wajam_64.exe

The application wajam_64.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “WajaInternetEn Monitor”. This file is typically installed with the program Wajam which is a potentially unwanted software program. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. While running, it connects to the Internet address e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com on port 80 using the HTTP protocol.
Version:
1.50.1.13

MD5:
1ca1b2042659e237ffd6050202aca7de

SHA-1:
e217f71b6c7920d0e7d75d4275ad24837fe2860d

SHA-256:
16f6edfff448bac9ee9d5ff87a5c26399253a2b0b362bd6c288d4b0cbd2efc43

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
12/24/2024 5:00:32 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Solimba
4.0.3.15817

Reason Heuristics
PUP.Wajam.Meta (M)
15.8.17.23

File size:
2 MB (2,127,872 bytes)

Product version:
1.50.1.13

Copyright:
Copyright (C) 2014

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\wajainterneten\wajam_64.exe

File PE Metadata
Compilation timestamp:
8/17/2015 7:23:54 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:F4ClHvsGTgbqAM7mZb7rZ3odFU7LSZMRTsS2:wbZOImS

Entry address:
0xDE0D4

Entry point:
48, 83, EC, 28, E8, 2B, 05, 02, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 18, 48, 89, 4C, 24, 08, 55, 56, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 83, EC, 20, 41, 8B, E9, 45, 8B, F0, 4C, 8B, FA, 48, 85, D2, 74, 03, 48, 89, 0A, 48, 85, C9, 75, 17, E8, 50, E1, FF, FF, C7, 00, 16, 00, 00, 00, E8, 85, F3, 00, 00, 33, C0, E9, 8D, 01, 00, 00, 45, 85, C0, 74, 09, 41, 8D, 40, FE, 83, F8, 22, 77, DB, 0F, B7, 31, 33, FF, 48, 8D, 59, 02, 44, 8D, 6F, 08, EB, 07, 0F, B7, 33, 48, 83, C3, 02, 41, 8B...
 
[+]

Entropy:
6.1975

Code size:
1.3 MB (1,389,056 bytes)

Service
Display name:
WajaInternetEn Monitor

Description:
Enhances experience when browsing the web.

Type:
Win32OwnProcess

Depends on:
RPCSS


The file wajam_64.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com  (131.153.5.194:80)

Remove wajam_64.exe - Powered by Reason Core Security