bubble dock bsetup.exe

Bubble Dock

NOSIBAY

The application bubble dock bsetup.exe, “Bubble Dock installer” by NOSIBAY has been detected as a potentially unwanted program by 14 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from cdn.bubbledock.com.
Publisher:
NOSIBAY  (signed and verified)

Product:
Bubble Dock

Description:
Bubble Dock installer

Version:
3.0.630.0.58716

MD5:
d01fb1e99361b2fa9f09b07e11663304

SHA-1:
da323526434d4930a1f4b66be8388db7a49e95c8

SHA-256:
70b61e8b3407b1fb734cb5507084324c9b2350cf702cfd91ae21d1caa3f5dd3c

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
11/22/2024 8:05:40 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.BubbleDock
2015.06.06

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.5766
9.0.1.0337

ESET NOD32
Win32/BubbleDock.A potentially unwanted
9.11743

G Data
Win32.Application.BubbleDock
15.12.25

IKARUS anti.virus
PUA.BubbleDock
t3scan.1.9.5.0

K7 AntiVirus
Riskware
13.204.16151

Malwarebytes
PUP.Optional.BubbleDock.A
v2015.12.03.05

NANO AntiVirus
Riskware.Win32.Agent.dhcmqv
0.30.24.1636

Reason Heuristics
PUP.NOSIBAY.Installer (M)
15.12.3.17

Sophos
Bubble Dock
4.98

Vba32 AntiVirus
AdWare.Agent
3.12.26.4

VIPRE Antivirus
BubbleDock
40868

Zillya! Antivirus
Adware.Agent.Win32.44819
2.0.0.2207

File size:
6.2 MB (6,462,344 bytes)

Copyright:
© Nosibay

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\bubble dock bsetup.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
9/16/2012 2:00:00 AM

Valid to:
10/17/2013 1:59:59 AM

Subject:
CN=NOSIBAY, OU=Nosibay Secure Developement, O=NOSIBAY, L=PEROLS, S=Hérault, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
15D415FC07F39945D54BD293F72D8A5F

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:krv8oPwIoqeYAn1DQn8jlyg5BeKQhwGZphLFSR6ueMadWCzOI5R:8koPwRTuNg5B7MhL9MaaI5R

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file bubble dock bsetup.exe has been seen being distributed by the following URL.

Remove bubble dock bsetup.exe - Powered by Reason Core Security