There are many ways to transport a file (in your case probably an executable) over TCP. This makes it really hard to provide you with a step by step procedure.
- You could do a follow TCP stream and save the content (in RAW format), if it is a clean transfer like when transferred by FTP
- You could do an export object if the exe was transferred over SMB/SMB2 or HTTP?
- You can carve out the precise data bytes from a stream if you know where the exe starts and ends?
If you are able to share the file, we could perhaps help you better :-)
