weatherbugsetup.exe

WeatherBug

WeatherBug

The application weatherbugsetup.exe, “WeatherBug Installation ” by WeatherBug has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Earth Networks, Inc.   (signed by WeatherBug)

Product:
WeatherBug®

Description:
WeatherBug Installation

Version:
10.0.7.4

MD5:
abb49ffc30d08afc60856677db3c16cd

SHA-1:
c7afa4cb599298cd73061e8f07d3f105909f8f51

SHA-256:
d7b44a1ce0c10d9e0647715411ef2b41afb719aa72f0a3261fc91f5992d81455

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 11:44:42 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.13.12

File size:
3.9 MB (4,139,880 bytes)

Product version:
10.0.7.

Copyright:
All rights reserved

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\{3a83b8c4-5f70-453e-a723-b5672f107885}\weatherbugsetup.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
6/15/2015 5:00:00 PM

Valid to:
7/15/2018 4:59:59 PM

Subject:
CN=WeatherBug, O=WeatherBug, L=Germantown, S=Maryland, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
5753B94A4B4F428A574131A68539135D

File PE Metadata
Compilation timestamp:
4/13/2013 3:21:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:kcLb6PYGFh3PVQyJvfDRk0H2LP4P68NFLL0Z069eC5sNTUOJW:k8b6PYGFhpHpLLY0pFW

Entry address:
0x223AA4

Entry point:
55, 8B, EC, B9, 2A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, A4, F5, 61, 00, E8, 84, 4A, DE, FF, 33, C0, 55, 68, E3, 56, 62, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, D3, 3B, 62, 00, 64, FF, 30, 64, 89, 20, C7, 05, 3C, B8, 63, 00, 94, 00, 00, 00, 68, 3C, B8, 63, 00, E8, 24, 54, DE, FF, E8, 03, 28, FE, FF, 84, C0, 74, 6B, B2, 01, A1, 1C, 17, 43, 00, E8, 83, DD, E0, FF, 8B, D8, BA, 00, 00, 00, 80, 8B, C3, E8, 51, DE, E0, FF, 8D, 55, E4, 33, C0, E8, 27, FA, DD, FF, 8B, 45, E4, 8D, 55, E8, E8...
 
[+]

Entropy:
6.6408

Developed / compiled with:
Microsoft Visual C++

Code size:
2.1 MB (2,248,192 bytes)

Remove weatherbugsetup.exe - Powered by Reason Core Security