DesktopWeatherAlertsApp.exe

DesktopWeatherAlertsApp

The application DesktopWeatherAlertsApp.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This file is typically installed with the program DesktopWeatherAlerts by Local Weather LLC which is a potentially unwanted software program.
Product:
DesktopWeatherAlertsApp

Version:
1.0.13.0

MD5:
216a6844030e4a7785bd6733e7086115

SHA-1:
ecccef9de022b4946d43498c7ed423c6aab5713a

SHA-256:
90774d3d79d9978e32094682a53e70dfba6b673618225307611aa09c905f917a

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
7/22/2018 9:34:54 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.MSIL.StrongVault
4.0.3.1414

Comodo Security
ApplicUnwnt
17633

ESET NOD32
MSIL/Adware.StrongVault (variant)
8.9307

Trend Micro House Call
TROJ_GEN.F47V1121
7.2.4

File size:
533.5 KB (546,304 bytes)

Product version:
1.0.13.0

Original file name:
DesktopWeatherAlertsApp.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\desktopweatheralertsapp.exe

File PE Metadata
Compilation timestamp:
11/13/2013 8:31:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:4ih0f5BRVPvZ4nlrWkqwd3pj0N/czPN0U/2Keg1gudXuY:4ihyQ3qK32N/cbSU/kgKudXu

Entry address:
0x6BF0F

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.2119

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
424 KB (434,176 bytes)

The file DesktopWeatherAlertsApp.exe has been discovered within the following program.

DesktopWeatherAlerts  by Local Weather LLC
The Weather Alerts app is a bundler that is installed with potentially unwanted software. It integrates with the user's web browser and displays advertisements.
www.desktopweatheralerts.com
85% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-244-235-164.us-west-2.compute.amazonaws.com  (54.244.235.164:80)

TCP (HTTP):
Connects to ec2-54-245-252-128.us-west-2.compute.amazonaws.com  (54.245.252.128:80)

TCP (HTTP):
Connects to ec2-54-214-40-129.us-west-2.compute.amazonaws.com  (54.214.40.129:80)

TCP (HTTP):
Connects to server-52-84-63-211.ord51.r.cloudfront.net  (52.84.63.211:80)

TCP (HTTP):
Connects to ec2-54-244-249-173.us-west-2.compute.amazonaws.com  (54.244.249.173:80)

TCP (HTTP):
Connects to ec2-54-214-34-224.us-west-2.compute.amazonaws.com  (54.214.34.224:80)

TCP (HTTP):
Connects to ec2-54-214-247-241.us-west-2.compute.amazonaws.com  (54.214.247.241:80)

TCP (HTTP):
Connects to ec2-54-212-249-123.us-west-2.compute.amazonaws.com  (54.212.249.123:80)

TCP (HTTP):
Connects to a2.20-219-81.deploy.akamaitechnologies.com  (2.16.219.81:80)

TCP (HTTP):

TCP (HTTP):
Connects to a184-51-126-34.deploy.static.akamaitechnologies.com  (184.51.126.34:80)

Remove DesktopWeatherAlertsApp.exe - Powered by Reason Core Security