searchsnacks.exe

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application searchsnacks.exe, “Search Snacks Setup” by Search Snacks has been detected as adware by 31 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks

Description:
Search Snacks Setup

Version:
1.10.0.7

MD5:
fc7165e23686afc1cec077e15e6720ab

SHA-1:
6937cb3f4b9f46fe1e5cd505695ef39f0c1f39ea

SHA-256:
c9d58fccdf398ff5207defd681735a50ab695da6cb2bf33c52a4c08ef45edbbb

Scanner detections:
31 / 68

Status:
Adware

Analysis date:
11/23/2024 8:12:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
741

Agnitum Outpost
PUA.Popad
7.1.1

AhnLab V3 Security
PUP/Win32.SearchSnacks
2015.01.25

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.204.248

avast!
Win32:Adware-gen [Adw]
2014.9-150124

AVG
Snacks
2016.0.3219

Baidu Antivirus
Adware.Win32.Vitruvian
4.0.3.15124

Bitdefender
Adware.Vitruvian.B
1.0.20.120

Comodo Security
ApplicUnwnt
19861

Dr.Web
Adware.Plugin.274
9.0.1.024

Emsisoft Anti-Malware
Adware.Vitruvian
8.15.01.24.09

ESET NOD32
Win64/Riskware.NetFilter (variant)
9.11067

Fortinet FortiGate
Riskware/Vitruvian
1/24/2015

F-Prot
W32/A-a5d79c65
v6.4.7.1.166

F-Secure
Adware.Vitruvian.B
11.2015-24-01_7

G Data
Adware.Vitruvian
15.1.24

IKARUS anti.virus
AdWare.Vitruvian
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.192.14744

Malwarebytes
PUP.Optional.SearchSnacks.A
v2015.01.24.09

McAfee
Artemis!A014CD722117
5600.6875

MicroWorld eScan
Adware.Vitruvian.B
16.0.0.72

NANO AntiVirus
Trojan.Win32.Stealer.cwxrck
0.30.0.64448

nProtect
Adware.Vitruvian.B
15.01.23.01

Qihoo 360 Security
HEUR/QVM00.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.InfoAtoms
15.1.24.21

Sophos
Generic PUA IC
4.98

Trend Micro House Call
Suspici.A8E180B1
7.2.24

Trend Micro
TROJ_GE.7C30DE3A
10.465.24

Vba32 AntiVirus
AdWare.Vitruvian
3.12.26.3

VIPRE Antivirus
InfoAtoms
36936

Zillya! Antivirus
Backdoor.CPEX.Win32.30054
2.0.0.2044

File size:
1.1 MB (1,143,384 bytes)

Product version:
1.10.0.7

Copyright:
(c) 2014 Search Snacks

Original file name:
searchsnacks-setup.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\searchsnacks.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 2:07:56 PM

Valid to:
4/3/2016 2:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata
Compilation timestamp:
12/5/2009 2:52:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:p9CsMoJJoot23ZgGT0rvdAJ6JXTZ9HNx9Vsx2vhulD7cTjNnF1KDb:B3/gJgGT0rFAJQTbty2wlDmnI

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 6F, 44, 00, E8, 09, 2C, 00, 00, A3, A4, 6E, 44, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, 9C, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 2E, 44, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, F0, 46, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.8548

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove searchsnacks.exe - Powered by Reason Core Security