• File Path: C:\windows\system32\TCPSVCS.EXE
  • Description: TCP/IP Services Application


Type Hash
MD5 606D8C7BDF86378F0E1C19B1AA479543
SHA1 2A067E766FCC2A577366DBB69453CEFC447E59F0
SHA256 C87812C59CD5B639C5EC64CC00EE1D1BD9310F95F5F939A8531F9FBF952305A9
SHA384 438131067106D7A33B351D0EABBBB05904D0206A53B8B882C14114E7184B01E8F7CB2A7D1602736077E4F59572EE3059
SHA512 D5C9D7AD862FCC38E43B8C8BE25C0349745A4EC9BB711CE685739BCA945A80F6C83F0CD28D434292FB3C216AFCC0FD9CEF08438DC563F163162DB3B8349AD2FC
SSDEEP 192:DBl0o+qi/KHpcPtPR13Aaprp5UU/sVdt6qwDRNeAOfS4XSUJOp1iwEWQ/W:Vl0oDi/oQPzAq5JvqKeBfRJOpNEWQ/W


  • Status: The file C:\windows\system32\TCPSVCS.EXE is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.17415 (winblue_r4.141028-1500)
  • Product Version: 6.3.9600.17415
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.