home

snikers.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10039.chomikuj.pl.
MD5:
ad3608f6de55e9a1bbe7b207dbef18a4

SHA-1:
5918a7a320e41e30b1d0cb4bdc85ecbbfa500829

SHA-256:
cfb79196b6f5015196d088a145c934b0665fa28cf393259ae56e6e4961f2485a

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
6/18/2025 10:08:17 PM UTC  (today)

Scan engine
Detection
Engine version

K7 AntiVirus
Trojan
13.212.18232

Rising Antivirus
PE:Malware.UDM(Delf)!1.6547 [F]
23.00.65.16208

Vba32 AntiVirus
suspected of Backdoor.Delf.156
3.12.26.4

File size:
2 MB (2,089,472 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\snikers\snikers.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:WHN3U/pJtvfaH6uOjTHd9UaHvazMQN/1DIKj+9QWSf95E4ndzDv1:WRq7Zyio7NDI+5E4ndXv1

Entry address:
0xF07C4

Entry point:
55, 8B, EC, 83, C4, F0, B8, 3C, 02, 4F, 00, E8, 90, 68, F1, FF, A1, 10, 3C, 4F, 00, 8B, 00, E8, E4, B3, F7, FF, 6A, EC, A1, 10, 3C, 4F, 00, 8B, 00, 8B, 40, 30, 50, E8, AE, 72, F1, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, 10, 3C, 4F, 00, 8B, 00, 8B, 40, 30, 50, E8, B6, 74, F1, FF, 8B, 0D, FC, 3D, 4F, 00, A1, 10, 3C, 4F, 00, 8B, 00, 8B, 15, DC, C5, 4E, 00, E8, BA, B3, F7, FF, A1, 10, 3C, 4F, 00, 8B, 00, E8, 2E, B4, F7, FF, E8, E9, 42, F1, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
958.5 KB (981,504 bytes)

The file snikers.exe has been seen being distributed by the following URL.

http://s10039.chomikuj.pl/File.aspx?e=bYF3bkzGySVDtBshEh8DZJjwqY1gF33-9QOqCw9mNOsEvpdgMtAhBf0m29JCFHIa51oqLFV-uGCOY5qitdfHs9FXk7UU5KnI5VPaE3vWIBU7a6Os2SbMDbFtjmfGJUKqkOMY_XLWDUV6tCKJRcdjeg&pv=2

Scan snikers.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.