home

setup.exe

Bubble Games

The application setup.exe by Bubble Games has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Bubble Games  (signed and verified)

Product:
Bubble Games

Version:
87.0.0.3623

MD5:
8ac624a96b11cb61652cb5716833887b

SHA-1:
6ab43aadeb24791da23f2be0caff29406235c0de

SHA-256:
17008347acb71554ae4bd19a306e9f66ac27ad6587e88c59dfc8466218d98744

Scanner detections:
17 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
12/28/2024 2:00:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
381

Avira AntiVirus
TR/ATRAPS.Gen2
7.11.30.172

avast!
Win32:Malware-gen
2014.9-160120

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
1.0.20.100

Dr.Web
Trojan.Vittalia.1351
9.0.1.020

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
8.16.01.20.01

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
10.7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
11.2016-20-01_4

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
16.1.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.18111

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
17.0.0.60

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
11.20160120

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.TomorrowSoftware.BubbleGames.Installer (M)
16.1.20.1

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
23.00.65.16118

VIPRE Antivirus
Trojan.Win32.Generic
45856

File size:
871.1 KB (891,968 bytes)

Product version:
87.0.0.3623

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Bubble Games

Authority:
GoDaddy.com, Inc.

Valid from:
11/11/2015 4:32:38 PM

Valid to:
10/13/2016 8:17:38 PM

Subject:
CN=Bubble Games, O=Bubble Games, L=San Francisco, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00C1013F706A3DE6C3

File PE Metadata
Compilation timestamp:
11/26/2014 12:59:55 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:1RLnC6J7zCjr7vdd3VnOQZki5Ufsy2QnaSE:7ALvdhlOGkqUte

Entry address:
0x1137

Entry point:
E8, 54, CB, 00, 00, E9, 52, C4, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 81, EC, 18, 02, 00, 00, 53, 8B, 9C, 24, 20, 02, 00, 00, 55, 56, 57, 8D, 44, 24, 10, 50, 33, FF, 57, 6A, 01, 53, 89, 7C, 24, 20, E8, 9B, 53, 00, 00, 8B, 4C, 24, 20, 8B, F0, 83, C4, 10, 8D, 2C, 0E, 85, F6, 75, 1D, 53, E8, B5, 55, 00, 00, 53, E8, AF, 55, 00, 00, 83, C4, 08, 8D, 47, 02, 5F, 5E, 5D, 5B, 81, C4, 18, 02, 00, 00, C3, 6A, 02, 53, E8, 26, 53, 00, 00, 8D, 54, 24, 24, 52, 53, E8, 7B, 54, 00, 00, 83, C4...
 
[+]

Code size:
53.5 KB (54,784 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.