home

uberAgent.exe

uberAgent

Helge Klein GmbH

It runs as a separate (within the context of its own process) windows Service named “uberAgent”.
Publisher:
vast limits GmbH  (signed by Helge Klein GmbH)

Product:
uberAgent

Version:
3.1.1.911 mod f198a94

MD5:
a5303e301cf340b0af561d0baf766274

SHA-1:
ed898b83330f7857cc779d273419bf33540f525e

SHA-256:
e77e86949368e42b714e5ea1a15972db6b346e3ea3dc402dc10336049128f3ce

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:30:10 AM UTC  (today)

File size:
3 MB (3,093,832 bytes)

Product version:
3.1.1.911 mod f198a94

Copyright:
Copyright (C) vast limits GmbH

Original file name:
uberAgent.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\vast limits\uberagent\uberagent.exe

Digital Signature
Signed by:
Helge Klein GmbH

Authority:
VeriSign, Inc.

Valid from:
2/6/2013 7:00:00 PM

Valid to:
4/7/2016 7:59:59 PM

Subject:
CN=Helge Klein GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Helge Klein GmbH, L=Köln, S=Nordrhein-Westfalen, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2C5E5A28ABBDA3F8271A090805A2B07F

File PE Metadata
Compilation timestamp:
9/29/2015 12:48:10 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
49152:7hmW2pTr0YXw2650Nhrt4ysZ+LIqnCxKenecpWPjv8o/YDBKyvOu9yMwvyGbLTAe:4qW7xCxKseqCnAWFh

Entry address:
0xC80D8

Entry point:
48, 83, EC, 28, E8, 8B, 08, 00, 00, 48, 83, C4, 28, E9, 66, FE, FF, FF, CC, CC, 48, FF, 25, DD, E9, 05, 00, CC, 48, 83, EC, 28, 4D, 8B, 41, 38, 48, 8B, CA, 49, 8B, D1, E8, 0D, 00, 00, 00, B8, 01, 00, 00, 00, 48, 83, C4, 28, C3, CC, CC, CC, 40, 53, 45, 8B, 18, 48, 8B, DA, 41, 83, E3, F8, 4C, 8B, C9, 41, F6, 00, 04, 4C, 8B, D1, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03, 4B, 08, F6, 41, 03, 0F, 74, 0C, 0F...
 
[+]

Entropy:
6.4827

Code size:
1.1 MB (1,200,128 bytes)

Service
Display name:
uberAgent

Service name:
uberAgentSvc

Description:
Monitors the system's performance, applications and user experience.

Type:
Win32OwnProcess

Group:
NetworkProvider


Scan uberAgent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.