home

svcprs32.exe

PureSight Technologies Ltd

It runs as a separate (within the context of its own process) windows Service named “WinSock Svchost Manager”.
Publisher:
PureSight Technologies Ltd  (signed and verified)

Description:
svcprs32.exe

Version:
2017,0,18

MD5:
4197af62c916f20b1794e6ebc4cbcbd3

SHA-1:
5ff7dee740f271ae6877676dd7fb8a0fbd7b1ae2

SHA-256:
b41d9fd4823dc184806fcea9cab2b05c717af27729dbc6918d2ea9830dd1281a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:33:06 PM UTC  (today)

File size:
3.1 MB (3,269,136 bytes)

Product version:
2017,0,18

Copyright:
Copyright © 2011

Original file name:
svcprs32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\svcprs32.exe

Digital Signature
Signed by:
PureSight Technologies Ltd

Authority:
Symantec Corporation

Valid from:
1/4/2017 5:30:00 AM

Valid to:
2/4/2018 5:29:59 AM

Subject:
CN=PureSight Technologies Ltd, O=PureSight Technologies Ltd, L=Kfar Saba, S=Israel, C=IL

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
063DE44B40B4591AC9CD3DDAD870F802

File PE Metadata
Compilation timestamp:
1/16/2017 4:43:30 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x15C6F6

Entry point:
E8, A5, 0B, 00, 00, E9, 4E, FE, FF, FF, 55, 8B, EC, 5D, E9, 2E, F1, FF, FF, E9, 00, 00, 00, 00, 6A, 10, 68, 90, 37, 6D, 00, E8, C6, 06, 00, 00, 33, DB, 89, 5D, E0, 88, 5D, E7, 89, 5D, FC, 3B, 5D, 10, 74, 1A, 8B, 4D, 14, E8, F5, 05, 00, 00, 8B, 4D, 08, FF, 55, 14, 8B, 45, 0C, 01, 45, 08, 43, 89, 5D, E0, EB, E1, B0, 01, 88, 45, E7, C7, 45, FC, FE, FF, FF, FF, E8, 0E, 00, 00, 00, E8, CC, 06, 00, 00, C2, 14, 00, 8B, 5D, E0, 8A, 45, E7, 84, C0, 75, 0F, FF, 75, 18, 53, FF, 75, 0C, FF, 75, 08, E8, 54, F0, FF, FF...
 
[+]

Entropy:
6.5748

Packer / compiler:
PEQuake V0.06

Code size:
2.4 MB (2,567,680 bytes)

Service
Display name:
WinSock Svchost Manager

Service name:
WinSvchostManager

Type:
Win32OwnProcess

Depends on:
RPCSS


Scan svcprs32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.