» AgentUI.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

AgentUI.exe

UI

Sentinel Labs, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Sentinel Agent’. This is installed with Sentinel Agent.

File name:

AgentUI.exe

Publisher:

Sentinel Labs, Inc. (signed and verified)

Product:

Version:

1.0.0.0

MD5:

bed4c016ac5af929f6c2c2f921846c57

SHA-1:

d75777f968ca8e8203d1507db20cd54e4f7a0547

SHA-256:

a475d2596c1b976aaf31a1509cfb960a9fd6f1aab3a63d8e59d1418819184c56

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/7/2025 10:07:21 AM UTC (today)

File size:

941.6 KB (964,216 bytes)

Product version:

1.0.0.0

Original file name:

AgentUI.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\sentinelone\sentinel agent 1.5.2420.0\agentui.exe

Digital Signature

Signed by:

Sentinel Labs, Inc.

Authority:

DigiCert Inc

Valid from:

7/4/2015 5:00:00 PM

Valid to:

12/30/2015 4:00:00 AM

Subject:

CN="Sentinel Labs, Inc.", O="Sentinel Labs, Inc.", L=Palo Alto, S=California, C=US, PostalCode=94306, STREET=2500 El Camino Real, SERIALNUMBER=5278570, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

03292AD5BA34EFCC86534C31F725BB85

File PE Metadata

Compilation timestamp:

7/12/2015 5:42:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

24576:QwClHstlZuAcGlCDxtp7hcdFgIFnMtcdFgIFnMT:M7mFg6MiFg6MT

Entry address:

0xB56CE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.0487

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

718 KB (735,232 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Sentinel Agent

Command:

C:\Program Files\sentinelone\sentinel agent 1.5.2420.0\agentui.exe

The file AgentUI.exe has been discovered within the following program.

Sentinel Agent by SentinelOne

www.sentineone.com

About 6% of users remove it

Scan AgentUI.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.