» bubble dock bsetup.exe
Overview
Analysis
File Details

bubble dock bsetup.exe

Bubble Dock

NOSIBAY

The application bubble dock bsetup.exe, “Bubble Dock installer” by NOSIBAY has been detected as a potentially unwanted program by 12 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.

File name:

Publisher:

NOSIBAY (signed and verified)

Product:

Bubble Dock

Description:

Bubble Dock installer

Version:

3.0.600.0.54622

MD5:

139820037555d6108cc94ca1d8e3a325

SHA-1:

7daf93b49449cff5616ee56103d532cabc5c4277

SHA-256:

34dd32f70a704a04f4f44c15dbeb1b2407ce28c6df204fb183bb48f6e5952a53

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 12:58:01 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.BubbleDock

2014.11.11

ESET NOD32

Win32/BubbleDock.A potentially unwanted application

10.7.0.302.0

IKARUS anti.virus

PUA.BubbleDock

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.185.13965

Malwarebytes

PUP.Optional.BubbleDock.A

v2016.02.05.08

McAfee

Artemis!BE42CE78BF1E

5600.6498

NANO AntiVirus

Riskware.Win32.Agent.dhcmqv

0.28.6.62995

Reason Heuristics

PUP.NOSIBAY.Installer (M)

16.2.5.20

Sophos

Bubble Dock

4.98

Trend Micro House Call

Suspici.A05D7F27

7.2.36

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

VIPRE Antivirus

Threat.4791953

34232

File size:

6.2 MB (6,514,056 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\bubble dock bsetup.exe

Digital Signature

Signed by:

NOSIBAY

Authority:

Thawte, Inc.

Valid from:

6/28/2011 2:00:00 AM

Valid to:

7/28/2012 1:59:59 AM

Subject:

CN=NOSIBAY, OU=Nosibay Development Team, O=NOSIBAY, L=PEROLS, S=Herault, C=FR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

48B8CBA6DE2D386D8CD5DE3D94F2FAEE

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:HKVlC98Q6GCkssWVI5eVElkv1pzbT6Kbg:HKVlA2IY51hT6KU

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Remove bubble dock bsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.