wajam_64.exe.patcher

The file wajam_64.exe.patcher has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Wajam which is a potentially unwanted software program. While running, it connects to the Internet address e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com on port 80 using the HTTP protocol.
Version:
1.60.10.2

MD5:
a55297e550790ad3a4db7e1e5e0e1ec4

SHA-1:
43ebf99f14261f2d0514f9e95d7a5fe11ba3c7a6

SHA-256:
b89e4ded4cf99dd866fad89e814fdeb03bf07c9f07a8ee1e25f0e5732b05072a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 4:42:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Wajam.Service
16.2.9.15

File size:
3 MB (3,135,488 bytes)

Product version:
1.60.10.2

Copyright:
Copyright (C) 2014

Language:
English (United States)

Common path:
C:\Program Files\wajaneten\wajam_64.exe.patcher

File PE Metadata
Compilation timestamp:
2/4/2016 4:38:54 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:qQd4HhlOdPqzUzsLirqktK75LBo8ZjkUXzC8ltT87SfTfaFbNelCC:3dU2qhjki1aFbQCC

Entry address:
0x181520

Entry point:
48, 83, EC, 28, E8, 73, 0B, 02, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 48, 83, EC, 28, E8, CF, 27, 01, 00, 69, 48, 1C, FD, 43, 03, 00, 81, C1, C3, 9E, 26, 00, 89, 48, 1C, C1, E9, 10, 81, E1, FF, 7F, 00, 00, 8B, C1, 48, 83, C4, 28, C3, CC, CC, CC, 40, 53, 48, 83, EC, 20, 8B, D9, E8, 9F, 27, 01, 00, 89, 58, 1C, 48, 83, C4, 20, 5B, C3, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8D, 4C, 24, 30, FF, 15, 2C, 0D, 08, 00, 48, 8B, 54, 24, 30, 48, B9, 00, 80, C1, 2A, 21, 4E, 62, FE, 48, 03, D1, 48, 83...
 
[+]

Code size:
2 MB (2,098,176 bytes)

The file wajam_64.exe.patcher has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to e3-1230v2.bl-ash0.1.1.2.5.a4.securedservers.com  (131.153.5.194:80)

Remove wajam_64.exe.patcher - Powered by Reason Core Security