home

hdsrv.exe

HDGUARD

Ramcke DatenTechnik GmbH

It runs as a separate (within the context of its own process) windows Service named “HDStatSrv”.
Publisher:
Ramcke DatenTechnik GmbH | RDT Global  (signed by Ramcke DatenTechnik GmbH)

Product:
HDGUARD

Description:
HDGUARD Service

Version:
1.3.0.31

MD5:
89b8a9ba6a3478522af05b425454af08

SHA-1:
e1d796587eef4dbc1834b646ede5b89f79ccd0f7

SHA-256:
aa81d41ca0d76228d51f8b4dce40154c08956af29b91b850918d9b08e930d2c6

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 10:49:49 AM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Suspicious:W32/Malware!Gemini
11.2016-06-01_4

File size:
453.3 KB (464,144 bytes)

Product version:
6.0

Copyright:
©Ramcke DatenTechnik GmbH

Trademarks:
©HDGUARD

Original file name:
HDSrv

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\rdt global\hdguard\hdsrv.exe

Digital Signature
Signed by:
Ramcke DatenTechnik GmbH

Authority:
GlobalSign nv-sa

Valid from:
12/1/2006 1:03:26 PM

Valid to:
12/1/2009 1:03:26 PM

Subject:
E=contact@rdt.de, CN=Ramcke DatenTechnik GmbH, O=Ramcke DatenTechnik GmbH, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000010F3DE5C872

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:Ylds+xAWxOSg8dSrTDGthA5ojCYcOxUz7kYqt:0u+dxOSgW7WexI7U

Entry address:
0x5DB84

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, DC, D8, 45, 00, E8, 93, 83, FA, FF, A1, 5C, F8, 45, 00, 8B, 00, 8B, 10, FF, 52, 34, 8B, 0D, 3C, FA, 45, 00, A1, 5C, F8, 45, 00, 8B, 00, 8B, 15, D4, CE, 45, 00, 8B, 18, FF, 53, 30, A1, 5C, F8, 45, 00, 8B, 00, 8B, 10, FF, 52, 38, 5B, E8, 4D, 63, FA, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
371 KB (379,904 bytes)

Service
Display name:
HDStatSrv

Service name:
HDStatSrv_Form

Type:
Win32OwnProcess


Scan hdsrv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.