home

SyncSessionAgent.exe

ShareFile Sync

Citrix Systems, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Citrix ShareFile Sync Session Agent’.
Publisher:
(c) Citrix Systems, Inc.  (signed by Citrix Systems, Inc.)

Product:
ShareFile Sync

Description:
ShareFile Sync Session Agent

Version:
2.10.108.0

MD5:
b6453e5f5c90819df1c2f8f3d0c1ffb3

SHA-1:
99d74a3f5598748a65e92f1a5e8593cb4619d2b1

SHA-256:
f6f0464cf55d0323802c3252412e6493c2232691e0c0d6fca738693c0df6eb26

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 5:54:53 PM UTC  (today)

File size:
195.3 KB (200,008 bytes)

Product version:
2.10.108.0

Copyright:
(c) Citrix Systems, Inc. All rights reserved.

Original file name:
SyncSessionAgent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\citrix\sharefile\sync\syncsessionagent.exe

Digital Signature
Signed by:
Citrix Systems, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/27/2013 4:00:00 AM

Valid to:
9/27/2015 3:59:59 AM

Subject:
CN="Citrix Systems, Inc.", OU=Sharefile, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Citrix Systems, Inc.", L=Raleigh, S=North Carolina, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
361DADD9DF0DA61C4522D3345BB93267

File PE Metadata
Compilation timestamp:
4/8/2014 6:52:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xA51C

Entry point:
E8, E2, 03, 00, 00, E9, 6B, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 48, 8C, 41, 00, 89, 0D, 44, 8C, 41, 00, 89, 15, 40, 8C, 41, 00, 89, 1D, 3C, 8C, 41, 00, 89, 35, 38, 8C, 41, 00, 89, 3D, 34, 8C, 41, 00, 66, 8C, 15, 60, 8C, 41, 00, 66, 8C, 0D, 54, 8C, 41, 00, 66, 8C, 1D, 30, 8C, 41, 00, 66, 8C, 05, 2C, 8C, 41, 00, 66, 8C, 25, 28, 8C, 41, 00, 66, 8C, 2D, 24, 8C, 41, 00, 9C, 8F, 05, 58, 8C, 41, 00, 8B, 45, 00, A3, 4C, 8C, 41, 00, 8B, 45, 04, A3, 50, 8C, 41, 00, 8D, 45, 08, A3, 5C, 8C, 41...
 
[+]

Entropy:
7.0570

Code size:
57 KB (58,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Citrix ShareFile Sync Session Agent

Command:
C:\Program Files\citrix\sharefile\sync\syncsessionagent.exe \run


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.