home

vlcmediaplayer-setup.exe

Bubble Games

The application vlcmediaplayer-setup.exe by Bubble Games has been detected as a potentially unwanted program by 13 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from build.vlcapp.com.
Publisher:
Bubble Games  (signed and verified)

Product:
Bubble Games

Version:
87.0.0.3623

MD5:
ffd75ca8d5fba59f9bb382efddd5aa26

SHA-1:
e620c889286088f6470bc59c68a144accdd70069

SHA-256:
af4a9c6f03fbde4ab9c55f670d39d6aaa902d41af4f8fb6506f2045bf8a75e00

Scanner detections:
13 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
12/27/2024 6:45:42 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
426

Arcabit
Trojan.Application.Bundler.DownloadAdmin.4
1.0.0.628

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
1.0.20.1700

Dr.Web
Trojan.Vittalia.1351
9.0.1.0340

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted (variant)
9.12672

F-Secure
Gen:Variant.Application.Bundler
11.2015-06-12_1

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
15.12.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.18027

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
16.0.0.1020

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.TomorrowSoftware.BubbleGames.Installer (M)
15.12.6.5

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
23.00.65.151204

File size:
1.2 MB (1,234,728 bytes)

Product version:
87.0.0.3623

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vlcmediaplayer-setup.exe

Digital Signature
Signed by:
Bubble Games

Authority:
GoDaddy.com, Inc.

Valid from:
11/11/2015 1:32:38 PM

Valid to:
10/13/2016 6:17:38 PM

Subject:
CN=Bubble Games, O=Bubble Games, L=San Francisco, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00C1013F706A3DE6C3

File PE Metadata
Compilation timestamp:
11/25/2014 9:59:55 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:FRLnC6J7zCjr7vdd3VnOQZki5Ufsy2Qna5uRoh2g9dQocgb531S/:LALvdhlOGkqUtI32g9dxhl1M

Entry address:
0x1137

Entry point:
E8, 54, CB, 00, 00, E9, 52, C4, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 81, EC, 18, 02, 00, 00, 53, 8B, 9C, 24, 20, 02, 00, 00, 55, 56, 57, 8D, 44, 24, 10, 50, 33, FF, 57, 6A, 01, 53, 89, 7C, 24, 20, E8, 9B, 53, 00, 00, 8B, 4C, 24, 20, 8B, F0, 83, C4, 10, 8D, 2C, 0E, 85, F6, 75, 1D, 53, E8, B5, 55, 00, 00, 53, E8, AF, 55, 00, 00, 83, C4, 08, 8D, 47, 02, 5F, 5E, 5D, 5B, 81, C4, 18, 02, 00, 00, C3, 6A, 02, 53, E8, 26, 53, 00, 00, 8D, 54, 24, 24, 52, 53, E8, 7B, 54, 00, 00, 83, C4...
 
[+]

Entropy:
7.9818  (probably packed)

Code size:
53.5 KB (54,784 bytes)

The file vlcmediaplayer-setup.exe has been seen being distributed by the following URL.

http://build.vlcapp.com/VLCmediaplayer-setup.exe

Remove vlcmediaplayer-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.