home

trafsvc.exe

Trafsvc service

SOFT, OOO

It runs as a separate (within the context of its own process) windows Service named “TMeter 15.0.794”.
Publisher:
Trafficreg Software  (signed by SOFT, OOO)

Product:
Trafsvc service

Version:
15.0.794.0

MD5:
9bc95f1c4f7c5c849c1792bcf86ccc05

SHA-1:
dc91f4b0d6b1e7ef63b83db85648faa92986eebb

SHA-256:
719ef7bbeae43fa6230714b2932df37b8def6e5e3dfdcc373d1783d4fdf28b63

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:13:30 AM UTC  (today)

File size:
823 KB (842,768 bytes)

Product version:
15.0.794.0

Copyright:
Copyright (C) 2015 Trafficreg Software

Original file name:
TrafSvc2.exe

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\Program Files\tmeter\trafsvc.exe

Digital Signature
Signed by:
SOFT, OOO

Authority:
COMODO CA Limited

Valid from:
3/24/2015 4:30:00 AM

Valid to:
3/24/2016 4:29:59 AM

Subject:
CN="SOFT, OOO", O="SOFT, OOO", STREET=98 prospekt Im V.I.Lenina, L=Volgograd, S=Volgograd region, PostalCode=400078, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CA9587D742301E2B34CFF67326ECF6F2

File PE Metadata
Compilation timestamp:
5/29/2015 12:23:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
12288:SwzD09AJnoRbYNX1qmUg/vhIqKZPyKI7aMoglF0LLb8d8rC15B1VwOfem8MXmIGF:JUAJoRbk1qmD/OdBdD3BrCumHmu0

Entry address:
0x1000

Entry point:
68, 01, 40, 5F, 00, E8, 01, 00, 00, 00, C3, C3, AE, 44, 9E, 51, 2B, ED, 9A, 37, 04, 91, 9C, C5, 81, A6, 37, FC, C1, AE, 26, 3B, F1, 61, 96, A0, B0, 7F, 77, 7C, 18, 05, 59, 26, 96, 85, 7D, 1D, 30, 46, 87, 23, 40, A7, CB, D5, 3D, 19, E3, D9, E3, 75, 3C, 01, 77, 62, 54, DF, ED, A7, D1, 9D, 37, 99, E2, 5F, 7F, 50, D6, 71, 9B, BA, 75, 6A, B7, F0, 22, 10, 55, 58, C8, FE, 05, 81, 45, 1E, E0, 9A, 9A, 77, F0, 09, 0E, 2A, 85, 10, B5, AF, F9, 1F, 9C, EB, 9C, 22, E1, 86, 7D, 3F, 83, 5F, 89, B6, 80, FD, 78, C8, B2, AB...
 
[+]

Entropy:
7.9863

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1.5 MB (1,589,248 bytes)

Service
Display name:
TMeter 15.0.794

Service name:
TrafSvc

Description:
Counts IP traffic and creates reports of IP traffic usage.

Type:
Win32OwnProcess


Scan trafsvc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.