TCPSVCS.EXE

  • File Path: C:\Windows\system32\TCPSVCS.EXE
  • Description: TCP/IP Services Application

Hashes

Type Hash
MD5 5351CC2CB27678FCC6EAE550269D5D3A
SHA1 08A0A5A21244BB16DF14DD9D7FF99A190A4C59D2
SHA256 03C299DB96AD76879007BAE4D248292E15E574A03FD080A868EC289E07A0D917
SHA384 FA54C32C939CCFECB1610D30686A629225B867E0EEA6F7860F7985686428F4E1D7D45C9B8082C7B9F4F6997770047A30
SHA512 E2941FD9DF6D77BD8984127D4603506E8651FEBA86CB0149E6FAD1E742FEE97F4BE9A1272EFE4F2E7E4FDD8B157E14139C4E9E6BA0B07B22E75807015AA27060
SSDEEP 192:p8NmZjr2lgz/hpYOtNFdk7l0o+KMlH2GjbUXodXL6//1SIwUW5/W:p8NmZiwJmOB+7l0oBv4QXE6//8UW5/W
IMP 5FB43D31195A81197A7053C4A202BCED
PESHA1 D38040B9563A42BF5D151F5E6D0742A630BFBA94
PE256 349524AC3A75E4CDECBB8D893D97353B6AE66FE33336B9C5909D9EC025AA0FCD

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.17763.1 (WinBuild.160101.0800)
  • Product Version: 10.0.17763.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/03c299db96ad76879007bae4d248292e15e574a03fd080a868ec289e07a0d917/detection/

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.