SearchSnacksAutoUpdateClient.exe

Search Snacks AutoUpdate Client

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application SearchSnacksAutoUpdateClient.exe by Search Snacks has been detected as adware by 10 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks AutoUpdate Client

Version:
1.10.0.7

MD5:
f584dd6207600973f8ee30ab0c8edd1b

SHA-1:
57b67a55c0a1553aebcd8d1ca835865f32584a63

SHA-256:
c51ceb0608130e86807f92ea5b030e483bce595c5c05df2c08740be378fe7f1f

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
11/23/2024 8:11:56 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
741

AVG
Snacks
2016.0.3219

Bitdefender
Adware.Vitruvian.B
1.0.20.120

Emsisoft Anti-Malware
Adware.Vitruvian
8.15.01.24.09

F-Secure
Adware.Vitruvian.B
11.2015-24-01_7

G Data
Adware.Vitruvian
15.1.24

MicroWorld eScan
Adware.Vitruvian.B
16.0.0.72

nProtect
Adware.Vitruvian.B
15.01.23.01

Reason Heuristics
PUP.Task.InfoAtoms
15.1.24.21

VIPRE Antivirus
InfoAtoms
36936

File size:
64.6 KB (66,144 bytes)

Product version:
1.10.0.7

Copyright:
Copyright (C) 2015

Original file name:
SearchSnacksAutoUpdateClient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\searchsnacks_1.10.0.7\update\searchsnacksautoupdateclient.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 2:07:56 PM

Valid to:
4/3/2016 2:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata
Compilation timestamp:
1/16/2015 2:43:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:cYRPQm5Z8YKjw4y3jAvUo8PZ/w9xyARTuiHQVMEm3cqBDdL2eKAjsEopMeApg2ro:XRp8YpgHTXHGMEgcQDYeLipMeao

Entry address:
0xFFDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5947

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
56 KB (57,344 bytes)

Scheduled Task
Task name:
SearchSnacks Auto Updater 1.10.0.7 Core

Trigger:
Logon (Runs on logon)

Description:
SearchSnacks Auto Updater 1.10.0.7 Core


Remove SearchSnacksAutoUpdateClient.exe - Powered by Reason Core Security