EMET_Agent.exe
Enhanced Mitigation Experience Toolkit by Microsoft Corporation (Signed)
| Version: | 4.1.5228.513 |
| MD5: | 9a6902aa5c3f47987b0b5018ae3dcfd7 |
| SHA1: | b531e8c1be23c3691aeee8e90312801e5d04aebf |
Overview
emet_agent.exe executes as a process with the local user's privileges. It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). The file is digitally signed by Microsoft Corporation.
Details
| File name: | emet_agent.exe |
| Publisher: | Microsoft Corporation |
| Product name: | Enhanced Mitigation Experience Toolkit |
| Description: | EMET_Agent |
| Typical file path: | C:\Program Files\emet 4.1\emet_agent.exe |
| File version: | 4.1.5228.513 |
| Size: | 79.51 KB (81,416 bytes) |
| Build date: | 4/25/2014 3:17 AM |
| Certificate |
| Issued to: | Microsoft Corporation |
| Authority (CA): | Microsoft Corporation |
| Effective date: | Tuesday, September 24, 2013 |
| Expiration date: | Wednesday, December 24, 2014 |
| Digital DNA |
| File packed: | No |
| Code language: | Microsoft Visual C# / Basic .NET |
| .NET CLR: | Yes |
| .NET NGENed: | No |
More details
Behaviors
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'EMET 4.1 Update 1 Agent' → "C:\Program Files\EMET 4.1\EMET_agent.exe"
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00044506% | |
| Kernel CPU: | 0.00019034% | |
| User CPU: | 0.00025472% | |
| Kernel CPU time: | 406 ms/min | |
| CPU cycles: | 279,771/sec | |
| Memory |
| Private memory: | 55.44 MB | |
| Private (maximum): | 71.15 MB | |
| Private (minimum): | 64.21 MB | |
| Non-paged memory: | 55.44 MB | |
| Virtual memory: | 640.93 MB | |
| Virtual memory (peak): | 642.6 MB | |
| Working set: | 71.15 MB | |
| Working set (peak): | 71.15 MB | |
| Page faults: | 31,616/min | |
| I/O |
| I/O read transfer: | 696 Bytes/sec | |
| I/O read operations: | 1/sec | |
| I/O write transfer: | 0 Bytes/sec | |
| I/O write operations: | 1/sec | |
| I/O other transfer: | 147 Bytes/sec | |
| I/O other operations: | 14/sec | |
| Resource allocations |
| Threads: | 9 | |
| Handles: | 378 | |
| GUI GDI count: | 32 | |
| GUI GDI peak: | 33 | |
| GUI USER count: | 21 | |
| GUI USER peak: | 23 | |
Process properties
| Integrety level: | High |
| Platform: | 64-bit |
| Command line: | --norestart |
| Owner: | User |
Threads
Averages
| EMET_Agent.exe (main module) |
| Total CPU: | 0.00636863% | |
| Kernel CPU: | 0.00087843% | |
| User CPU: | 0.00549020% | |
| CPU cycles: | 178,948/sec | |
| Memory: | 88 KB | |
| clr.dll |
| Total CPU: | 0.00049157% | |
| Kernel CPU: | 0.00003207% | |
| User CPU: | 0.00045949% | |
| CPU cycles: | 21,298/sec | |
| Memory: | 9.42 MB | |
| gdiplus.dll |
| Total CPU: | 0.00004393% | |
| Kernel CPU: | 0.00004393% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 379/sec | |
| Memory: | 2.09 MB | |
