59574.bubble dock addonsui.exe

Bubble Dock

Nosibay

The application 59574.bubble dock addonsui.exe, “Bubble Dock installer” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Scriptable Install System installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from cdn.bubbledock.es.
Publisher:
Nosibay

Product:
Bubble Dock

Description:
Bubble Dock installer

Version:
3.0.634.0.59574

MD5:
a60964d19ae633c8248ab22f17cbb268

SHA-1:
68ba74bbe414ef899b6afd132a56497a3d1c8722

SHA-256:
e846b73f72b106438123c3e8e93f11c2568507982cbae1020a9c9149e0fe9582

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 1:42:30 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Nosibay.Optional.Installer.Meta (M)
16.3.5.2

File size:
614.7 KB (629,456 bytes)

Copyright:
© Nosibay

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\59574.bubble%20dock%20addonsui.exe

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:iTBj/02kdr3Emmzt3DuYz2TqNyEWfXs5mTj:SBjM2kdr0mmJuNc5mv

Entry address:
0x30FA

Entry point:
69, D8, DA, 7A, 04, 66, 8D, 1D, E0, 84, 52, 77, B2, B9, 81, DA, FE, 93, D4, E9, 11, C7, FE, C4, 86, E4, 70, 02, FF, C3, B9, 66, CF, 00, 00, 80, C4, 3B, 1D, 80, 3A, 77, 02, 0F, AF, FF, 81, F1, 03, 4D, 00, 00, 43, 81, C1, 4D, 04, 00, 00, 85, C5, 74, 06, C7, C3, 76, 77, 2C, 82, 0F, AF, DE, 8D, 1D, A4, A2, 5B, F6, 40, 69, DF, 2C, 23, E4, E9, F3, F2, C7, C0, 2B, 36, 34, 99, 88, C0, 8A, C3, E8, 00, 00, 00, 00, 29, FF, 8A, F6, 18, F8, 0F, AF, D2, 10, EB, 69, D3, C8, 9B, FD, 65, C6, C0, EC, 81, FE, C7, 7E, 00, 00...
 
[+]

Code size:
23.5 KB (24,064 bytes)

The file 59574.bubble dock addonsui.exe has been seen being distributed by the following URL.

Remove 59574.bubble dock addonsui.exe - Powered by Reason Core Security