home

tsvc.sys

Tibbo Technology

It runs as a Windows kernel mode device driver named “Tibbo Service Kernel-mode Satellite”.
Publisher:
Tibbo Technology  (signed and verified)

MD5:
7682bedb1586b92a944d4303ca2c7852

SHA-1:
08d9b4c26939d43c9b219afafdb87d80185cdd5a

SHA-256:
10117d826a0745ed195eec6848b8afa48bd5c41212dda30fdaa91f9728c968bd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:02:35 PM UTC  (today)

File size:
62.4 KB (63,888 bytes)

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\tsvc.sys

Digital Signature
Signed by:
Tibbo Technology

Authority:
Symantec Corporation

Valid from:
10/14/2015 3:00:00 AM

Valid to:
10/14/2017 2:59:59 AM

Subject:
CN=Tibbo Technology, O=Tibbo Technology, L=Hsi-Chih, S=New Taipei City, C=TW

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
18E506B884B79DDB71B36F9FA9363701

File PE Metadata
Compilation timestamp:
7/18/2016 4:54:21 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:fbk6wg7e/EoQ5z0lfk4Sw1EkwESNlGyhb:zko7SEoQ5glfPSw1EkwESNlVl

Entry address:
0xF03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 3A, 21, FF, FF, CC, CC, 9C, F0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A6, F2, 00, 00, 10, D0, 00, 00, 8C, F0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F8, F4, 00, 00, 00, D0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, F4, 00, 00, BC, F4, 00, 00, E4, F4, 00, 00, 00, 00, 00, 00, AC, F1, 00, 00, B6, F1, 00, 00, CC, F1, 00, 00, E2, F1, 00, 00, F4, F1, 00, 00, 0C, F2, 00, 00, 24, F2, 00, 00, 3C, F2, 00, 00, 4C, F2...
 
[+]

Entropy:
6.4687

Code size:
49.5 KB (50,688 bytes)

Driver
Display name:
Tibbo Service Kernel-mode Satellite

Service name:
tsvckrnl

Type:
Kernel device driver (KernelDriver)


Scan tsvc.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.