SearchSnacksAutoUpdateClient.exe

Search Snacks AutoUpdate Client

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application SearchSnacksAutoUpdateClient.exe by Search Snacks has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks AutoUpdate Client

Version:
1.10.0.9

MD5:
ec7522d23200e2e5a7a183cfef775afb

SHA-1:
249c9addfde5654f2f079df84280402998231066

SHA-256:
38d8dcd3991bea86fda84efc0932155ea42231c614a1eb188402b9c6d621441c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 1:41:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InfoAtoms (M)
16.9.20.22

File size:
266.1 KB (272,480 bytes)

Product version:
1.10.0.9

Copyright:
Copyright (C) 2015

Original file name:
SearchSnacksAutoUpdateClient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\searchsnacks_1.10.0.9\update\searchsnacksautoupdateclient.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 11:07:56 PM

Valid to:
4/3/2016 11:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata
Compilation timestamp:
2/3/2015 10:30:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:tYEQO++5WvCdfPOvr4U1pEHBAnpK37nX+rV5VqfAyxfys44Sy4t508gDrHPsQH1g:tYE0+5WvCdfPOvr4Err6ioRHn7cN

Entry address:
0x424AA

Entry point:
FF, 25, B8, 24, 44, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8C, 24, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, F9, 2F, D1, 54, 00, 00, 00, 00, 02, 00, 00, 00, 93, 00, 00, 00, DC, 24, 04, 00, DC, 06, 04, 00, 52, 53, 44, 53, EF, EE, E9, BF, 6D, D2, 6B, 4C, AF, FF, 41, 83, E9, D7, 53, 60, 01, 00, 00, 00, 43, 3A, 5C, 43, 4F, 44, 45, 5C, 76, 69, 74, 72, 75, 76, 69, 61, 6E, 5C, 63, 6C, 69, 65, 6E, 74, 5C, 49, 6E, 73, 74, 61, 6C, 6C, 65, 72, 73, 5C, 57, 69, 6E, 64, 6F, 77, 73, 5C, 56, 69, 74, 72, 75, 76, 69, 61, 6E, 53...
 
[+]

Entropy:
5.9537

Code size:
257.5 KB (263,680 bytes)

Scheduled Task
Task name:
SearchSnacks Auto Updater 1.10.0.9 Core

Trigger:
Logon (Runs on logon)

Description:
SearchSnacks Auto Updater 1.10.0.9 Core


Remove SearchSnacksAutoUpdateClient.exe - Powered by Reason Core Security