home

xagt.exe

FireEye Agent

FireEye, Inc.

It runs as a separate (within the context of its own process) windows Service named “FireEye Endpoint Agent”.
Publisher:
FireEye Inc.  (signed by FireEye, Inc.)

Product:
FireEye Agent

Version:
23.10.0

MD5:
6738613c54b5cea6303e88bb219421f7

SHA-1:
40cb2cf548ac7a5c01b2707bbcb379c1860a0270

SHA-256:
582de36e0d3b7dabbd63aec6f5884b9c42ca2f1a2d33ff03e54ebe5060d153e5

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
6/16/2024 12:42:43 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Adware.Browsefox-42686
0.99.211

File size:
14.9 MB (15,641,616 bytes)

Product version:
23.10.0

Copyright:
Copyright © 2017, FireEye Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\fe agent\xagt.exe

Digital Signature
Signed by:
FireEye, Inc.

Authority:
VeriSign, Inc.

Valid from:
3/19/2014 7:00:00 AM

Valid to:
3/19/2017 6:59:59 AM

Subject:
CN="FireEye, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="FireEye, Inc.", L=Milpitas, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0DCA4AB4BBB2190CF10057B9C2CB5B9C

File PE Metadata
Compilation timestamp:
1/17/2017 5:14:46 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

Entry address:
0x2BFB4B

Entry point:
E8, D1, 19, 01, 00, E9, 7B, FE, FF, FF, FF, 35, 3C, CD, 2B, 01, FF, 15, D0, D4, 75, 00, C3, 55, 8B, EC, 8B, 45, 08, A3, 34, CD, 2B, 01, A3, 38, CD, 2B, 01, A3, 3C, CD, 2B, 01, A3, 40, CD, 2B, 01, 5D, C3, 6A, 10, 68, 28, BE, 1D, 01, E8, 96, EF, 00, 00, 33, F6, 89, 75, E4, 89, 75, E0, 56, E8, FF, 94, 00, 00, 59, 89, 75, FC, 39, 75, 08, 75, 17, C7, 45, 08, 34, CD, 2B, 01, FF, 35, 34, CD, 2B, 01, FF, 15, D0, D4, 75, 00, 6A, 02, EB, 15, C7, 45, 08, 38, CD, 2B, 01, FF, 35, 38, CD, 2B, 01, FF, 15, D0, D4, 75, 00...
 
[+]

Entropy:
6.7346

Code size:
3.4 MB (3,518,976 bytes)

Service
Display name:
FireEye Endpoint Agent

Service name:
xagt

Type:
Win32OwnProcess


Scan xagt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.