home

setup.exe

Bubble Games

The application setup.exe by Bubble Games has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Bubble Games  (signed and verified)

Product:
Bubble Games

Version:
87.0.0.3623

MD5:
d2a797a1ab6be8476745e802ec3b22f8

SHA-1:
77e8b702a0691847d1331533e9a88755ec8b36eb

SHA-256:
4ee6faee3b967f98065af3ad184461648ec95f025ed38f95059ab8234f176a7e

Scanner detections:
17 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
11/24/2024 7:50:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
372

Avira AntiVirus
TR/ATRAPS.Gen2
7.11.30.172

avast!
Win32:Malware-gen
2014.9-160129

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
1.0.20.145

Dr.Web
Trojan.Vittalia.1351
9.0.1.029

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
8.16.01.29.08

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
10.7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
11.2016-29-01_6

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
16.1.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.18111

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
17.0.0.87

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
11.20160129

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.TomorrowSoftware.BubbleGames.Installer (M)
16.1.29.8

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
23.00.65.16127

VIPRE Antivirus
Trojan.Win32.Generic
45856

File size:
871.1 KB (891,968 bytes)

Product version:
87.0.0.3623

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup.exe

Digital Signature
Signed by:
Bubble Games

Authority:
GoDaddy.com, Inc.

Valid from:
11/11/2015 2:32:38 PM

Valid to:
10/13/2016 7:17:38 PM

Subject:
CN=Bubble Games, O=Bubble Games, L=San Francisco, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00C1013F706A3DE6C3

File PE Metadata
Compilation timestamp:
11/25/2014 10:59:55 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:GRLnC6J7zCjr7vdd3VnOQZki5Ufsy2QnaSE:eALvdhlOGkqUte

Entry address:
0x1137

Entry point:
E8, 54, CB, 00, 00, E9, 52, C4, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 81, EC, 18, 02, 00, 00, 53, 8B, 9C, 24, 20, 02, 00, 00, 55, 56, 57, 8D, 44, 24, 10, 50, 33, FF, 57, 6A, 01, 53, 89, 7C, 24, 20, E8, 9B, 53, 00, 00, 8B, 4C, 24, 20, 8B, F0, 83, C4, 10, 8D, 2C, 0E, 85, F6, 75, 1D, 53, E8, B5, 55, 00, 00, 53, E8, AF, 55, 00, 00, 83, C4, 08, 8D, 47, 02, 5F, 5E, 5D, 5B, 81, C4, 18, 02, 00, 00, C3, 6A, 02, 53, E8, 26, 53, 00, 00, 8D, 54, 24, 24, 52, 53, E8, 7B, 54, 00, 00, 83, C4...
 
[+]

Entropy:
7.9682  (probably packed)

Code size:
53.5 KB (54,784 bytes)

Remove setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.