home

PaAgent.exe

AT&T Participant Agent

AT&T Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Launch AT&T Connect Participant web browser agent’.
Publisher:
AT&T Inc.  (signed and verified)

Product:
AT&T Participant Agent

Description:
AT&T Participant Agent Application

Version:
11.7.999.105

MD5:
826ff4b8a2b4f2a7498811613aa04ac5

SHA-1:
008e63adbab17f189cb1e329ff91acada2dbf46b

SHA-256:
0023f22ef14425d0da4d580376fa543665e1b394ae5c82f35b5b417c27f55630

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/2/2024 4:31:09 PM UTC  (today)

File size:
158.2 KB (162,016 bytes)

Product version:
11.7.999.105

Copyright:
©2016 AT&T Intellectual Property. All rights reserved

Original file name:
PaAgent.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\att connect\participant\paagent.exe

Digital Signature
Signed by:
AT&T Inc.

Authority:
Symantec Corporation

Valid from:
1/20/2016 2:00:00 AM

Valid to:
12/11/2016 1:59:59 AM

Subject:
CN=AT&T Inc., O=AT&T Inc., L=San Antonio, S=Texas, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4769DB5E31278C7BA68810424C828246

File PE Metadata
Compilation timestamp:
1/28/2016 2:14:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:2dCaauch3HWBc6vC777777777777777737s77777777777777dm777777777777x:2kdlHxF777777777777777737s77777W

Entry address:
0x82BD

Entry point:
E8, 1F, 05, 00, 00, E9, 91, FE, FF, FF, 3B, 0D, 28, E0, 40, 00, 75, 02, F3, C3, E9, 8F, 01, 00, 00, 83, 3D, 9C, E8, 40, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, 1C, A2, 40, 00, 59, 59, 8B, F0, 56, FF, 15, 98, A0, 40, 00, A3, 9C, E8, 40, 00, A3, 98, E8, 40, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, C0, BC, 40, 00, E8, D2, 05, 00, 00, FF, 35, 9C, E8, 40, 00, 8B, 35, 94, A0, 40, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 24, A2, 40, 00...
 
[+]

Entropy:
6.5679

Code size:
33 KB (33,792 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Launch AT&T Connect Participant web browser agent

Command:
"C:\users\{user}\appdata\local\att connect\participant\paagent.exe"


Scan PaAgent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.