» sn-sncrack.exe
Overview
Analysis
File Details
Downloads (1)

sn-sncrack.exe

The application sn-sncrack.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from social-network-games.ru.

File name:

sn-sncrack.exe

MD5:

95a2dcfa2de92fc674c9de04b4ccf8c0

SHA-1:

f3e5df883e8eb265c7100b4ec9425a2bed747ccc

SHA-256:

7e3e2b9ac5fee9a0ec0ec76310c7aebf07df85eb188bc746e237062e3bd62330

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 11:42:48 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11388563

181

Avira AntiVirus

TR/Rogue.104050276

8.3.1.6

avast!

Win32:Malware-gen

2014.9-160807

AVG

Skodna.ArchSMS

2017.0.2659

Baidu Antivirus

Trojan.Win32.ArchSMS

4.0.3.1687

Bitdefender

Trojan.Generic.11388563

1.0.20.1100

Comodo Security

TrojWare.Win32.ArchSMS.ACD

22243

Dr.Web

Trojan.Fraudster.1252

9.0.1.0220

Emsisoft Anti-Malware

Trojan.Generic.11388563

8.16.08.07.09

ESET NOD32

Win32/Hoax.ArchSMS.AHM (variant)

10.11679

Fortinet FortiGate

Riskware/ArchSMS

8/7/2016

F-Secure

Trojan.Generic.11388563

11.2016-07-08_1

G Data

Trojan.Generic.11388563

16.8.25

IKARUS anti.virus

Trojan.Rogue

t3scan.1.8.9.0

Malwarebytes

PUP.SmsPay

v2016.08.07.09

McAfee

RDN/Generic PUP.x!c2r

5600.6315

MicroWorld eScan

Trojan.Generic.11388563

17.0.0.660

NANO AntiVirus

Trojan.Win32.Rogue.ctchuc

0.30.24.1636

Norman

Suspicious_Gen4.FSLOA

11.20160807

nProtect

Trojan.Generic.11388563

15.05.22.01

Qihoo 360 Security

Win32/Trojan.c3a

1.0.0.1015

Sophos

Generic PUA PD

4.98

Trend Micro House Call

TROJ_GEN.R03EC0EDS15

7.2.220

File size:

123 KB (125,952 bytes)

File type:

Executable application (Win32 EXE)

Language:

Russian (Russia)

File PE Metadata

Compilation timestamp:

1/21/2014 2:59:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

1536:lmnnYwPv/nJmCLGUIO0PmDBAXP3XP6mQwqMnO:Yv/JcrO0PGBA/FpqM

Entry address:

0x1000

Entry point:

68, 64, 00, 00, 00, 68, 00, 00, 00, 00, 68, 94, 17, 42, 00, E8, FC, 3F, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, F5, 3F, 00, 00, A3, 98, 17, 42, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, E2, 3F, 00, 00, A3, 94, 17, 42, 00, B8, 01, 03, 42, 00, A3, 9C, 17, 42, 00, E8, C2, C6, 00, 00, E8, 84, BC, 00, 00, E8, 7F, B0, 00, 00, E8, B9, AE, 00, 00, E8, 4F, A8, 00, 00, E8, C5, A7, 00, 00, E8, A9, A7, 00, 00, E8, AC, 93, 00, 00, E8, 26, 53, 00, 00, E8, A5, 52, 00, 00, E8, CE, 51, 00, 00... 
[+]

Packer / compiler:

PKLITE32, 0x1.1

Code size:

50 KB (51,200 bytes)

The file sn-sncrack.exe has been seen being distributed by the following URL.

http://social-network-games.ru/sn-sncrack.exe

Remove sn-sncrack.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.