59430.bubble dock addonsui.exe

Bubble Dock

Nosibay

The application 59430.bubble dock addonsui.exe, “Bubble Dock installer” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from cdn.bubbledock.es.
Publisher:
Nosibay

Product:
Bubble Dock

Description:
Bubble Dock installer

Version:
3.0.633.0.59430

MD5:
c03b15532831cf29dab9bf17d83b0872

SHA-1:
797c7f30c3241586cebabdcfed9de255285bc1c9

SHA-256:
bb8c4f90a1f6411c27949565c77593ca2eec35879f4c6994128d75f5e3115f2c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/22/2024 8:29:19 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Nosibay.Optional.Installer.Meta (M)
16.3.5.2

File size:
613.6 KB (628,344 bytes)

Copyright:
© Nosibay

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\59430.bubble%20dock%20addonsui.exe

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:zTBj/02kdr3Kh2CX8W/eLYz2TqNyEWfXsO/O:XBjM2kdr6YClyNcO2

Entry address:
0x30FA

Entry point:
72, 03, 0F, AF, EE, 71, 06, 89, DA, 34, D5, 8B, DE, EB, 03, F2, 02, F4, 02, CB, 23, D6, 84, FC, F3, F3, 33, EE, F3, 74, 03, C6, C0, C6, 52, 68, 77, 4F, FD, 00, 69, DE, AA, 78, 27, C0, BB, 00, 00, 00, 00, 21, EE, 47, 0F, AF, EA, 4D, 69, F1, FE, 9A, 0C, 9A, 85, DA, 71, 03, F6, C3, EF, 81, C3, B3, 02, 00, 00, 84, D7, BE, 41, 7F, 85, 0D, 81, EB, B2, 02, 00, 00, 0F, B7, C0, 81, F6, E1, B0, 38, C5, 85, E9, 86, E9, 69, D5, DB, D7, DA, 15, FF, C9, 8B, D1, 0F, BF, E9, 81, FB, 20, 01, 00, 00, 0F, 86, B3, FF, FF, FF...
 
[+]

Code size:
23.5 KB (24,064 bytes)

The file 59430.bubble dock addonsui.exe has been seen being distributed by the following URL.

Remove 59430.bubble dock addonsui.exe - Powered by Reason Core Security