wxbugstandalone60.exe

WeatherBug

The application wxbugstandalone60.exe, “WeatherBug Version 6.0 Install” by WeatherBug has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the Wise Installer installer. This file is typically installed with the program WeatherBug Publisher by AWS Convergence Technologies, Inc..
Publisher:
AWS Convergence Technologies, Inc.  (signed by WeatherBug)

Description:
WeatherBug Version 6.0 Install

Version:
6.05.0.16

MD5:
9f701682356f3c6c11ec9a0ad1bd74ba

SHA-1:
622163f201601e8a6bb90d5422564c9a41eefa1c

SHA-256:
af679f22e4f9c1727ab9bbb2cc71abf1f8015402a6519d465b0ea28ebdba5ca6

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
While not adware or malicious, WeatherBug is typically bundled with various 3rd-party download managers as an offer which might be potentailly unwanted.

Analysis date:
12/24/2024 11:10:42 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
infected with Trojan.Funweb.59
9.0.1.05190

ESET NOD32
Win32/AdInstaller potentially unwanted application
7.0.302.0

Kaspersky
not-a-virus:AdWare.Win32.WeatherBug
15.0.0.494

Reason Heuristics
PUP.Installer.WeatherBug.R
14.8.18.22

File size:
5.3 MB (5,601,360 bytes)

Copyright:
2005

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

Common path:
C:\Program Files\aws\pwspub\wxbugstandalone60.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
5/23/2005 5:00:00 PM

Valid to:
7/1/2006 4:59:59 PM

Subject:
CN=WeatherBug, OU=Consumer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WeatherBug, L=Gaithersburg, S=Maryland, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4048FCA621554CAF18942ADD55975FB3

File PE Metadata
Compilation timestamp:
4/8/1999 1:24:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:ZykVeFxVLLb/ol47vB+COek84Q8qGR6ZXmv8tHyGAFLbgxwWRRRRRRRRRRRRRRRN:AUeFxVLLb/39k845sw8VynOhOjyn

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, 78, 05, 00, 00, 53, 56, BE, 04, 01, 00, 00, 57, 8D, 85, 94, FD, FF, FF, 56, 33, DB, 50, 53, FF, 15, 34, 20, 40, 00, 8D, 85, 94, FD, FF, FF, 56, 50, 8D, 85, 94, FD, FF, FF, 50, FF, 15, 30, 20, 40, 00, 8B, 3D, 2C, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 8D, 85, 94, FD, FF, FF, 68, 00, 00, 00, 80, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 7B, 01, 00, 00, 8D, 85, 90, FC, FF, FF, 50, 56, FF, 15, 28, 20, 40, 00, 8D, 85, 98, FE, FF, FF, 50, 53, 8D, 85, 90, FC, FF, FF, 68, 10, 30, 40, 00, 50...
 
[+]

Entropy:
7.9992

Packer / compiler:
Wise Installer Stub

Code size:
512 Bytes (512 bytes)

The file wxbugstandalone60.exe has been discovered within the following program.

WeatherBug Publisher  by AWS Convergence Technologies, Inc.
Publisher's description - “Download WeatherBug to access the world’s largest network of real-time weather and lightning sensors for the best forecasts, the fastest alerts and more. The most accurate current, extended and hourly weather forecasts for your neighborhood and millions of cities worldwide.”
www.weatherbug.com/support
49% remove it
 
Powered by Should I Remove It?

Remove wxbugstandalone60.exe - Powered by Reason Core Security