» sssvc.exe
Overview
Analysis
File Details
Behaviors (1)

sssvc.exe

Search Snacks Client Service

Search Snacks, LLC

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application sssvc.exe by Search Snacks has been detected as adware by 18 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Search Snacks 1.10.0.0 Client Service”.

File name:

sssvc.exe

Publisher:

Search Snacks (signed by Search Snacks, LLC)

Product:

Search Snacks Client Service

Version:

1.10.0.0

MD5:

112842b51ab5678b0afcf27b5b1bbb90

SHA-1:

a9c2fbc402e67f5709fc842de58fb0e8b628a1e9

SHA-256:

e81d197667e6089ff33e9fdd8d9788cffb7f16afd80a99b057ea176821e27201

Scanner detections:

18 / 68

Status:

Adware

Analysis date:

4/16/2024 9:40:58 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Vitruvian.B

798

Agnitum Outpost

PUA.Vitruvian

7.1.1

AVG

Snacks

2015.0.3276

Baidu Antivirus

Adware.Win32.Vitruvian

4.0.3.141128

Bitdefender

Adware.Vitruvian.B

1.0.20.1660

Comodo Security

ApplicUnwnt

20073

Emsisoft Anti-Malware

Adware.Vitruvian

8.14.11.28.03

ESET NOD32

Win32/AdWare.Vitruvian (variant)

8.10721

Fortinet FortiGate

Riskware/Vitruvian

11/28/2014

F-Secure

Adware.Vitruvian.B

11.2014-28-11_6

G Data

Adware.Vitruvian

14.11.24

IKARUS anti.virus

PUA.Vitruvian

t3scan.1.8.3.0

MicroWorld eScan

Adware.Vitruvian.B

15.0.0.996

nProtect

Adware.Vitruvian.B

14.11.13.01

Reason Heuristics

PUP.Service.SearchSnacks.F

14.11.28.15

Sophos

Generic PUA KJ

4.98

Trend Micro House Call

Suspicious_GEN.F47V1015

7.2.332

VIPRE Antivirus

InfoAtoms

34772

File size:

271.1 KB (277,600 bytes)

Product version:

1.10.0.0

Original file name:

sssvc.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\searchsnacks_1.10.0.0\service\sssvc.exe

Digital Signature

Signed by:

Search Snacks, LLC

Authority:

GlobalSign nv-sa

Valid from:

4/3/2014 3:07:56 PM

Valid to:

4/3/2016 3:07:56 PM

Subject:

E=support@search-snacks.com, CN="Search Snacks, LLC", O="Search Snacks, LLC", L=Dover, S=Delaware, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11213239AF4AE4C69B97F803376A194F08F4

File PE Metadata

Compilation timestamp:

9/11/2014 9:57:19 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

6144:07DtBd02UprNJiAjDEV2kCTB+v3Btxb1BX:07DzdfUppJiAjIV2kCTOB1BX

Entry address:

0x21158

Entry point:

E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44... 
[+]

Entropy:

6.3159

Code size:

180.5 KB (184,832 bytes)

Service

Display name:

Search Snacks 1.10.0.0 Client Service

Service name:

sssvc_1.10.0.0

Description:

This service enables Search Snacks 1.10.0.0 on HTTP websites

Type:

Win32OwnProcess

Remove sssvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.