home

svcinit.exe

CounterTack

It runs as a separate (within the context of its own process) windows Service named “Windows Service Control Manager”.
Publisher:
CounterTack  (signed and verified)

MD5:
9f1c98d039d734e3b1c40954cf2325d5

SHA-1:
11f9c3d2c29eb52858c068a01dfd6067d501783c

SHA-256:
8e86df4fde77d6c8fb6506754fa58a093aa3b409cebdcfbc4bf3275cc32049b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 11:37:45 AM UTC  (today)

File size:
314 KB (321,536 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Windows\System32\svcinit.exe

Digital Signature
Signed by:
CounterTack

Authority:
CounterTack

Valid from:
2/12/2013 10:35:54 AM

Valid to:
2/12/2014 10:35:54 AM

Subject:
CN=nginx.test.countertack.com, OU=Engineering, O=CounterTack, L=Santa Monica, S=CA, C=US

Issuer:
CN=nginx.test.countertack.com, OU=Engineering, O=CounterTack, L=Santa Monica, S=CA, C=US

Serial number:
008C7AE2EE51E3C907

File PE Metadata
Compilation timestamp:
3/26/2014 3:09:25 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
6144:ACwJnieThHj/hj0JN7DcRo7TanMmsdGbX9QjPfUrL:m8cqTa/SjPfg

Entry address:
0x7324

Entry point:
48, 83, EC, 28, E8, 53, 66, 00, 00, 48, 83, C4, 28, E9, 7A, FE, FF, FF, CC, CC, 48, 89, 54, 24, 10, 4C, 89, 44, 24, 18, 4C, 89, 4C, 24, 20, 55, 53, 57, 48, 8B, EC, 48, 83, EC, 50, 48, 83, 65, D0, 00, 48, 8B, FA, 33, D2, 48, 8B, D9, 48, 8D, 4D, D8, 44, 8D, 42, 28, E8, 65, EE, FF, FF, 48, 85, FF, 75, 15, E8, 1B, 26, 00, 00, C7, 00, 16, 00, 00, 00, E8, BC, 14, 00, 00, 83, C8, FF, EB, 4B, 48, 85, DB, 74, E6, 4C, 8D, 4D, 30, 48, 8D, 4D, D0, 45, 33, C0, 48, 8B, D7, C7, 45, D8, FF, FF, FF, 7F, C7, 45, E8, 42, 00...
 
[+]

Entropy:
6.1059

Code size:
160.5 KB (164,352 bytes)

Service
Display name:
Windows Service Control Manager

Service name:
scminisvc

Description:
Monitors status of services on the system.

Type:
Win32OwnProcess

Group:
CT


Scan svcinit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.