» WeatherBug.exe
Overview
Analysis
File Details
Downloads (1)

WeatherBug.exe

WeatherBug

Download Manager, LLC

The application WeatherBug.exe by Download Manager has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the AirInstaller Download Manager installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from download.down1oad.org.

File name:

WeatherBug.exe

Publisher:

Download Manager, LLC (signed and verified)

Product:

WeatherBug

Version:

3.0.0.73

MD5:

3da2c8a8682a52c83154345808f5bed9

SHA-1:

cfcf8ac631a6c1f60beac7b04188ec2f75711564

SHA-256:

372a17853f4d77b2122f4625737cf339603d878fd974360091088c4f97e84cc3

Scanner detections:

19 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

8/4/2025 9:35:57 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.Jaik.5699

6506914

AhnLab V3 Security

PUP/Win32.Bundler

2015.02.02

Avira AntiVirus

APPL/Downloader.Gen

7.11.206.100

AVG

Generic

2016.0.3211

Bitdefender

Gen:Variant.Application.Bundler.Jaik.5699

1.0.20.160

Dr.Web

Trojan.DownLoader12.14838

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler.Jaik.5699

9.0.0.4799

ESET NOD32

Win32/DownloadAssistant.A potentially unwanted application

7.0.302.0

F-Secure

Riskware.Gen:Variant.Application.Bundler

5.13.68

G Data

Gen:Variant.Application.Bundler.Jaik.5699

15.2.25

IKARUS anti.virus

PUA.DownloadAssistant

t3scan.1.8.5.0

K7 AntiVirus

Unwanted-Program

13.193.14867

Malwarebytes

PUP.Optional.DownloadAssistant

v2015.02.06.05

MicroWorld eScan

Gen:Variant.Application.Bundler.Jaik.5699

16.0.0.96

NANO AntiVirus

Trojan.Win32.DownLoader12.dncixg

0.30.0.65070

Norman

Gen:Variant.Application.Bundler.32

11.20150206

Qihoo 360 Security

Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

PUP.DownloadManager

15.2.1.17

VIPRE Antivirus

Threat.4782985

36694

File size:

788.3 KB (807,168 bytes)

Product version:

3.0.0.73

Original file name:

WeatherBug.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

AirInstaller Download Manager

Language:

English (United States)

Common path:

C:\users\{user}\downloads\weatherbug.exe

Digital Signature

Signed by:

Download Manager, LLC

Authority:

VeriSign, Inc.

Valid from:

12/13/2014 7:00:00 PM

Valid to:

12/13/2016 6:59:59 PM

Subject:

CN="Download Manager, LLC", O="Download Manager, LLC", L=Elkhart, S=Indiana, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2E237E5FB17FCF829CCA0A9B6176FC0B

File PE Metadata

Compilation timestamp:

1/28/2015 2:30:21 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:hbFdxlYmY5Kq2w7R0zUSh8wV1EzwlA5rGnK4S8eciE5/RTz9:hZdabezUSh8wV1EzwlUGnK4SK5//

Entry address:

0x4D5CF

Entry point:

E8, 4E, 1A, 01, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 40, 4F, 4A, 00, 00, 74, 05, E9, B1, 1A, 01, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6... 
[+]

Entropy:

7.1198

The file WeatherBug.exe has been seen being distributed by the following URL.

http://download.down1oad.org/v2/click/80af325a/?d=http://down1oad.org/.../weatherbug.msi&n=WeatherBug&key=f581fe0d3096bcf033d57705335c820b59fbb604cbe771a28a3f422875feba8e&affiliate_image=&product_image=http://down1oad.org/.../weatherbug.png&sid=weatherbug&filename=WeatherBug

Remove WeatherBug.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.