

Service name:
HeimdalSecureDNS

Type:
Win32OwnProcess

Depends on:
tcpip


Scan DNSService.exe - Powered by Reason Core Security