wubi.exe

Canonical UK Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from ubuntu-releases.cs.umn.edu and multiple other hosts.
Publisher:
Canonical UK Ltd.  (signed and verified)

MD5:
da0cd423b2b4e4b899751f05a27adba0

SHA-1:
1fd11832761b71171ad2efad51b24d114869a33d

SHA-256:
819f42fdd7cc431b6fd7fa5bae022b0a8c55a0f430eb3681e4750c4f1eceaf91

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
9/26/2018 10:19:53 AM UTC  (today)

Scan engine
Detection
Engine version

ByteHero BDV
Virus.Win32.Part.a
1.12.2014.10

File size:
2.4 MB (2,510,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mp3\wubi.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
10/4/2012 1:00:00 AM

Valid to:
10/7/2014 12:59:59 AM

Subject:
CN=Canonical UK Ltd., OU=IS, O=Canonical UK Ltd., L=London, S=London, C=GB

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6BDDA57B8B7E511D81A2FCDAAAB3C5B2

File PE Metadata
Compilation timestamp:
8/22/2013 8:10:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
49152:oRDzc8vSyHcOxytOLy5vXOGKnuyhQklHF2npr+B5U3E0WHoTkJqdBe:UciSyHFY8LGOGcXhQowlhE0W5oS

Entry address:
0x1110

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, EC, 91, 40, 00, E8, FD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 83, EC, 14, 6A, 01, FF, 15, EC, 91, 40, 00, E8, DD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 04, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, 50, 50, 6A, 00, 6A, 08, E8, 4C, 46, 00, 00, 83, C4, 10, 83, F8, 01, 0F, 84, D6, 00, 00, 00, 85, C0, 0F, 85, 90, 00, 00, 00...
 
[+]

Entropy:
7.9950

Packer / compiler:
Dev-C++ v5

Code size:
18.5 KB (18,944 bytes)

The file wubi.exe has been discovered within the following programs.

Kubuntu  by Kubuntu
www.kubuntu.org
About 3% of users remove it
Lubuntu  by Lubuntu
lubuntu.net
About 7% of users remove it
Ubuntu  by Ubuntu
Publisher's description - “Fast, free and incredibly easy to use, the Ubuntu operating system powers millions of desktop PCs, laptops and servers around the world. Ubuntu will work with your existing PC files, printers, cameras, music players and smartphones — and it comes with thousands of free apps.”
www.ubuntu.com
About 1% of users remove it
Xubuntu  by Xubuntu
www.xubuntu.org
About 6% of users remove it
 
Powered by Should I Remove It?

The file wubi.exe has been seen being distributed by the following 39 URLs.

Latest 30 of 39 download URLs

Scan wubi.exe - Powered by Reason Core Security