PtSessionAgent.exe

Trend Micro Platinum

Trend Micro, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Platinum’.
Publisher:
Trend Micro Inc.  (signed by Trend Micro, Inc.)

Product:
Trend Micro Platinum

Description:
Platinum user session agent

Version:
2.1.0.1190

MD5:
7beef2804625be481133c475f57dae9b

SHA-1:
25d71c4cabd366fc1ec3dba44df99b0e47e00d97

SHA-256:
795524582b9943b3c2b8092009d15d15a4f08dc41bd1085ca29d93c4a4d16abe

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:40:05 PM UTC  (today)

File size:
1.3 MB (1,403,976 bytes)

Product version:
2.1

Copyright:
Copyright (C) 2008 - 2015 Trend Micro Incorporated. All rights reserved.

Trademarks:
Copyright (C) Trend Micro Inc.

Original file name:
PtSessionAgent.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\nttw\security\sec\plugin\pt\ptsessionagent.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/20/2015 9:00:00 AM

Valid to:
5/22/2016 8:59:59 AM

Subject:
CN="Trend Micro, Inc.", O="Trend Micro, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1519396EE230F02CAD1FCFDB077A35F0

File PE Metadata
Compilation timestamp:
4/24/2015 8:08:42 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x727B0

Entry point:
48, 83, EC, 28, E8, C7, 05, 00, 00, 48, 83, C4, 28, E9, F6, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 49, F8, 03, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 09, 02, 00, 00, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 8B, F2, 48, 8B, D9, F6, C2, 02, 74, 2B, 48, 8D, 79, F8, 4C, 8D, 0D, D0, 06, 00, 00, BA, 18, 00, 00, 00, 44, 8B, 07, E8, 6F, 03, 00...
 
[+]

Entropy:
6.2346

Code size:
515 KB (527,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Platinum

Command:
"C:\Program Files\nttw\security\sec\plugin\pt\ptsessionagent.exe" -startup


Scan PtSessionAgent.exe - Powered by Reason Core Security