HKCMD.EXE

Intel Common User Interface

Intel Corporation

The hkcmd Module is part of Intel's Common User Interface for chipsets with integrated graphics controllers and provides hotkey support. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘HotKeysCmds’.
Publisher:
Intel Corporation  (signed and verified)

Product:
Intel(R) Common User Interface

Description:
hkcmd Module

Version:
8.15.10.2430

MD5:
d7109b63b6116d5f26287bc655f56e67

SHA-1:
f176725e0df2e37c57090f73a2649eedbda7cdf2

SHA-256:
bec9119333a9ac9643dfdb87843af2ebbda843d4882792ac89a2e8484e8267bd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/4/2016 11:25:05 AM UTC  (today)

File size:
383.3 KB (392,472 bytes)

Product version:
8.15.10.2430

Copyright:
Copyright 1999-2006, Intel Corporation

Original file name:
HKCMD.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\hkcmd.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/8/2011 1:00:00 AM

Valid to:
4/23/2014 1:59:59 AM

Subject:
CN=Intel Corporation, OU=ISWQL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Intel Corporation, L=Folsom, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
10021A27D28312885C613AA498580F6F

File PE Metadata
Compilation timestamp:
6/27/2011 3:24:11 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:4OaKO57Y3yQxzWXyzUcCfSPzzIJiCXy9lCfY:1aKO57Y3dSXyz3zVXx

Entry address:
0x21090

Entry point:
48, 83, EC, 28, E8, 37, DD, 00, 00, E8, 12, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 81, EC, C8, 00, 00, 00, C7, 84, 24, A4, 00, 00, 00, 00, 00, 00, 00, 48, 8D, 4C, 24, 20, FF, 15, FB, 31, 02, 00, EB, 0A, B8, FF, 00, 00, 00, E9, 6B, 01, 00, 00, E8, A2, 01, 00, 00, 89, 84, 24, A0, 00, 00, 00, B9, 01, 00, 00, 00, E8, A1, CD, 00, 00, 85, C0, 75, 0A, B9, 1C, 00, 00, 00, E8, 53, 01, 00, 00, E8, 8E, 70, 00, 00, 85, C0, 75, 0A, B9, 10, 00, 00, 00, E8, 40, 01, 00, 00...
 
[+]

Code size:
266.5 KB (272,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
HotKeysCmds

Command:
C:\Windows\System32\hkcmd.exe