home

weather it up-bg.exe

Weather It Up

Phoenix Media

The application weather it up-bg.exe, “Weather It Up exe” has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program Weather It Up by Phoenix Media which is a potentially unwanted software program. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads.
Publisher:
Phoenix Media

Product:
Weather It Up

Description:
Weather It Up exe

Version:
1000.1000.1000.1000

MD5:
470722c1d08e4979ebd3850caf96003e

SHA-1:
851c71a563ab43dc828ccc6b20d69750920bcaab

SHA-256:
2d224ce1e9aa506b3328caa3ef90013d3409b690dfc80bb4f69c0d7f5adefcee

Scanner detections:
7 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:
4/25/2024 2:45:49 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.MulDrop
14.06.28

avast!
Win32:Adware-gen [Adw]
2014.9-140628

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14628

ESET NOD32
Win32/Toolbar.CrossRider.AA (variant)
8.9749

Malwarebytes
PUP.Optional.WeatherItUp.A
v2014.06.28.06

Reason Heuristics
PUP.Crossrider.PhoenixMedia.Q
14.8.1.0

VIPRE Antivirus
Crossrider
28780

File size:
580 KB (593,920 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Weather It Up.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\weather it up\weather it up-bg.exe

File PE Metadata
Compilation timestamp:
4/17/2014 1:03:33 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:3ulYjjnxOZTLxBM6Mw+ShRPZLKJALPnxcfqCGTBCgLbGVN/:D3xOZTLxBM7yfL4EmqCGTEgW3

Entry address:
0x51F01

Entry point:
E8, 86, B2, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, AB, 48, 00, E8, 79, 01, 00, 00, E8, 16, 13, 00, 00, 0F, B7, F0, 6A, 02, E8, 19, B2, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, AE, 11, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4041

Code size:
452.5 KB (463,360 bytes)

The file weather it up-bg.exe has been discovered within the following program.

Weather It Up  by Phoenix Media
Displays advertising within the user's web browser on web pages where advertising would not normally appear. may be distribuited through OpenCandy.
82% remove it
 
Powered by Should I Remove It?

Remove weather it up-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.