sn-sncrack.exe

The application sn-sncrack.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from social-network-games.ru.
MD5:
95a2dcfa2de92fc674c9de04b4ccf8c0

SHA-1:
f3e5df883e8eb265c7100b4ec9425a2bed747ccc

SHA-256:
7e3e2b9ac5fee9a0ec0ec76310c7aebf07df85eb188bc746e237062e3bd62330

Scanner detections:
23 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:22:55 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11388563
181

Avira AntiVirus
TR/Rogue.104050276
8.3.1.6

avast!
Win32:Malware-gen
2014.9-160807

AVG
Skodna.ArchSMS
2017.0.2659

Baidu Antivirus
Trojan.Win32.ArchSMS
4.0.3.1687

Bitdefender
Trojan.Generic.11388563
1.0.20.1100

Comodo Security
TrojWare.Win32.ArchSMS.ACD
22243

Dr.Web
Trojan.Fraudster.1252
9.0.1.0220

Emsisoft Anti-Malware
Trojan.Generic.11388563
8.16.08.07.09

ESET NOD32
Win32/Hoax.ArchSMS.AHM (variant)
10.11679

Fortinet FortiGate
Riskware/ArchSMS
8/7/2016

F-Secure
Trojan.Generic.11388563
11.2016-07-08_1

G Data
Trojan.Generic.11388563
16.8.25

IKARUS anti.virus
Trojan.Rogue
t3scan.1.8.9.0

Malwarebytes
PUP.SmsPay
v2016.08.07.09

McAfee
RDN/Generic PUP.x!c2r
5600.6315

MicroWorld eScan
Trojan.Generic.11388563
17.0.0.660

NANO AntiVirus
Trojan.Win32.Rogue.ctchuc
0.30.24.1636

Norman
Suspicious_Gen4.FSLOA
11.20160807

nProtect
Trojan.Generic.11388563
15.05.22.01

Qihoo 360 Security
Win32/Trojan.c3a
1.0.0.1015

Sophos
Generic PUA PD
4.98

Trend Micro House Call
TROJ_GEN.R03EC0EDS15
7.2.220

File size:
123 KB (125,952 bytes)

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

File PE Metadata
Compilation timestamp:
1/21/2014 2:59:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
1536:lmnnYwPv/nJmCLGUIO0PmDBAXP3XP6mQwqMnO:Yv/JcrO0PGBA/FpqM

Entry address:
0x1000

Entry point:
68, 64, 00, 00, 00, 68, 00, 00, 00, 00, 68, 94, 17, 42, 00, E8, FC, 3F, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, F5, 3F, 00, 00, A3, 98, 17, 42, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, E2, 3F, 00, 00, A3, 94, 17, 42, 00, B8, 01, 03, 42, 00, A3, 9C, 17, 42, 00, E8, C2, C6, 00, 00, E8, 84, BC, 00, 00, E8, 7F, B0, 00, 00, E8, B9, AE, 00, 00, E8, 4F, A8, 00, 00, E8, C5, A7, 00, 00, E8, A9, A7, 00, 00, E8, AC, 93, 00, 00, E8, 26, 53, 00, 00, E8, A5, 52, 00, 00, E8, CE, 51, 00, 00...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
50 KB (51,200 bytes)

The file sn-sncrack.exe has been seen being distributed by the following URL.

Remove sn-sncrack.exe - Powered by Reason Core Security