WAUpdater.exe

WAUpdater

Local Weather LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application WAUpdater.exe by Local Weather has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including DesktopWeatherAlerts by Local Weather LLC and Weather Alerts Pro Version by Local Weather LLC, both potentially unwanted software.
Publisher:
Local Weather LLC  (signed and verified)

Product:
WAUpdater

Version:
1.4.0.0

MD5:
38d780e1719aeccc483a97f3b0b18735

SHA-1:
d4abeccc67afdf248f1796a294c2ac21e43a797d

SHA-256:
eec6f9a946bab6bd13e2bae941913c044ef21123c7a927decfdeb7b507bdf1d0

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 7:48:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Weather.LocalWeather (M)
16.1.27.0

File size:
138.2 KB (141,496 bytes)

Product version:
1.4.0.0

Copyright:
Copyright © 2013 Local Weather LLC, All Rights Reserved.

Trademarks:
WeatherAlerts is a trademark of Local Weather LLC

Original file name:
WAUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\weatheralerts\waupdater.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
10/13/2013 8:00:00 PM

Valid to:
10/14/2014 7:59:59 PM

Subject:
CN=Local Weather LLC, O=Local Weather LLC, STREET="250 Park Ave #504", L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1E363E3CA4E0B46A71B002CFAF51DED1

File PE Metadata
Compilation timestamp:
1/29/2014 1:31:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:CHoY9+2S5apufTngEsT7z3Lh28IyRtxhxP:CHvcKCngj3nIythxP

Entry address:
0x41FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.4724

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
12 KB (12,288 bytes)

The file WAUpdater.exe has been discovered within the following programs.

DesktopWeatherAlerts  by Local Weather LLC
The Weather Alerts app is a bundler that is installed with potentially unwanted software. It integrates with the user's web browser and displays advertisements.
www.desktopweatheralerts.com
85% remove it
Weather Alerts Pro Version  by Local Weather LLC
Weather Alerts Pro is simply an adware (advertising supported) application that is designed for the purpose of displaying unwanted ads, software for PUP (potentially unwanted programs) and other offers.
84% remove it
 
Powered by Should I Remove It?

Remove WAUpdater.exe - Powered by Reason Core Security