» bubble dock bsetup.exe
Overview
Analysis
File Details

bubble dock bsetup.exe

Bubble Dock

NOSIBAY

The application bubble dock bsetup.exe, “Bubble Dock installer” by NOSIBAY has been detected as a potentially unwanted program by 12 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.

File name:

Publisher:

NOSIBAY (signed and verified)

Product:

Bubble Dock

Description:

Bubble Dock installer

Version:

3.0.627.0.56739

MD5:

1bf50bbee79e6e921664566a19588939

SHA-1:

717e0f0b844f179d6490a1ecbd59fc5865da8f5d

SHA-256:

e68359ec65be63e83327fe2e02e11672676f2439ff71e354744836cb5b468de3

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 10:27:15 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.BubbleDock

2014.11.11

ESET NOD32

Win32/BubbleDock.A potentially unwanted application

10.7.0.302.0

IKARUS anti.virus

PUA.BubbleDock

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.185.13965

Malwarebytes

PUP.Optional.BubbleDock.A

v2016.01.31.10

McAfee

Artemis!BE42CE78BF1E

5600.6504

NANO AntiVirus

Riskware.Win32.Agent.dhcmqv

0.28.6.62995

Reason Heuristics

PUP.NOSIBAY.Installer (M)

16.1.31.10

Sophos

Bubble Dock

4.98

Trend Micro House Call

Suspici.A05D7F27

7.2.31

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

VIPRE Antivirus

Threat.4791953

34232

File size:

6.3 MB (6,643,168 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\bubble dock bsetup.exe

Digital Signature

Signed by:

NOSIBAY

Authority:

Thawte, Inc.

Valid from:

6/28/2011 2:00:00 AM

Valid to:

7/28/2012 1:59:59 AM

Subject:

CN=NOSIBAY, OU=Nosibay Development Team, O=NOSIBAY, L=PEROLS, S=Herault, C=FR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

48B8CBA6DE2D386D8CD5DE3D94F2FAEE

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:FKIQ2wKqwcMlKFoSmDQSEX9GRq/8gfUrC:xwKqwcMsyVDQNM88kUm

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Remove bubble dock bsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.