TCPSVCS.EXE

  • File Path: C:\WINDOWS\SysWOW64\TCPSVCS.EXE
  • Description: TCP/IP Services Application

Hashes

Type Hash
MD5 8734D9D66C1EC67332CCA130C5A393F6
SHA1 3B72D633F45720AE54F82289F59C3288E4B86CE4
SHA256 FD592588C00212EE22F2AD980D8AE1C4B8833045290D6FDD9C7A68140346358C
SHA384 F549511A121B9143F1BBE0FBA8BB4848429C676775073C0CC7B5A804846C3B837EE149A8629047B79F693B4FAB4452C0
SHA512 EBFE56CE3665295799CEA0EF5B93C1E6E2E82F63BF2630136681D93E6FB691FBA1CE425499F6289B427EB8CAA1A778F8126DA116FE1C370C3EC828B5ABF9E8A1
SSDEEP 192:sI7v0F0o+AFfQB3byNWt2b54rCXL6//1vKsWD/Wcyf:sQMF0o75QB3byc294S6//QsWD/Wcy

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.1 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\TCPSVCS.EXE 63
C:\WINDOWS\SysWOW64\TCPSVCS.EXE 43

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.