home

DesktopWeatherAlertsApp.exe

DesktopWeatherAlertsApp

Local Weather LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application DesktopWeatherAlertsApp.exe by Local Weather has been detected as adware by 4 anti-malware scanners.
Publisher:
Local Weather LLC  (signed and verified)

Product:
DesktopWeatherAlertsApp

Version:
1.0.29.0

MD5:
fb5c335d0d0a8db1d5ef88eff9f7a834

SHA-1:
6c0e6001c277a9c8014cb67e71e7e4d0669b0ba5

SHA-256:
71cda7ff94f863fcb04c9e257b37ac3add2fb8535ddcc257c056d64c6971cdaa

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/23/2024 7:58:59 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Adware.StrongVault.A application
7.0.302.0

Reason Heuristics
PUP.Weather.LocalWeather (M)
16.2.4.4

Sophos
PUA 'Desktop Weather Alert'
5.23

VIPRE Antivirus
Threat.4740961
46904

File size:
540 KB (552,960 bytes)

Product version:
1.0.29.0

Original file name:
DesktopWeatherAlertsApp.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\desktopweatheralertsapp.exe

Digital Signature
Signed by:
Local Weather LLC

Authority:
COMODO CA Limited

Valid from:
10/14/2013 12:00:00 AM

Valid to:
10/14/2014 11:59:59 PM

Subject:
CN=Local Weather LLC, O=Local Weather LLC, STREET="250 Park Ave #504", L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1E363E3CA4E0B46A71B002CFAF51DED1

File PE Metadata
Compilation timestamp:
2/25/2014 4:00:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:BqIDP8+FwOxYvG/dozothUHoNXnWSCnYX:BVD0+ldozothscRCnYX

Entry address:
0x6BBBB

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, E2, AB, 01, 80, 10, 00, 00, 00, 78, AC, 01, 80, 18, 00, 00, 00, BC, AF, 01, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.2422

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
423 KB (433,152 bytes)

Remove DesktopWeatherAlertsApp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.