Jump to content

_____

Members
  • Content Count

    3
  • Joined

  • Last visited

Posts posted by _____


  1. 8B3380241C9C4B6D6460217A678AB178 TCPSVCS.EXE MD5
    F02449938E0E2197152ECB1AF8AA158AE50214DC TCPSVCS.EXE SHA1
    081DC131643A56706574B620388332AAA4D368EE48A147C15B173FEC27B1E732 TCPSVCS.EXE SHA256

    https://www.virustotal.com/en/file/081dc131643a56706574b620388332aaa4d368ee48a147c15b173fec27b1e732/analysis/1538990878/

    or (two different crc's)

    https://www.virustotal.com/en/file/63a56dcf9e9a717411d3b98519114987875171f9d3d76400f886751c0cd4d182/analysis/1538991149/

    but then I found this...

    https://www.hybrid-analysis.com/sample/081dc131643a56706574b620388332aaa4d368ee48a147c15b173fec27b1e732/5bbb29f97ca3e16a18749a63

    Also it appears to make connection to:

    TCP traffic to 67.135.105.137 on port 80 is sent without HTTP header
    TCP traffic to 205.185.216.10 on port 80 is sent without HTTP header
    TCP traffic to 173.222.40.209 on port 80 is sent without HTTP header

    Was just about to FORMAT entire PC until I saw this thread...

    Glad its just a false positive! Very scary stuff!

     

    tcpsvcs-info.txt

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.