» sssvc.exe
Overview
Analysis
File Details
Behaviors (1)

sssvc.exe

Search Snacks Client Service

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application sssvc.exe by Search Snacks has been detected as adware by 19 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Search Snacks 1.10.0.3 Client Service”.

File name:

sssvc.exe

Publisher:

Search Snacks (signed by Search Snacks, LLC)

Product:

Search Snacks Client Service

Version:

1.10.0.3

MD5:

7e47d691fb83a91ff84bab217b9554d4

SHA-1:

202ea1a555caec1e077559e53599728da7d3bef6

SHA-256:

fbbcd3b08f291ed63c24835e419184c89ac354d28059fcc0438b2515dc837ba2

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/19/2024 6:37:44 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Vitruvian.B

790

Agnitum Outpost

PUA.Vitruvian

7.1.1

AVG

Snacks

2015.0.3268

Baidu Antivirus

Adware.Win32.Vitruvian

4.0.3.14126

Bitdefender

Adware.Vitruvian.B

1.0.20.1700

Comodo Security

ApplicUnwnt

20073

Emsisoft Anti-Malware

Adware.Vitruvian

8.14.12.06.04

ESET NOD32

Win32/AdWare.Vitruvian (variant)

8.10745

Fortinet FortiGate

Riskware/Vitruvian

12/6/2014

F-Secure

Adware.Vitruvian.B

11.2014-06-12_7

G Data

Adware.Vitruvian

14.12.24

IKARUS anti.virus

PUA.Vitruvian

t3scan.1.8.3.0

McAfee

Artemis!7E47D691FB83

5600.6924

MicroWorld eScan

Adware.Vitruvian.B

15.0.0.1020

nProtect

Adware.Vitruvian.B

14.11.18.01

Reason Heuristics

PUP.Service.SearchSnacks.F

14.12.6.16

Sophos

Generic PUA CA

4.98

Trend Micro House Call

Suspicious_GEN.F47V1015

7.2.340

VIPRE Antivirus

InfoAtoms

34912

File size:

271.1 KB (277,600 bytes)

Product version:

1.10.0.3

Original file name:

sssvc.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\searchsnacks_1.10.0.3\service\sssvc.exe

Digital Signature

Signed by:

Search Snacks, LLC

Authority:

GlobalSign nv-sa

Valid from:

4/3/2014 5:07:56 PM

Valid to:

4/3/2016 5:07:56 PM

Subject:

E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata

Compilation timestamp:

11/6/2014 1:35:19 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

6144:07DtBd02UprNJiAjDMV0kCTB/v3B1xb1S:07DzdfUppJiAjAV0kCTxB1S

Entry address:

0x21158

Entry point:

E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44... 
[+]

Entropy:

6.3159

Code size:

180.5 KB (184,832 bytes)

Service

Display name:

Search Snacks 1.10.0.3 Client Service

Service name:

sssvc_1.10.0.3

Description:

This service enables Search Snacks 1.10.0.3 on HTTP websites

Type:

Win32OwnProcess

Remove sssvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.