Jump to content


  • Content Count

  • Joined

  • Last visited

About _____

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. _____

    TCPSVCS.EXE -  Trojan.PasswordStealer

    8B3380241C9C4B6D6460217A678AB178 TCPSVCS.EXE MD5 F02449938E0E2197152ECB1AF8AA158AE50214DC TCPSVCS.EXE SHA1 081DC131643A56706574B620388332AAA4D368EE48A147C15B173FEC27B1E732 TCPSVCS.EXE SHA256 https://www.virustotal.com/en/file/081dc131643a56706574b620388332aaa4d368ee48a147c15b173fec27b1e732/analysis/1538990878/ or (two different crc's) https://www.virustotal.com/en/file/63a56dcf9e9a717411d3b98519114987875171f9d3d76400f886751c0cd4d182/analysis/1538991149/ but then I found this... https://www.hybrid-analysis.com/sample/081dc131643a56706574b620388332aaa4d368ee48a147c15b173fec27b1e732/5bbb29f97ca3e16a18749a63 Also it appears to make connection to: TCP traffic to on port 80 is sent without HTTP headerTCP traffic to on port 80 is sent without HTTP headerTCP traffic to on port 80 is sent without HTTP header Was just about to FORMAT entire PC until I saw this thread... Glad its just a false positive! Very scary stuff! tcpsvcs-info.txt

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.