home

stage_primary.exe

stage_primary

Unlimited Realities Limited

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DellStage’.
Publisher:
Unlimited Realities Limited  (signed and verified)

Product:
stage_primary

Description:
Dell Stage

Version:
1.5.115.0

MD5:
1fbb05bd5ac37020958fecfa4f95b9f3

SHA-1:
f19d9d9f878c0147ef5f28d7d16a39cc874e2c89

SHA-256:
ddde015bcea00ebff71c0e5d7eb28a3d12b90755ed1e7f70d7b78c3f050eb5a2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:58:00 PM UTC  (today)

File size:
1.9 MB (2,038,504 bytes)

Product version:
1.5.115.0

Copyright:
Copyright (C) Unlimited Realities 2005-2010

Original file name:
stage_primary

File type:
Executable application (Win32 EXE)

Language:
English (New Zealand)

Common path:
C:\Program Files\dell stage\dell stage\stage_primary.exe

Digital Signature
Signed by:
Unlimited Realities Limited

Authority:
The USERTRUST Network

Valid from:
4/23/2008 2:00:00 PM

Valid to:
4/24/2011 1:59:59 PM

Subject:
CN=Unlimited Realities Limited, O=Unlimited Realities Limited, STREET=1st Floor, STREET=267 Broadway Avenue, L=Palmerston North, S=Manawatu, PostalCode=5301, C=NZ

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00C95AF6374C7C10B597AECA547BEAD2F4

File PE Metadata
Compilation timestamp:
4/12/2011 12:33:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:rW7BNubLjDHOrhzLemCu4S/HGgI9P1NI5lGxqaRI8XsMB1ew:rW7BsbLj7OrIRQHGgI9P1NI5lGxqaRp1

Entry address:
0x136954

Entry point:
E8, 7F, 04, 00, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 98, 13, 56, 00, 89, 0D, 94, 13, 56, 00, 89, 15, 90, 13, 56, 00, 89, 1D, 8C, 13, 56, 00, 89, 35, 88, 13, 56, 00, 89, 3D, 84, 13, 56, 00, 66, 8C, 15, B0, 13, 56, 00, 66, 8C, 0D, A4, 13, 56, 00, 66, 8C, 1D, 80, 13, 56, 00, 66, 8C, 05, 7C, 13, 56, 00, 66, 8C, 25, 78, 13, 56, 00, 66, 8C, 2D, 74, 13, 56, 00, 9C, 8F, 05, A8, 13, 56, 00, 8B, 45, 00, A3, 9C, 13, 56, 00, 8B, 45, 04, A3, A0, 13, 56, 00, 8D, 45, 08, A3, AC, 13, 56...
 
[+]

Entropy:
6.0641

Code size:
1.2 MB (1,269,760 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DellStage

Command:
"C:\Program Files\dell stage\dell stage\stage_primary.exe" "C:\Program Files\dell stage\dell stage\start.umj" --startup


Scan stage_primary.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.