home

stormwarningsapp.exe

Storm Warnings

The application stormwarningsapp.exe by Storm Warnings has been detected as a potentially unwanted program by 3 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘StormWarnings’. This file is typically installed with the program StormWarnings by Local Weather LLC which is a potentially unwanted software program.
Publisher:
Storm Warnings  (signed and verified)

Version:
1.1.0.22

MD5:
fdc35d17b7b3a996a44e2992542b2936

SHA-1:
c427389f373a695d70719e0437728c7b8cf938a8

SHA-256:
0f746456aa49a13555b8682d3f4d92738869e7eb618e39d7f6b4bae5038e126d

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
4/30/2024 8:19:47 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen7
8.3.1.6

ESET NOD32
Win32/Verti.K potentially unwanted (variant)
9.12004

Sophos
Verti
4.98

File size:
1.7 MB (1,731,248 bytes)

Product version:
1.1.0.22

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\stormwarnings\stormwarningsapp.exe

Digital Signature
Signed by:
Storm Warnings

Authority:
thawte, Inc.

Valid from:
4/17/2015 2:00:00 AM

Valid to:
4/17/2016 1:59:59 AM

Subject:
CN=Storm Warnings, O=Storm Warnings, L=Austin, S=Texas, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
620D61D6D56A0B5C1E10B099EE1892F1

File PE Metadata
Compilation timestamp:
7/27/2015 8:34:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:x7I04lGUJ4SCRjykxomAzwWOIfv34JagvhbfyAUMfcdzYh0b6r1H/VMqRn++V+RX:6FGcClxsvUvbfyAHctFer1HKqJkXNJvd

Entry address:
0x57873

Entry point:
E8, E5, C2, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 88, 34, 56, 00, 33, C5, 89, 45, FC, 83, 7D, 08, FF, 57, 74, 09, FF, 75, 08, E8, 1F, 99, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, 49, B3, FF, FF, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC...
 
[+]

Code size:
1.1 MB (1,102,848 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
StormWarnings

Command:
"C:\Program Files\stormwarnings\stormwarningsapp.exe"


The file stormwarningsapp.exe has been discovered within the following program.

StormWarnings  by Local Weather LLC
76% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to server-54-192-15-111.ams1.r.cloudfront.net  (54.192.15.111:443)

TCP (HTTP SSL):
Connects to server-54-192-14-128.ams1.r.cloudfront.net  (54.192.14.128:443)

TCP:
Connects to ec2-50-112-93-45.us-west-2.compute.amazonaws.com  (50.112.93.45:1025)

Remove stormwarningsapp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.