home

svcprs32.exe

PureSight Technologies Ltd

It runs as a separate (within the context of its own process) windows Service named “WinSock Svchost Manager”.
Publisher:
PureSight Technologies Ltd  (signed and verified)

Description:
svcprs32.exe

Version:
2012,0,5101

MD5:
093de8f38290b56c035d8fe4fd274cee

SHA-1:
ec714f3dfe4178811d55fb27dc8b084c013f7af0

SHA-256:
030171c26c9efaa6a7684555466756f5dac1685ab949c83537a1c4c9ee1fd0bb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:50:30 AM UTC  (today)

File size:
2.6 MB (2,777,104 bytes)

Product version:
2012,0,5101

Copyright:
Copyright © 2011

Original file name:
svcprs32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\svcprs32.exe

Digital Signature
Signed by:
PureSight Technologies Ltd

Authority:
Thawte, Inc.

Valid from:
1/31/2011 7:00:00 PM

Valid to:
3/4/2012 6:59:59 PM

Subject:
CN=PureSight Technologies Ltd, OU=SECURE APPLICATION DEVELOPMENT, O=PureSight Technologies Ltd, L=Kfar Saba, S=Kfar Saba, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
314CF9ADD0BFAEDC8F6FAD421CEEB3C1

File PE Metadata
Compilation timestamp:
12/5/2011 10:46:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:jix+IeydKqxtVecGjec8soVVVV3OngK3zwdbtMNk:j4muhsAVV3OngK32bP

Entry address:
0x1326C0

Entry point:
E8, EA, 06, 01, 00, E9, 16, FE, FF, FF, FF, 35, 14, 59, 6A, 00, E8, 09, D5, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, 0C, CE, 00, 00, 6A, 01, 6A, 00, E8, 46, AD, 00, 00, 83, C4, 0C, E9, 4B, AC, 00, 00, 56, FF, 35, 14, 59, 6A, 00, E8, DE, D4, 00, 00, FF, 74, 24, 0C, 8B, F0, E8, 5C, D4, 00, 00, 59, 59, A3, 14, 59, 6A, 00, 8B, C6, 5E, C3, FF, 35, 14, 59, 6A, 00, E8, BD, D4, 00, 00, 59, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A...
 
[+]

Entropy:
6.4190

Code size:
2.1 MB (2,236,416 bytes)

Service
Display name:
WinSock Svchost Manager

Service name:
WinSvchostManager

Type:
Win32OwnProcess

Depends on:
RPCSS


Scan svcprs32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.