home

cpgagent.exe

MANDIANT Corporation

It runs as a separate (within the context of its own process) windows Service named “CPG Mandiant Agent”.
Publisher:
MANDIANT Corporation  (signed and verified)

Version:
10.6.16

MD5:
99e921455493c687b14c73ebad9b9438

SHA-1:
5e1684dd6dcaaafa9024d70afb370ba58e2ca664

SHA-256:
1ee3e8587b49242182259902a815b989d10157b0e373bf07b6aaadf47b9542ad

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:53:03 AM UTC  (today)

File size:
16.3 MB (17,086,768 bytes)

Product version:
10.6.16

Copyright:
Copyright © 2013

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\products\cpg agent\cpgagent.exe

Digital Signature
Signed by:
MANDIANT Corporation

Authority:
VeriSign, Inc.

Valid from:
2/21/2012 12:00:00 AM

Valid to:
3/1/2014 11:59:59 PM

Subject:
CN=MANDIANT Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MANDIANT Corporation, L=Alexandria, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0CFEB863E9CC913CBAB622E75693D64F

File PE Metadata
Compilation timestamp:
2/7/2014 11:05:02 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
196608:JjfOeqL5cHqQJqKW4tvU6iCP1SjIgRkyIE22uQ5q:JjfODL5cQ4VtiCPkENE22uH

Entry address:
0x560448

Entry point:
48, 83, EC, 28, E8, 3B, 69, 01, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 48, 89, 7C, 24, 18, 41, 55, 48, 83, EC, 30, 33, FF, 48, 8B, F2, 48, 8B, D9, 48, 85, C9, 75, 27, E8, 8D, 6A, 00, 00, 48, 21, 7C, 24, 20, BB, 16, 00, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 89, 18, E8, C2, EE, FF, FF, 8B, C3, E9, 6D, 02, 00, 00, BA, FF, 00, 00, 00, 41, B8, 24, 00, 00, 00, E8, 5B, E8, FF, FF, 48, 85, F6, 74, C4, 4C, 8B, 0E, 49, 81, F9, 40, 57, FF, FF, 7D, 0E, E8, 45...
 
[+]

Entropy:
6.2647

Code size:
9.7 MB (10,203,648 bytes)

Service
Display name:
CPG Mandiant Agent

Service name:
CPG_Agent

Type:
Win32OwnProcess


Scan cpgagent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.