home

saverforsnapchatpc-setup.exe

Saver for Snapchat (PC)

Athena IT Limited

The application saverforsnapchatpc-setup.exe, “Saver for Snapchat (PC) Setup ” by Athena IT Limited has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
ChitChat.org.uk   (signed by Athena IT Limited)

Product:
Saver for Snapchat (PC)

Description:
Saver for Snapchat (PC) Setup

Version:
1.1.769.0

MD5:
ce7600cc87bc76e51c78a56d9f898c11

SHA-1:
a81050c5e75eb4ad31e17dfe022a8058321608e2

SHA-256:
70dd5bf065a715faf132dec99c92c28695fd57e088741d86fdca3d4f65055113

Scanner detections:
22 / 68

Status:
Adware

Analysis date:
4/24/2024 4:48:08 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Relevant.BH
982

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.149.206

avast!
Win32:PUP-gen [PUP]
2014.9-140528

AVG
RelevantKnowledge
2015.0.3460

Bitdefender
Adware.Relevant.BH
1.0.20.740

Comodo Security
UnclassifiedMalware
18276

Dr.Web
Adware.Relevant.81
9.0.1.0148

Emsisoft Anti-Malware
Adware.Relevant.BH
8.14.05.28.04

ESET NOD32
Win32/Adware.MarketScore
8.9802

Fortinet FortiGate
Riskware/MarketScore
5/28/2014

F-Secure
Adware.Relevant.BH
11.2014-28-05_4

G Data
Adware.Relevant.BH
14.5.24

K7 AntiVirus
Unwanted-Program
13.177.12080

Kaspersky
not-a-virus:HEUR:Monitor.Win32.RK
14.0.0.3797

McAfee
Artemis!CE7600CC87BC
5600.7116

MicroWorld eScan
Adware.Relevant.BH
15.0.0.444

NANO AntiVirus
Trojan.Win32.Relevant.cbpeni
0.28.0.59826

nProtect
Adware.Relevant.BH
14.05.15.01

Qihoo 360 Security
Win32/Virus.Monitor.ca9
1.0.0.1015

Reason Heuristics
PUP.Installer.AthenaITLimited.Y
14.8.31.22

Sophos
Generic PUA KI
4.98

Trend Micro House Call
TROJ_GEN.F47V0506
7.2.148

File size:
4.6 MB (4,777,640 bytes)

Product version:
1.1.769.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\saverforsnapchatpc-setup.exe

Digital Signature
Signed by:
Athena IT Limited

Authority:
COMODO CA Limited

Valid from:
9/11/2013 3:00:00 AM

Valid to:
9/12/2015 2:59:59 AM

Subject:
CN=Athena IT Limited, O=Athena IT Limited, STREET=3 Oakapple Close, STREET=Wanborough, L=Swindon, S=Wiltshire, PostalCode=SN4 0EW, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
77A23924790352E85BE27B1F3714E36A

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:HUDEQL6oWbmGXaPDe/e0E8zs3iTqJYTvZw1JxNev32lNLbKkPuvs5yZH:ZylG6De/+Ss3iFTZw1VeP2llbKKuvrd

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9968

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file saverforsnapchatpc-setup.exe has been seen being distributed by the following URL.

http://files.chitchat.org.uk/SaverforSnapchatPC-Setup.exe

Remove saverforsnapchatpc-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.