» SevereWeatherAlertsAppAPI.dll
Overview
Analysis
File Details
Programs (1)

SevereWeatherAlertsAppAPI.dll

SevereWeatherAlertsAppAPI

Weather Notifications LLC

Part of an adware web browser extension that delivers advertisements such as coupons, price-comparisons, display media, affiliate links, banners, popups/popunders and other links. The module SevereWeatherAlertsAppAPI.dll by Weather Notifications has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Severe Weather Alerts by Weather Notifications, LLC which is a potentially unwanted software program.

File name:

Publisher:

Weather Notifications LLC (signed and verified)

Product:

SevereWeatherAlertsAppAPI

Version:

1.0.9.0

MD5:

63740795e7fbdaac2255497c3c239635

SHA-1:

6da492370b3b925c0d58bbb1643b4a5fe2504e77

SHA-256:

c0a194aede1ef5bb65955cbe2614acbd88893ca5a05a6a1a50a9d7022e89db18

Scanner detections:

2 / 68

Status:

Adware

Analysis date:

4/23/2024 5:02:21 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.WeatherNotifications.Z

14.8.8.1

VIPRE Antivirus

SevereWeatherAlerts

24868

File size:

74.2 KB (76,000 bytes)

Product version:

1.0.9.0

Original file name:

SevereWeatherAlertsAppAPI.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\severeweatheralerts\severeweatheralertsappapi.dll

Digital Signature

Signed by:

Weather Notifications LLC

Authority:

COMODO CA Limited

Valid from:

6/13/2013 5:00:00 PM

Valid to:

6/14/2014 4:59:59 PM

Subject:

CN=Weather Notifications LLC, O=Weather Notifications LLC, STREET=250 Park Ave Ste 504, L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0D57C9460FE0C441B8FDD693F1AC6CD7

File PE Metadata

Compilation timestamp:

7/8/2013 11:24:19 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:aNP7v7tY8zq+El8dV7j3AA8zfUG83rhyh/62KcaOZ6EhE3:qnO+d8QG8bhyh/62KYU3

Entry address:

0x1141E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.0167

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

61.5 KB (62,976 bytes)

The file SevereWeatherAlertsAppAPI.dll has been discovered within the following programs.

Severe Weather Alerts by Weather Notifications, LLC

Some versions of the Weather Notifications software bundles various potentially unwanted software such as toolbar and web browser extensions using the Tuguu DomalQ download manager.

www.severeweatheralerts.net

87% remove it

Remove SevereWeatherAlertsAppAPI.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.