dns.exe

Domain Name System (DNS) Server

Microsoft Corporation

It runs as a separate (within the context of its own process) windows Service named “DNS Server”.
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Domain Name System (DNS) Server

 
Part of the Windows Operating System

Version:
6.3.9600.17019 (winblue_gdr.140205-2003)

MD5:
8b3f700843fe4a3c0de55709690543b9

SHA-1:
cfa383e3d4c3b981f85e1bc600a3ec3f28767239

SHA-256:
c746fe638d6eb488f911fa1c2661fe5a3a75545b811a828cf15ed6f752b28775

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/6/2016 11:20:27 AM UTC  (today)

File size:
1.5 MB (1,597,440 bytes)

Product version:
6.3.9600.17019

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
dns.exe.mui

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\dns.exe

File PE Metadata
Compilation timestamp:
4/29/2014 12:28:09 AM

OS version:
6.3

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
49152:K76kwix5SOZHDaxgZ/lljceCa4ZzupYKskBE01:pixAOZHDagZ/laeH4ZzLfe

Entry address:
0x13F480

Entry point:
48, 83, EC, 28, E8, AB, 06, 00, 00, 48, 83, C4, 28, E9, 3A, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, A1, DB, 00, 00, 75, 10, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 01, C3, 48, C1, C9, 10, E9, 42, 00, 00, 00, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 33, C9, FF, 15, AB, 02, 05, 00, 48, 8B, CB, FF, 15, AA, 02, 05, 00, FF, 15, F4, 03, 05, 00, BA, 09, 04, 00, C0, 48, 8B, C8, 48, 83, C4, 20...
 
[+]

Code size:
1.3 MB (1,356,800 bytes)

Service
Display name:
DNS Server

Service name:
DNS

Description:
Enables DNS clients to resolve DNS names by answering DNS queries and dynamic DNS update requests. If this service is stopped, DNS updates will not occur. If this service is disabled, any services tha

Type:
Win32OwnProcess

Depends on:
Tcpip Afd RpcSs NTDS