sppsvc.exe

  • File Path: C:\Windows\system32\sppsvc.exe
  • Description: Microsoft Software Protection Platform Service

Hashes

Type Hash
MD5 BE2DA701099AA7A3DF6FBC9F82B398BF
SHA1 197A90BB02B1766848CE70FEF3AA7C7F2970A0DB
SHA256 925F864865AE0F552356DA34008E77B231DA3E525314FFBDBC62E8955CA091EA
SHA384 D933327C5410C36AA31FAB1757DD7ACF9DAA135CA220C93A7C679C0C29C83893494A888C967DFE3EE42FF30B1F1B7AEE
SHA512 C056777EB1503881B98A015DFC4803C06D7340CAC089A19DCC4878975B3DF13664AF8E2DD07487A3955D2A5CABA420D2EC3A718A78BE3BA473A78C726132811F
SSDEEP 98304:wqZqizznD4vJIxGUiKXDwmaZn8qExjolSsDhwQF5:wqDzznD4ROiKXDwmk8qEulScn5
IMP 865C812E4E3E6E8C398A0757574C8DA3
PESHA1 AB6977696A47B5F8AC7C73F6D565E38A63B521F2
PE256 2DA0957216FC6DFC9E2BCBF1E51030C1D7F085F4206810CCA364A2C31E0BEFBC

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: sppsvc.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/925f864865ae0f552356da34008e77b231da3e525314ffbdbc62e8955ca091ea/detection

Possible Misuse

The following table contains possible examples of sppsvc.exe being misused. While sppsvc.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .sppsvc.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.