» SevereWeatherAlertsApp.exe
Overview
Analysis
File Details
Programs (1)
Network (10)

SevereWeatherAlertsApp.exe

SevereWeatherAlertsApp

The application SevereWeatherAlertsApp.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. This file is typically installed with the program Severe Weather Alerts by Weather Notifications, LLC which is a potentially unwanted software program.

File name:

Product:

SevereWeatherAlertsApp

Version:

1.0.16.0

MD5:

3ffea17aaa50096e3ea6def9b26d85f1

SHA-1:

b8a9d9c6249b87433e183b153a2ff1fec38a0c9e

SHA-256:

7611b63c9b5e5f54b79ff91bd8b85653201fc5219fd85b984d4e0a51be930e38

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 8:41:24 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

MSIL/Adware.StrongVault (variant)

8.9542

Reason Heuristics

Threat.Win.Reputation

14.3.20.15

File size:

335 KB (343,040 bytes)

Product version:

1.0.16.0

Original file name:

SevereWeatherAlertsApp.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\severeweatheralerts\severeweatheralertsapp.exe

File PE Metadata

Compilation timestamp:

2/27/2014 1:09:29 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:NIn/Th3J8pP8VkVgRAnk1y7WMsv9tEBwMX:NW/ThyPckVwWk1yeWwMX

Entry address:

0x53F41

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.9200

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

328 KB (335,872 bytes)

The file SevereWeatherAlertsApp.exe has been discovered within the following program.

Severe Weather Alerts by Weather Notifications, LLC

Some versions of the Weather Notifications software bundles various potentially unwanted software such as toolbar and web browser extensions using the Tuguu DomalQ download manager.

www.severeweatheralerts.net

87% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to ec2-54-244-95-248.us-west-2.compute.amazonaws.com (54.244.95.248:80)

TCP (HTTP):

Connects to server-54-239-132-41.sfo9.r.cloudfront.net (54.239.132.41:80)

TCP (HTTP):

Connects to server-54-239-132-178.sfo9.r.cloudfront.net (54.239.132.178:80)

TCP (HTTP):

Connects to server-52-84-33-36.ewr50.r.cloudfront.net (52.84.33.36:80)

TCP (HTTP):

Connects to ec2-54-245-252-128.us-west-2.compute.amazonaws.com (54.245.252.128:80)

TCP (HTTP):

Connects to ec2-54-245-246-1.us-west-2.compute.amazonaws.com (54.245.246.1:80)

TCP (HTTP):

Connects to ec2-54-244-226-131.us-west-2.compute.amazonaws.com (54.244.226.131:80)

TCP (HTTP):

Connects to a23-74-9-113.deploy.static.akamaitechnologies.com (23.74.9.113:80)

TCP (HTTP):

Connects to a23-67-243-81.deploy.static.akamaitechnologies.com (23.67.243.81:80)

TCP (HTTP):

Connects to a23-15-7-162.deploy.static.akamaitechnologies.com (23.15.7.162:80)

Remove SevereWeatherAlertsApp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.