» AgentUI.exe
Overview
Analysis
File Details
Behaviors (1)

AgentUI.exe

Sentinel Agent

Sentinel Labs, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Sentinel Agent’.

File name:

AgentUI.exe

Publisher:

SentinelOne, Inc. (signed by Sentinel Labs, Inc.)

Product:

Sentinel Agent

Description:

Sentinel Agent UI

Version:

1.8.4.3524

MD5:

c58f8779b145d49cdc978eea76d89d26

SHA-1:

f3be6cbd2ce4bfbd9c50dd8140a97072b03eaa71

SHA-256:

3bac9fc5655b56e6edd44406e271d058c94dd9e085e97f52e3161d9ba92cc464

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 2:15:51 PM UTC (today)

File size:

1 MB (1,053,696 bytes)

Product version:

1.8.4.3524

SentinelOne, Inc.

Trademarks:

Sentinel Agent is a trademark of SentineOne, Inc.

Original file name:

AgentUI.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\sentinelone\sentinel agent 1.8.4.3524\agentui.exe

Digital Signature

Signed by:

Sentinel Labs, Inc.

Authority:

DigiCert Inc

Valid from:

11/17/2015 5:00:00 PM

Valid to:

11/20/2017 5:00:00 AM

Subject:

CN="Sentinel Labs, Inc.", O="Sentinel Labs, Inc.", L=Mountain View, S=California, C=US, PostalCode=94043, STREET=2513 E. Charleston Rd, STREET=Suite 100, SERIALNUMBER=5278570, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

04F24B02F55DDB0F260C1E4C379F550A

File PE Metadata

Compilation timestamp:

2/8/2017 9:55:51 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

48.0

.NET CLR dependent:

Yes

Entry address:

0xC857A

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.9943

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

793.5 KB (812,544 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Sentinel Agent

Command:

"C:\Program Files\sentinelone\sentinel agent 1.8.4.3524\agentui.exe"

Scan AgentUI.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.