agent.exe

AgentDynamicSetup

Atera Networks LTD

This is a setup and installation application. The file has been seen being downloaded from guidion.it.
Publisher:
Atera Networks LTD  (signed and verified)

Product:
AgentDynamicSetup

Version:
2.7.0.0

MD5:
493d72f240926766b9d29552f8e58db8

SHA-1:
3d44746c82ca6f7eeaf947b65661c0c24cc7738f

SHA-256:
1fc7463652c25f56a6ee07e9c25d8152333d2601ff403e63ff94a84692edb028

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:49:34 PM UTC  (today)

File size:
248.5 KB (254,464 bytes)

Product version:
2.7.0.0

Copyright:
Copyright © 2013

Original file name:
AgentDynamicSetup.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\agent.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
1/8/2013 1:00:00 AM

Valid to:
1/9/2015 12:59:59 AM

Subject:
CN=Atera Networks LTD, O=Atera Networks LTD, L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7C09F610B0E5593D5FFA517B042314D7

File PE Metadata
Compilation timestamp:
6/2/2013 6:20:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:3rFD1082pgjYg5jYPg6B0uWeNeoynESCqRufxoVsRxh81:RD10HpgjV5jKB4WJ

Entry address:
0x3ACAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
227.5 KB (232,960 bytes)

The file agent.exe has been seen being distributed by the following URL.

Scan agent.exe - Powered by Reason Core Security