home

snakpsk.dll

Great Apps

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser. Part of the Injekt brand of unwanted programs. The module snakpsk.dll by Great Apps has been detected as adware by 21 anti-malware scanners.
Publisher:
Great Apps  (signed and verified)

Version:
1.0.0.1

MD5:
000a1181bb9dafaf2060a42f712c3f5b

SHA-1:
5033dcb445f40c3403763e690d7d67c943dccf59

SHA-256:
5bdb9daa6281d99cb41231e02f66b4606ec4232395e0f812f4b521a0432aa0d7

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
4/25/2024 6:41:25 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.PullUpdate
2015.04.25

Avira AntiVirus
ADWARE/PullUpdate.Gen
3.6.1.96

AVG
Generic
2016.0.3129

Baidu Antivirus
Adware.MSIL.PullUpdate
4.0.3.15425

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Yontoo.68
9.0.1.05190

ESET NOD32
MSIL/Adware.PullUpdate.K.gen application
7.0.302.0

Fortinet FortiGate
Adware/Agent
4/25/2015

G Data
Win32.Application.Agent.BNS4J5
15.4.25

K7 AntiVirus
Adware
13.203.15707

Kaspersky
not-a-virus:AdWare.Win32.Agent
15.0.0.543

Malwarebytes
PUP.Optional.ZombieInvasion.A
v2015.04.25.03

McAfee
Artemis!000A1181BB9D
5600.6785

Panda Antivirus
Generic Suspicious
15.04.25.03

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
Threat.Injekt.GreatApps
15.4.24.23

Sophos
Generic PUA FA
4.98

Trend Micro House Call
TROJ_GEN.R021H07DL15
7.2.115

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Threat.4725471
39354

File size:
1.2 MB (1,240,536 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2014

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Application data\lacgxjqvbi\dat\snakpsk.dll

Digital Signature
Signed by:
Great Apps

Authority:
Symantec Corporation

Valid from:
2/16/2015 7:00:00 PM

Valid to:
2/17/2016 6:59:59 PM

Subject:
CN=Great Apps, O=Great Apps, L=St. Michael, S=St. Michael, C=BB

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
18DA5D77283E42E4EA6279778229FFBA

File PE Metadata
Compilation timestamp:
4/14/2015 10:40:57 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:+R8JpobIzu1j+afrTG9PlrLfm2WoW8fZ1fkMcAHF/oP:+6JWb3CafXMPlvJS8vs7Y/s

Entry address:
0x268B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4E, 26, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 30, BD, 00, 10, 89, 0D, 2C, BD, 00, 10, 89, 15, 28, BD, 00, 10, 89, 1D, 24, BD, 00, 10, 89, 35, 20, BD, 00, 10, 89, 3D, 1C, BD, 00, 10, 66, 8C, 15, 48, BD, 00, 10, 66, 8C, 0D, 3C, BD, 00, 10, 66, 8C, 1D, 18, BD, 00, 10, 66, 8C, 05, 14, BD, 00, 10, 66, 8C, 25, 10, BD, 00, 10, 66, 8C, 2D, 0C, BD, 00, 10, 9C, 8F, 05, 40, BD...
 
[+]

Entropy:
7.9783  (probably packed)

Code size:
28 KB (28,672 bytes)

Remove snakpsk.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.