| File Name | agent.exe |
| File Type |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
| Scanner Version | 1.0.216.174 |
| Database Version | 2025-05-05 12:00:15 UTC |
No threats detected by our scanner
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
22d2292c5f2de47ccb4cecdb168c15d0
|
|
| SHA1 |
da394cae0a414f04643fc04ddc485a31cb90c635
|
|
| SHA256 |
21435f942a25b7078ef735a8eeed03b88b4193a5caca1014d14ac4c62fa78103
|
|
| SHA512 |
3bd5fcfff1ad4b89d3ec5b851e1945369b90ca7a2f76b3889ea7dd813f7d0739dc88cccf03de8a20ad93bd8b9707d7f759e803db766964f3aebe018dba681da0
|
|
| ImpHash |
c7269d59926fa4252270f407e4dab043
|
| Icon |
Hash: 52c2f3767d70538605fce168703a453d
Fuzzy: 1dfc45e3fd6f6144c5888ecce04a0982 dHash: b6c9cb64eaac1582 |
| Image Base | 0x00400000 |
| Entry Point | 0x004660c0 |
| Compilation Time | 1970-01-01 00:00:00 |
| Checksum | 0x00000000 (Actual: 0x00f193be) |
| OS Version | 6.1 |
| PEiD Signatures |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
| Digital Signature | No valid SignedData structure was found. |
| Imports |
1 libraries
kernel32 |
| Exports | 0 functions |
| Resources | 8 Resources |
| Sections | 14 Sections |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
4,956,316 bytes | 4,956,672 bytes | 6.10 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
176665C043EBD664FC14E6AB90ADA2BE |
.rdata |
0x004bc000 |
5,461,904 bytes | 5,462,016 bytes | 5.22 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
C4E913F593B39512A595921EF0BE98A0 |
.data |
0x009f2000 |
878,920 bytes | 468,992 bytes | 6.14 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
EB7F570B3197ED0DC7083399C24F4F3A |
/4 |
0x00ac9000 |
281 bytes | 512 bytes | 4.83 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
28A3E9C96B9BB43E6541A26C8F68899B |
/19 |
0x00aca000 |
743,372 bytes | 743,424 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
88E48B28E2E662B984EF27DE18EBE395 |
/32 |
0x00b80000 |
178,705 bytes | 179,200 bytes | 7.94 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
410D8E16F96C54FA795FB911C0B5235C |
/46 |
0x00bac000 |
42 bytes | 512 bytes | 0.74 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
56D08C10AA9E5C0C3680F67F8992B3D4 |
/65 |
0x00bad000 |
1,419,290 bytes | 1,419,776 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
9211283F14E06E9BE50815BC11358C55 |
/78 |
0x00d08000 |
942,822 bytes | 943,104 bytes | 8.00 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
F2473BE100A4A6DDD3770B354F6A850C |
/90 |
0x00def000 |
244,308 bytes | 244,736 bytes | 7.81 (Packed/Encrypted) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ|IMAGE_SCN_ALIGN_1BYTES
|
DDCC32BE8E7BD70EA365DEF794A661EE |
.idata |
0x00e2b000 |
1,164 bytes | 1,536 bytes | 3.61 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
06CF000A0EACC7689E901EA89117DE52 |
.reloc |
0x00e2c000 |
242,358 bytes | 242,688 bytes | 5.46 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
B097ADE81DB0E428E30EC479C9FC6048 |
.symtab |
0x00e68000 |
1,028,190 bytes | 1,028,608 bytes | 5.50 (Normal) |
IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
ED2D5A04451943A74594AF241EA7E31E |
.rsrc |
0x00f64000 |
110,522 bytes | 110,592 bytes | 4.35 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
711F4BFED5D43A455479299688F7653E |
5 section(s) with high entropy (≥7.5) detected - possible packing/encryption
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 6 | 109,086 bytes | |
| RT_GROUP_ICON | 1 | 90 bytes | |
| RT_MANIFEST | 1 | 874 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
No valid SignedData structure was found.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:
Download Anti-MalwareThis file appears clean, but regular security maintenance is important
