home

svcproxy.exe

SVCProxy.exe

KURUPIRA.NET

It runs as a separate (within the context of its own process) windows Service named “KNet”.
Publisher:
KURUPIRA.NET  (signed and verified)

Product:
SVCProxy.exe

Version:
2.3.3.3

MD5:
1c2c7c3e8f81e4364e0bc228e742e026

SHA-1:
ae3bf9a2b21899eab99b3e88e3699d2774a7215a

SHA-256:
fbb663ac8320d556f1264c3b6cba13bdc74ad72a3507250ba848473c6ce7ab04

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:58:36 AM UTC  (today)

File size:
4.3 MB (4,517,560 bytes)

Product version:
2.3.3.3

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\windows\svcproxy\svcproxy.exe

Digital Signature
Signed by:
KURUPIRA.NET

Authority:
COMODO CA Limited

Valid from:
5/21/2012 9:00:00 PM

Valid to:
5/22/2015 8:59:59 PM

Subject:
CN=KURUPIRA.NET, O=KURUPIRA.NET, STREET="R. CRISTIANO OTONI, 275, SL 113", L=PEDRO LEOPOLDO, S=MG, PostalCode=33600-000, C=BR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
05F4AEE4F7D8C03989A29984E7DA6B83

File PE Metadata
Compilation timestamp:
3/3/2015 12:35:04 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:CEa1IL2UcGQeZqtcH5NGMUR1womeID1IL0pSt+ranDQTmnp/NknXQ3v:CEa1ILJXQeXNG/R17+D1IL0AZNknXa

Entry address:
0x1C180C

Entry point:
E8, 85, 53, 01, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, FF, 55, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 0C, 6A, 0A, 6A, 00, FF, 75, 08, E8, 11, 56, 01, 00, 83, C4, 10, 5D, C3, 8B, FF, 55, 8B, EC, 5D, E9, C6, FF, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, D1, FF, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, FF, 58, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 0C, 6A, 0A, 6A, 00, FF, 75, 08, E8, 11, 59, 01, 00, 83, C4, 10, 5D, C3, 8B, FF...
 
[+]

Code size:
3.5 MB (3,640,320 bytes)

Service
Display name:
KNet

Description:
KNet Proxy

Type:
Win32OwnProcess

Depends on:
RPCSS


Scan svcproxy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.