TCPSVCS.EXE

  • File Path: C:\Windows\system32\TCPSVCS.EXE
  • Description: TCP/IP Services Application

Hashes

Type Hash
MD5 1FC74417E6ED1E3BF3EB2C2671DE4A07
SHA1 9AB4A1E48A501437AD0C7FCE1DD8CC1B57AA9E01
SHA256 6595F4051262B20690D2E28B052515542F273FBD686C23E187365DFE8C94FE6C
SHA384 086E8D953AA90A446CCF5F8CD6F0204465DCF44E1E8FBF845D919D562CA5A10754D0CEF72B849B724CF27CD788C12B29
SHA512 360A0FF103CC3C98535650A45DE146AB7C92AE0DCFD807A0010E3708DFBF4A045481A10750051E227AEA770491F480114149E6D5EE648F373B45DFA97E2AF4CF
SSDEEP 192:HKhqP5gU/DWlaG2grEl0o+H7kgDBDGFb/ooGXIJsp1XAw8WN/W:HKhwH7tG34l0ow9Zy7vJsp78WN/W

Signature

  • Status: Signature verified.
  • Serial: 33000001733031072665B8B9B3000000000173
  • Thumbprint: 14590DC5C3AAF238FCFD7785B4B93F4071402C34
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.