ssnfd_1_10_0_7.sys

Search Snacks Driver x64

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The file ssnfd_1_10_0_7.sys by Search Snacks has been detected as adware by 13 anti-malware scanners. It runs as a Windows 64-bit kernel mode device driver named “ssnfd_1_10_0_7”.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks Driver x64

Version:
1.10.0.7

MD5:
d1faac160dad1c6f71887e2202c444b9

SHA-1:
29ceeaed739b6f07439c007053fad315098b67bb

SHA-256:
0243f34798e046ecc197ff278c7bf8757336fd9d3e8258afa7d47b1f1ff82ce5

Scanner detections:
13 / 68

Status:
Adware

Analysis date:
11/23/2024 7:53:04 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
737

AVG
Snacks
2016.0.3215

Bitdefender
Adware.Vitruvian.B
1.0.20.140

Dr.Web
Adware.Plugin.274
9.0.1.028

Emsisoft Anti-Malware
Adware.Vitruvian
8.15.01.28.05

ESET NOD32
Win64/Riskware.NetFilter (variant)
9.11068

F-Secure
Adware.Vitruvian.B
11.2015-28-01_4

G Data
Adware.Vitruvian
15.1.24

Malwarebytes
PUP.Optional.SearchSnacks.A
v2015.01.28.05

MicroWorld eScan
Adware.Vitruvian.B
16.0.0.84

nProtect
Adware.Vitruvian.B
15.01.23.01

Reason Heuristics
PUP.InfoAtoms
15.1.28.17

VIPRE Antivirus
InfoAtoms
36950

File size:
56.9 KB (58,248 bytes)

Product version:
1.10.0.7

Copyright:
Copyright (C) 2015

Original file name:
ssnfd.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Windows\System32\drivers\ssnfd_1_10_0_7.sys

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 2:07:56 PM

Valid to:
4/3/2016 2:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata
Compilation timestamp:
8/21/2012 3:34:56 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
1536:YiBIL6sCyo5oIUo0I77nPaXq4Fs+hMeGlDOtcRn8m:tC6sCysD7L+Fs+hYOtcRn8m

Entry address:
0x10008

Entry point:
48, 8B, 05, F1, D0, FF, FF, 49, B9, 32, A2, DF, 2D, 99, 2B, 00, 00, 48, 85, C0, 74, 05, 49, 3B, C1, 75, 2F, 4C, 8D, 05, D6, D0, FF, FF, 48, B8, 20, 03, 00, 00, 80, F7, FF, FF, 48, 8B, 00, 49, 33, C0, 49, B8, FF, FF, FF, FF, FF, FF, 00, 00, 49, 23, C0, 49, 0F, 44, C1, 48, 89, 05, AE, D0, FF, FF, 48, F7, D0, 48, 89, 05, AC, D0, FF, FF, E9, DB, B0, FF, FF, CC, CC, CC, B0, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, B4, 04, 01, 00, 10, C0, 00, 00, A0, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, D6, 04, 01, 00...
 
[+]

Entropy:
6.3843

Code size:
44 KB (45,056 bytes)

Driver
Display name:
ssnfd_1_10_0_7

Type:
Kernel device driver (KernelDriver)

Group:
PNP_TDI


Remove ssnfd_1_10_0_7.sys - Powered by Reason Core Security