home

niagnt32.exe

HEAT DSM

FrontRange Solutions Deutschland GmbH

This is a setup and installation application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘NiAgent’.
Publisher:
HEAT Software USA Inc.  (signed by FrontRange Solutions Deutschland GmbH)

Product:
HEAT DSM

Description:
NetInstall Agent

Version:
7.3.0.3181

MD5:
9b6ca1c11bdca60dc8c7d204126970f5

SHA-1:
15319096bcd6fe56f844b5755f92c8cb83f3c118

SHA-256:
cfb81bd06b3bde1145a5c2cff0633a28317083b42a8325ec0ab8644b833d4e98

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:37:44 PM UTC  (today)

File size:
189.6 KB (194,160 bytes)

Product version:
2015.2

Copyright:
Copyright © 1995-2015 HEAT Software USA Inc. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Program Files\netinst\niagnt32.exe

Digital Signature
Signed by:
FrontRange Solutions Deutschland GmbH

Authority:
VeriSign, Inc.

Valid from:
9/19/2013 12:00:00 AM

Valid to:
12/18/2016 11:59:59 PM

Subject:
CN=FrontRange Solutions Deutschland GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=FrontRange Solutions Deutschland GmbH, L=Filderstadt, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D35E742A5D04FEF90F5FD494F5022CA

File PE Metadata
Compilation timestamp:
11/10/2015 10:16:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:8yH3IloHpQ8IRXxK1Vi4ALqoygYgAMXtOG:8yH3IuHzIKNALqolAMXtOG

Entry address:
0xB4C2

Entry point:
E8, 1C, 04, 00, 00, E9, 63, FD, FF, FF, 6A, 14, 68, 80, 7F, 41, 00, E8, 88, FC, FF, FF, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 66, 04, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 7E, FC, FF, FF, C2, 10, 00, 6A, 0C, 68, A0, 7F, 41, 00, E8, 2A, FC, FF, FF, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Code size:
68 KB (69,632 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
NiAgent

Command:
C:\Program Files\netinst\niagnt32.exe


Scan niagnt32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.