home

ac.activclient.gui.scagent.exe

ActivClient

ActivIdentity

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ac.activclient.gui.scagent.exe’.
Publisher:
ActivIdentity  (signed and verified)

Product:
ActivClient

Description:
ActivClient Agent

Version:
7,0,0,33

MD5:
c033c101b72d5c8dda22b73d67495e6f

SHA-1:
7be0216eade780377d431a8cb3394c5bfe0915f4

SHA-256:
d8a601701a47a55b24b57ef6a6056ce9b2266544613ce61a875056ec1a5157e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:54:45 PM UTC  (today)

File size:
171.9 KB (176,008 bytes)

Product version:
7,0

Copyright:
Copyright © 1998-2011 ActivIdentity (All rights reserved)

Original file name:
acsagent.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\actividentity\activclient\ac.activclient.gui.scagent.exe

Digital Signature
Signed by:
ActivIdentity

Authority:
VeriSign, Inc.

Valid from:
1/27/2011 4:00:00 PM

Valid to:
1/28/2012 3:59:59 PM

Subject:
CN=ActivIdentity, OU=Engineering Code Signing, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ActivIdentity, L=Fremont, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5DDF0032AE561A392770A3EC60661C69

File PE Metadata
Compilation timestamp:
9/23/2011 2:16:07 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:GKAXXvoWdr6G82lnddDqUzWJXbd83rxNOoO4XhuxHd6cGxflMBGSJ+i:GrPxeG8KnddDWrq/OoO4XhuxHdRGwBGg

Entry address:
0xC1DC

Entry point:
48, 83, EC, 28, E8, DF, 03, 00, 00, 48, 83, C4, 28, E9, 26, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 29, 2E, 01, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 59, 04, 00, 00, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, 0D, C8, 3C, 01, 00, FF, 15, 62, 2E, 00, 00, 48, 89, 44, 24, 38, 48, 83, F8, FF, 75, 0B, 48, 8B, CB, FF, 15, 46, 2F, 00, 00, EB, 7E, B9, 08, 00, 00, 00, E8, 78, 05, 00, 00, 90, 48, 8B, 0D, 9A, 3C...
 
[+]

Entropy:
5.6800

Code size:
53 KB (54,272 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ac.activclient.gui.scagent.exe

Command:
"C:\Program Files\actividentity\activclient\ac.activclient.gui.scagent.exe"


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.