home

agentcond.exe

easymeetingOnCall

Feedback interactive systems Italia S.p.A.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ConferenceOnCall’.
Publisher:
Feedback interactive systems Italia S.p.A.  (signed and verified)

Product:
easymeetingOnCall

Description:
easymeeting™ - easymeetingOnCall

Version:
5.1.1.223

MD5:
0b6804d2aa8cdeecc6a2f5aeb265e888

SHA-1:
498793e064f437a1fc6652d551b68fa51534a085

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 10:07:51 AM UTC  (today)

File size:
3 MB (3,122,936 bytes)

Product version:
2.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Italian (Italy)

Common path:
C:\Program Files\easymeeting\conferenceoncall\agentcond.exe

Digital Signature
Signed by:
Feedback interactive systems Italia S.p.A.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
10/7/2008 2:58:33 PM

Valid to:
10/9/2009 9:49:17 AM

Subject:
CN=Feedback interactive systems Italia S.p.A., OU=Provided by I-Gate, OU=Sviluppo Software, O=Feedback interactive systems Italia S.p.A., L=Moncalieri, S=Torino, C=IT

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
629E8E3E5B0A595B41FDDC0D58B61BE5

File PE Metadata
Compilation timestamp:
10/15/2008 4:28:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:JKWLVmmWfYH/cgkCovKINptbTqpexv9DiF1ZRNpzoBI4EGrfNXM8c:JVLXJfcgCvKsptbGkxv9DiF1ZRNpzohf

Entry address:
0x2791F4

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, B0, 68, 67, 00, E8, 8B, E7, D8, FF, 8B, 1D, 7C, 59, 68, 00, 8B, 03, E8, DA, 36, E0, FF, 8B, 03, BA, D4, 92, 67, 00, E8, 86, 31, E0, FF, 8B, 0D, 74, 58, 68, 00, 8B, 03, 8B, 15, 08, FA, 65, 00, E8, D3, 36, E0, FF, 8B, 0D, 3C, 55, 68, 00, 8B, 03, 8B, 15, 70, 59, 65, 00, E8, C0, 36, E0, FF, 8B, 0D, B8, 53, 68, 00, 8B, 03, 8B, 15, 2C, 69, 65, 00, E8, AD, 36, E0, FF, 8B, 0D, F4, 5B, 68, 00, 8B, 03, 8B, 15, 04, 80, 65, 00, E8, 9A, 36, E0, FF, 8B, 0D, B4, 59, 68, 00, 8B, 03, 8B, 15...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,586,112 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ConferenceOnCall

Command:
C:\Program Files\easymeeting\conferenceoncall\agentcond.exe


Scan agentcond.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.