» updater.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (4)

updater.exe

Advanced Updater

Unlimited Realities Limited

It runs as a scheduled task under the Windows Task Scheduler triggered by a time event.

File name:

updater.exe

Publisher:

Caphyon LTD (signed by Unlimited Realities Limited)

Product:

Advanced Updater

Version:

2.1

MD5:

12f362a0198b2007f5c8a3b1fa3e96fc

SHA-1:

e6d5f5ad01d5ebce2e27ba2db43c23a55873bacd

SHA-256:

f2a0de7afede22bda7786050ac5ef4a768c390807d6a6f29bc862962db42284f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 6:46:05 PM UTC (today)

File size:

4.9 MB (5,176,080 bytes)

Product version:

2, 1, 0, 0

Original file name:

updater.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\updater.exe

Digital Signature

Signed by:

Unlimited Realities Limited

Authority:

The USERTRUST Network

Valid from:

4/23/2008 7:00:00 PM

Valid to:

4/24/2011 6:59:59 PM

Subject:

CN=Unlimited Realities Limited, O=Unlimited Realities Limited, STREET=1st Floor, STREET=267 Broadway Avenue, L=Palmerston North, S=Manawatu, PostalCode=5301, C=NZ

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00C95AF6374C7C10B597AECA547BEAD2F4

File PE Metadata

Compilation timestamp:

6/17/2010 3:13:48 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

98304:nn/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/aHhD/Q:A

Entry address:

0x23A36

Entry point:

55, 8B, EC, 83, EC, 44, 56, 57, FF, 15, 20, 52, 42, 00, 8B, F0, 85, F6, 75, 04, 6A, FF, EB, 7C, E8, 21, FD, FF, FF, 8A, 06, 3C, 22, 8B, 3D, A4, 53, 42, 00, 75, 15, 56, FF, D7, 8B, F0, 8A, 06, 3C, 22, 74, 1E, 84, C0, 75, F1, 3C, 22, 75, 1B, EB, 14, 3C, 20, 7E, 15, 56, FF, D7, 8B, F0, 80, 3E, 20, 7F, F6, EB, 09, 3C, 20, 7F, 0B, 56, FF, D7, 8B, F0, 8A, 06, 84, C0, 75, F1, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 1C, 52, 42, 00, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00... 
[+]

Entropy:

5.7522

Developed / compiled with:

Microsoft Visual C++

Code size:

143.5 KB (146,944 bytes)

Scheduled Task

Task name:

MusicStage Updater

Trigger:

Time

The file updater.exe has been discovered within the following programs.

Dell MusicStage by Dell Inc.

Publisher's description - “Stage delivers photos, videos, music, Web pages and more right to your fingertips, with your most recent content always front and center. You’ll effortlessly toggle between photos, videos, music, Web pages and more.”

www.dell.com/us/p/stage/pd

19% remove it

Escenario Musical by Dell Inc.

www.dell.com

8% remove it

Escenario Musical Dell by Dell Inc.

11% remove it

MusicStage by Dell Inc.

6% remove it

Scan updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.