home

SearchSnacksClientIE.dll

Search Snacks Client BHO x64

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The module SearchSnacksClientIE.dll by Search Snacks has been detected as adware by 13 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SearchSnacks’.
Publisher:
Search Snacks  (signed by Search Snacks, LLC)

Product:
Search Snacks Client BHO x64

Version:
1.10.0.3

MD5:
a5a7dfcb03b1e3873e02bb3707399ad1

SHA-1:
1601c072b61d3b291cc6437eed5da3f5edc2134f

SHA-256:
969f57e85eb88583f44ea06b31fa185823809fc2c002c877adfbc1adf39c88f1

Scanner detections:
13 / 68

Status:
Adware

Analysis date:
4/26/2024 11:24:45 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.B
806

AVG
Snacks
2015.0.3284

Baidu Antivirus
Adware.Win64.Vitruvian
4.0.3.141120

Bitdefender
Adware.Vitruvian.B
1.0.20.1620

Emsisoft Anti-Malware
Adware.Vitruvian
8.14.11.20.07

ESET NOD32
Win64/Adware.Vitruvian (variant)
8.10745

F-Secure
Adware.Vitruvian.B
11.2014-20-11_5

G Data
Adware.Vitruvian
14.11.24

IKARUS anti.virus
AdWare.Vitruvian
t3scan.1.8.3.0

MicroWorld eScan
Adware.Vitruvian.B
15.0.0.972

nProtect
Adware.Vitruvian.B
14.11.18.01

Reason Heuristics
PUP.BHO.SearchSnacks.U
14.11.20.19

VIPRE Antivirus
InfoAtoms
34912

File size:
177.6 KB (181,856 bytes)

Product version:
1.10.0.3

Copyright:
Copyright (C) 2014

Original file name:
SearchSnacksClientIE.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\Program Files\searchsnacks_1.10.0.3\ie\searchsnacksclientie.dll

Digital Signature
Signed by:
Search Snacks, LLC

Authority:
GlobalSign nv-sa

Valid from:
4/3/2014 4:07:56 PM

Valid to:
4/3/2016 4:07:56 PM

Subject:
E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213239AF4AE4C69B97F803376A194F08F4

Registration
CLSID:
{EE57E1D3-8B9D-4237-A301-460F36CF42F1}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
11/6/2014 12:35:17 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:S32IDvuAZBe63r9UcKQ+oisDuP9h4T+ofnguaOM+cqHK7cZfKAGbplazovpIaZE:SFvuAzrfBmxPH4TJPghH2ccZfKAGPPIT

Entry address:
0xF0F4

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, D3, 55, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 00, A4, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.8762

Code size:
95 KB (97,280 bytes)

Internet Explorer BHO
Display name:
SearchSnacks

CLSID:
{EE57E1D3-8B9D-4237-A301-460F36CF42F1}


Remove SearchSnacksClientIE.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.