home

WeatherBugGadgetSidebarInstaller.exe

WeatherBugGadgetSidebarInstaller

WeatherBug

The application WeatherBugGadgetSidebarInstaller.exe by WeatherBug has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including WeatherBug by AWS Convergence Technologies and WeatherBug Alert by AWS Convergence Technologies.
Publisher:
WeatherBug  (signed and verified)

Product:
WeatherBugGadgetSidebarInstaller

Version:
1.0.0.0

MD5:
cd72a42bb2210bd3e73c5ec833ee1d9f

SHA-1:
bc61e7e7b2f87e612330c8a0c981101822195679

SHA-256:
c0308d1b203990b5ff0445bbf5f5100402f99ec3cb5c9bde18dc112e558310b5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 7:56:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.WeatherBug.a
14.3.16.13

File size:
25.9 KB (26,496 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2007

Original file name:
WeatherBugGadgetSidebarInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\aws\weatherbug\gadgetinstaller\weatherbuggadgetsidebarinstaller.exe

Digital Signature
Signed by:
WeatherBug

Authority:
VeriSign, Inc.

Valid from:
6/4/2006 5:00:00 PM

Valid to:
6/30/2009 4:59:59 PM

Subject:
CN=WeatherBug, OU=Consumer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WeatherBug, L=Gaithersburg, S=Maryland, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37BA9A6E807E4CC566D9E69FE45E7EB7

File PE Metadata
Compilation timestamp:
8/3/2007 6:39:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:BTvJ2i2lkIoGHsfS774IkNaoRspZ+mVWRyowJL/aMjGwP7kOMqKD+ebMzDHMq/:BTvJf2lRCG74taoRs/WRYJLWGKVb0t

Entry address:
0x3BBE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.0504

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8 KB (8,192 bytes)

The file WeatherBugGadgetSidebarInstaller.exe has been discovered within the following programs.

WeatherBug  by Earth Networks, Inc.
Publisher's description - “WeatherBug is a leading source of weather information and a top destination for consumers worldwide.”
42% remove it
WeatherBug Alert  by AWS Convergence Technologies
Publisher's description - “WeatherBug manages and operates its own weather network that pin points weather conditions in your neighborhood like no other weather service can! WeatherBug Tracking Stations provide live weather information. Other weather companies' "live" data is often an hour or more old.”
48% remove it
 
Powered by Should I Remove It?

Remove WeatherBugGadgetSidebarInstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.