65c8f2523bd9814a76567537fbaee72e.exe

The application 65c8f2523bd9814a76567537fbaee72e.exe has been detected as a potentially unwanted program by 7 anti-malware scanners. This file is typically installed with the program Wajam which is a potentially unwanted software program. While running, it connects to the Internet address e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com on port 80 using the HTTP protocol.
Version:
1.57.5.12

MD5:
61d3c5443dbe4cacf2132fc677299b73

SHA-1:
5258b833042a653dbcaf07511d6035ee8dedc936

SHA-256:
57a2d3ed775d4723d3d4a62e6d5d18ed8353797453f3b37e7004a26c9f9706c6

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 4:53:17 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Generic.15514474
11.5.0.6191

ESET NOD32
Win32/Wajam.AA potentially unwanted application
8.0.319.0

Kaspersky
not-a-virus:Downloader.Win32.Wajam
15.0.0.562

Norman
Trojan.Generic.15514474
22.05.2016 07:18:28

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.Win.Reputation
16.1.4.14

VIPRE Antivirus
Threat.4753062
50170

File size:
2 MB (2,045,440 bytes)

Product version:
1.57.5.12

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\waneten\65c8f2523bd9814a76567537fbaee72e.exe

File PE Metadata
Compilation timestamp:
12/9/2015 12:21:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:Kf9A8tQslK2lTagf3Ovf2jRqYWmpqEQcsvT802yLagnwotzhTxIQF:KJcgWvm/k809fwoJ

Entry address:
0x10C83A

Entry point:
E8, 26, C0, 01, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 53, 56, 8B, 75, 08, 57, 56, E8, 58, AA, 00, 00, 59, 83, F8, 05, 0F, 82, 8B, 00, 00, 00, 0F, B7, 06, 6A, 2F, 5F, 6A, 5C, 5B, 66, 3B, C3, 74, 05, 66, 3B, C7, 75, 78, 0F, B7, 46, 02, 66, 3B, C3, 74, 05, 66, 3B, C7, 75, 6A, 0F, B7, 46, 04, 66, 3B, C3, 74, 61, 66, 3B, C7, 74, 5C, 8D, 46, 06, 0F, B7, 08, 66, 85, C9, 74, 51, 66, 3B, CB, 74, 10, 66, 3B, CF, 74, 0B, 83, C0, 02, 0F, B7, 08, 66, 85, C9, 75, EB, 33, D2, 66, 39, 10, 74, 35, 83, C0, 02, 66, 39, 10, 74...
 
[+]

Entropy:
6.4452

Code size:
1.5 MB (1,545,216 bytes)

The file 65c8f2523bd9814a76567537fbaee72e.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com  (131.153.5.194:80)

Remove 65c8f2523bd9814a76567537fbaee72e.exe - Powered by Reason Core Security