» WeatherEye.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

WeatherEye.exe

WeatherEye

The Weather Network

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘WeatherEye’. This is installed with WeatherEye.

File name:

WeatherEye.exe

Publisher:

Pelmorex Media Inc. (signed by The Weather Network)

Product:

WeatherEye

Version:

3.0.0.13

MD5:

862fe983ec7deb56a3da787b2f2f0551

SHA-1:

023312fe0cf3f1739171f5bdc0b1d26ad1cbbe1f

SHA-256:

8022b5a25bf4152129bc66fb35c9c7c616668a48a87b513c5a05444fe7c3b436

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 8:16:58 AM UTC (today)

File size:

701.4 KB (718,232 bytes)

Product version:

3.0

Original file name:

WeatherEye.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Documents and Settings\{user}\Application data\météomédia\météoéclair\weathereye.exe

Digital Signature

Signed by:

The Weather Network

Authority:

VeriSign, Inc.

Valid from:

9/2/2008 8:00:00 PM

Valid to:

9/21/2011 7:59:59 PM

Subject:

CN=The Weather Network, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=The Weather Network, S=Ontario, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4FA584B47CB130E6B25062FB24EEE038

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:FgmpsOlPlGNvPBSmc8WySqr/g+xZR5OJexhutYym1MxXq/pjrjt:6mWt0r8Wwh3TCohutYyoMeHjt

Entry address:

0x8B63C

Entry point:

55, 8B, EC, B9, 05, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, EC, B2, 48, 00, E8, 03, B3, F7, FF, 33, C0, 55, 68, F4, BA, 48, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D2, BA, 48, 00, 64, FF, 32, 64, 89, 22, 33, D2, 55, 68, 7D, BA, 48, 00, 64, FF, 32, 64, 89, 22, E8, 6C, 78, F7, FF, 85, C0, 7E, 34, 8D, 55, E8, B8, 01, 00, 00, 00, E8, C3, 78, F7, FF, 8B, 45, E8, 8D, 55, EC, E8, 9C, D5, F7, FF, 8B, 45, EC, 50, 8D, 55, E4, B8, 0C, BB, 48, 00, E8, 8B, D5, F7, FF, 8B, 55, E4, 58, E8, 02, 94... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

555.5 KB (568,832 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

WeatherEye

Command:

C:\Documents and Settings\{user}\Application data\météomédia\météoéclair\weathereye.exe

The file WeatherEye.exe has been discovered within the following program.

WeatherEye by The Weather Network

Publisher's description - “The WeatherEye is like having our entire Weather Team on your PC. Always. Every minute you get the most up to date local forecasts, warnings, news, maps and more! WeatherEye shows forecasts of up to 5 days by default and 10 days.”

www.theweathernetwork.com/desktop

About 7% of users remove it

Scan WeatherEye.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.