TCPSVCS.EXE

  • File Path: C:\WINDOWS\system32\TCPSVCS.EXE
  • Description: TCP/IP Services Application

Hashes

Type Hash
MD5 714484B40811964803281237F6F231E4
SHA1 F4EB3CF979954E0F3CB43D910437E36DFB690D25
SHA256 7DE09594B8A36CD9D56E33DF9F24A73D92F7B26122C30E4A4AF1D42B4F0E8494
SHA384 43E66C874D12D3E437263E8FB23624C840EBE3B6B1AB21AECF4F14B20A21855EFDE7584F1543E9883C463E6568956EA9
SHA512 FE30E2BAD2E320FF598C02F64446332622FE4C8CB8C2843F49D1C36E0362240D004FB091AF8B78CB7BEB375D08AAA3C686561BA8B935EFB94FC1FC54B6BC0757
SSDEEP 384:CgNmZirJmlS+asl0ogP94q9e6//BGEWD/W:CrGJS6106//BI

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.1 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.