TCPSVCS.EXE

  • File Path: C:\Windows\SysWOW64\TCPSVCS.EXE
  • Description: TCP/IP Services Application

Hashes

Type Hash
MD5 988751D8FF4CD39B5438A1C01D15C691
SHA1 A78D89378494E62FEE5484488E3AE5D72F8D8157
SHA256 9BE29E8E2C17B8E840772D7271AE98D229FA12E7BDD32D8D952F12C1BE9ABB38
SHA384 AFF7DEDEDFAF7DFFA46ED0E6EFF59D9311A53ABE266A4ED53C87795345FE1B07B8E0422DF281089F35CF9E69F09D13DC
SHA512 0FB19DEB626B8F71C5938CC241D17B3E93829A7714554488ABAAC1D363DA1A5BD29177F0820A736BF7996FD70A3B5AAAAEB363FAA8CABF7C39901E9475BB4250
SSDEEP 192:OVF0o+wdXP6XxpT3+tkbrpc1XIJsp1tGK0WN/W:OVF0oDV6XxtSkvXJspF0WN/W

Signature

  • Status: Signature verified.
  • Serial: 33000001733031072665B8B9B3000000000173
  • Thumbprint: 14590DC5C3AAF238FCFD7785B4B93F4071402C34
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TCPSVCS.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of TCPSVCS.EXE being misused. While TCPSVCS.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base thor-hacktools.yar $s2 = “tcpsvcs.exe” fullword wide CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.