home

hdhks64.exe

HDGUARD

Dr. Ramcke Datentechnik (GmbH)

It runs as a separate (within the context of its own process) windows Service named “HDhks”.
Publisher:
Ramcke DatenTechnik GmbH | RDT Global  (signed by Dr. Ramcke Datentechnik (GmbH))

Product:
HDGUARD

Description:
HDGUARD Hook Service

Version:
8.1.0.1

MD5:
cae363b2cacc0c7fb3c81e0c8a683f67

SHA-1:
defdd270f27c72bc61572ec94769ecb87f09d260

SHA-256:
997dc3f4908a65ac10f4333f2be598913d1311f1629e802eba432ac44b858708

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:53:40 AM UTC  (today)

File size:
311.7 KB (319,136 bytes)

Product version:
8.1.0.1

Copyright:
©Ramcke DatenTechnik GmbH

Trademarks:
©HDGUARD

Original file name:
HDhks[32|64].exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\rdt global\hdguard\hdhks64.exe

Digital Signature
Signed by:
Dr. Ramcke Datentechnik (GmbH)

Authority:
GlobalSign nv-sa

Valid from:
11/24/2009 9:04:29 PM

Valid to:
11/24/2012 9:04:29 PM

Subject:
E=contact@rdt.de, CN=Dr. Ramcke Datentechnik (GmbH), O=Dr. Ramcke Datentechnik (GmbH), C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012526A2F654

File PE Metadata
Compilation timestamp:
6/24/2010 12:23:12 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
6144:z3eVeIOzdQz9mAtDjBT0nU4tIYXHjwMlEX:z3FaPovE

Entry address:
0x2A7CC

Entry point:
48, 83, EC, 28, E8, 73, 54, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 48, 8B, C1, 0F, B7, 10, 48, 83, C0, 02, 66, 85, D2, 75, F4, 48, 2B, C1, 48, D1, F8, 48, FF, C8, C3, CC, CC, CC, 40, 55, 41, 55, 41, 56, 48, 83, EC, 40, 48, 8D, 6C, 24, 30, 48, 89, 5D, 30, 48, 89, 75, 38, 48, 89, 7D, 40, 4C, 89, 65, 48, 48, 8B, 05, 6E, FB, 01, 00, 48, 33, C5, 48, 89, 45, 00, 45, 33, F6, 4D, 8B, E8, 48, 8B, F2, 48, 8B, D9, 48, 85, C9, 75, 16, E8, E1, 24, 00, 00, BB, 16, 00, 00, 00, 89, 18, E8, 6D, 24, 00, 00, E9...
 
[+]

Entropy:
5.5273

Code size:
204.5 KB (209,408 bytes)

Service
Display name:
HDhks

Description:
HDGUARD control service

Type:
Win32OwnProcess


Scan hdhks64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.