home

SearchSnacksAutoUpdateClient.exe

Search Snacks AutoUpdate Client

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application SearchSnacksAutoUpdateClient.exe by Search Snacks has been detected as adware by 12 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks AutoUpdate Client

Version:
1.10.0.0

MD5:
c2c60f97ff23ba7203020013a39fbcae

SHA-1:
1900116f73ca48933b1aa4099d65eeb4b90a76df

SHA-256:
8cf1498e7013f25a40c17c60ac0e113b3c0a5e436e795b09103df1695082a7e2

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
4/23/2024 10:17:46 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
798

AVG
Snacks
2015.0.3276

Bitdefender
Adware.Vitruvian.B
1.0.20.1660

Emsisoft Anti-Malware
Adware.Vitruvian
8.14.11.28.03

F-Secure
Adware.Vitruvian.B
11.2014-28-11_6

G Data
Adware.Vitruvian
14.11.24

MicroWorld eScan
Adware.Vitruvian.B
15.0.0.996

NANO AntiVirus
Trojan.Win32.DownLoader10.dchvye
0.28.6.62995

nProtect
Adware.Vitruvian.B
14.10.29.01

Reason Heuristics
PUP.Task.SearchSnacks.CC
14.11.28.15

Trend Micro House Call
Suspicious_GEN.F47V1024
7.2.332

VIPRE Antivirus
InfoAtoms
34344

File size:
61.6 KB (63,072 bytes)

Product version:
1.10.0.0

Copyright:
Copyright (C) 2014

Original file name:
SearchSnacksAutoUpdateClient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\searchsnacks_1.10.0.0\update\searchsnacksautoupdateclient.exe

Digital Signature
Signed by:
Search Snacks, LLC

Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 3:07:56 PM

Valid to:
4/3/2016 3:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata
Compilation timestamp:
9/11/2014 9:57:11 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:pKVhEJj2Bq1VOwR8syFHsqBCE+93xOhgJwmzbmH/MxX4uAnzEcUHR5zBvvxbVV7D:ge73WmwmeWIuAnzEpJpb7O8fWpMexAu+

Entry address:
0xF33E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5664

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
53 KB (54,272 bytes)

Scheduled Task
Task name:
SearchSnacks Auto Updater 1.10.0.0 Core

Trigger:
Daily (Runs daily at 2:27 PM)

Description:
SearchSnacks Auto Updater 1.10.0.0 Core


Remove SearchSnacksAutoUpdateClient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.