home

HKCMD.EXE

Intel Common User Interface

Intel Corporation

The hkcmd Module is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides hotkey support. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘HotKeysCmds’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
hkcmd Module

Version:
8.15.10.2828

MD5:
40ef0fc12ba0744c2b3e718951f39503

SHA-1:
8c147ae634189118d45925092ac184e017a33f34

SHA-256:
e3016e8801da37e6e4a55ffcdafab38b128ad9ee3761a764e24abe7f0eeaf956

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:02:53 PM UTC  (today)

File size:
176.3 KB (180,544 bytes)

Product version:
8.15.10.2828

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
HKCMD.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\hkcmd.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
VeriSign, Inc.

Valid from:
3/8/2011 2:00:00 AM

Valid to:
4/23/2014 1:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
10021A27D28312885C613AA498580F6F

File PE Metadata
Compilation timestamp:
7/31/2012 11:13:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:FS3r94k4y1SjC+gtNOF5kRsWHgE9UWD6xQkw+t/QURX:kRaH3M066xW+eUZ

Entry address:
0x1190F

Entry point:
E8, A6, 71, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, E8, 51, 42, 00, E8, 1F, F6, FF, FF, 6A, 0E, E8, 03, 3A, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 58, BD, 42, 00, BA, 54, BD, 42, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, F3, F2, FF, FF, 59, FF, 76, 04, E8, EA, F2, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 0E, F6, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, CE, 38, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 8B...
 
[+]

Entropy:
6.4288

Code size:
124.5 KB (127,488 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
HotKeysCmds

Command:
C:\Windows\System32\hkcmd.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.