WeatherAlerts.exe

WeatherAlerts

Local Weather LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The application WeatherAlerts.exe by Local Weather has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including DesktopWeatherAlerts by Local Weather LLC and Weather Alerts Pro Version by Local Weather LLC, both potentially unwanted software.
Publisher:
Local Weather LLC  (signed and verified)

Product:
WeatherAlerts

Version:
1.4.0.0

MD5:
91ec0bd8f97b27339e7ea54409ca8942

SHA-1:
02875b58182ab1a5d3abdd272d94dcceec76a643

SHA-256:
7c96ae70f3551d41f2e46bb2ea67e90aa7d52271a36220ef920b01e72ac0802d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 12:19:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Weather.LocalWea (M)
16.6.27.7

File size:
162.2 KB (166,072 bytes)

Product version:
1.4.0.0

Copyright:
Copyright © 2013 Local Weather LLC, All Rights Reserved.

Trademarks:
WeatherAlerts is a trademark of Local Weather LLC

Original file name:
WeatherAlerts.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\weatheralerts\weatheralerts.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
10/13/2013 7:00:00 PM

Valid to:
10/14/2014 6:59:59 PM

Subject:
CN=Local Weather LLC, O=Local Weather LLC, STREET="250 Park Ave #504", L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1E363E3CA4E0B46A71B002CFAF51DED1

File PE Metadata
Compilation timestamp:
11/13/2013 9:37:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:jz/H91swLQJAaLy1QLwZRSa/Rthfeq5KS5apufTngEsT7z3Lh28IyRexhxb:3H91sRAaO2MZI6RreweCngj3nIywhxb

Entry address:
0xAB9E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.0788

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
36 KB (36,864 bytes)

The file WeatherAlerts.exe has been discovered within the following programs.

DesktopWeatherAlerts  by Local Weather LLC
The Weather Alerts app is a bundler that is installed with potentially unwanted software. It integrates with the user's web browser and displays advertisements.
www.desktopweatheralerts.com
85% remove it
Weather Alerts Pro Version  by Local Weather LLC
Weather Alerts Pro is simply an adware (advertising supported) application that is designed for the purpose of displaying unwanted ads, software for PUP (potentially unwanted programs) and other offers.
84% remove it
 
Powered by Should I Remove It?

Remove WeatherAlerts.exe - Powered by Reason Core Security