home

wubi.exe

Canonical UK Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from releases.ubuntu.com and multiple other hosts.
Publisher:
Canonical UK Ltd.  (signed and verified)

MD5:
1c14e2d8828a45d9d660781cd820e6e1

SHA-1:
c4879ae4e706613bf2682bfd80ef8d429e107a4f

SHA-256:
47e6cbe695c2ec24208836bb9228ae7ead4a7fe12df004ce88ca742fd11d3fb4

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 8:53:41 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Symmi.22897
8.14.02.10.08

XVirus List
Win.Detected
2.3.31

File size:
2.4 MB (2,501,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wubi.exe

Digital Signature
Signed by:
Canonical UK Ltd.

Authority:
Thawte, Inc.

Valid from:
10/3/2012 7:00:00 PM

Valid to:
10/6/2014 6:59:59 PM

Subject:
CN=Canonical UK Ltd., OU=IS, O=Canonical UK Ltd., L=London, S=London, C=GB

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6BDDA57B8B7E511D81A2FCDAAAB3C5B2

File PE Metadata
Compilation timestamp:
10/9/2012 3:55:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
49152:ARVECXy/gfjO5j9pzuGvnmdMn8DoFtAOOn0SXhelHVwZLE52o7Ax:pCi/EjEjDznvm+n8sFxW4lHmdoY

Entry address:
0x1110

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, EC, 91, 40, 00, E8, FD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 83, EC, 14, 6A, 01, FF, 15, EC, 91, 40, 00, E8, DD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 04, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, 50, 50, 6A, 00, 6A, 08, E8, 4C, 46, 00, 00, 83, C4, 10, 83, F8, 01, 0F, 84, D6, 00, 00, 00, 85, C0, 0F, 85, 90, 00, 00, 00...
 
[+]

Entropy:
7.9949

Packer / compiler:
Dev-C++ v5

Code size:
18.5 KB (18,944 bytes)

The file wubi.exe has been discovered within the following programs.

Kubuntu  by Kubuntu
www.kubuntu.org
About 3% of users remove it
Lubuntu  by Lubuntu
lubuntu.net
About 7% of users remove it
Ubuntu  by Ubuntu
Publisher's description - “Fast, free and incredibly easy to use, the Ubuntu operating system powers millions of desktop PCs, laptops and servers around the world. Ubuntu will work with your existing PC files, printers, cameras, music players and smartphones — and it comes with thousands of free apps.”
www.ubuntu.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file wubi.exe has been seen being distributed by the following 34 URLs.

http://releases.ubuntu.com/.../wubi.exe

ftp://ftp.cesca.cat/ubuntu/release//.../wubi.exe

http://download.softpedia.com/dl/682582eb39e4e787a4b428841a058cd2/57f7a9ac/100079148/software/.../wubi.exe

http://download.softpedia.com/dl/4b57a8ad683ad158ca0eced0326d23fe/57fa264c/100079148/software/.../wubi.exe

http://ubuntu1.software.informer.com/.../

http://mirror01.th.ifl.net/releases//.../wubi.exe

http://gsf-cf.softonic.com/c48/79a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=62246&instance=softonic_fr&type=PROGRAM&Expires=1439513020&Signature=RC1bsQsSdk-DpviVsEVrFRSEC8cdtnjfOGSOQKktXDg-VFGcdr9WKNG8vJVwfvJOwHjW17pfTt4jayQ~lgqz0pdr48AbKGKXmCC53LFhCyY7bfwTkwYhuDae2pcKIAA4rQZt5ahTmSFVQ8K7efRIq77FHL32QJxnMD2L-votNFw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wubi.exe

http://www.freewarefiles.com/downloads_counter.php?programid=42784

http://download.softpedia.com/dl/f53c4e466e7a6ad99c4d778672e24a06/57486c85/100079148/software/.../wubi.exe

http://old-releases.ubuntu.com/releases/.../wubi.exe

http://download.softpedia.com/dl/abdc8a077eb8cbd55e341f3b1175b493/56d6d7fa/100079148/software/.../wubi.exe

http://download.freewarefiles.net/.../wubi.exe

http://ftp.utexas.edu/ubuntu-iso/CDs//.../wubi.exe

http://mirror.anl.gov/pub/ubuntu-iso/CDs//.../wubi.exe

http://mirror.umd.edu/ubuntu-iso//.../wubi.exe

http://ubuntu.mirrors.pair.com/releases//.../wubi.exe

http://dl.cdn.chip.de/downloads/.../wubi1210.exe

http://mirror.clarkson.edu/ubuntu-releases//.../wubi.exe

http://mirror.steadfast.net/ubuntu-releases//.../wubi.exe

http://ubuntu-releases.eecs.wsu.edu//.../wubi.exe

http://ubuntu-releases.cs.umn.edu//.../wubi.exe

http://dc600.4shared.com/download/.../wubi_1210.exe

http://dc614.4shared.com/download/.../wubi_1210.exe

http://mirrors.rit.edu/ubuntu-releases//.../wubi.exe

http://mirror.aarnet.edu.au/pub/ubuntu/releases//.../wubi.exe

ftp://ubuntu.arcticnetwork.ca/pub/ubuntu/releases//.../wubi.exe

http://ftp.crihan.fr/releases//.../wubi.exe

http://www-ftp.lip6.fr/pub/linux/distributions/Ubuntu/releases//.../wubi.exe

http://ftp.iinet.net.au/pub/ubuntu-releases//.../wubi.exe

http://ftp.ucsb.edu/pub/mirrors/linux/ubuntu//.../wubi.exe

Latest 30 of 34 download URLs

Scan wubi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.