WajamInternetEnhancer.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application WajamInternetEnhancer.exe has been detected as adware by 2 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 50187 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Wajam which is a potentially unwanted software program.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.8.2.8

MD5:
33d692e7d8e80abee96a640c1d9c1868

SHA-1:
75b93fc6d35b539be0dd78d476131788cc9fc53d

SHA-256:
8d5a2a6a566e235c3187a1bcd209531a2086360c7559056142d9ba6e9952434d

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
12/25/2024 1:36:07 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Wajam
4.0.3.14617

Reason Heuristics
PUP.WajamInternetTechnologies.V
14.6.17.18

File size:
65.5 KB (67,072 bytes)

Product version:
2.8.2.8

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancer.exe

File PE Metadata
Compilation timestamp:
6/6/2014 11:41:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:zbLStLnsM2BHVtNV+g36L9CB68c5gSQP/9GZk1JlHUKFia8K/8XI:WeM2BHVt7+g3K9C3c5lQP/9iOHHFim/B

Entry address:
0x119EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.5970

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
62.5 KB (64,000 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:50187/

Local host port:
50187

Default credentials:
No


The file WajamInternetEnhancer.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to d.v.dropbox.com  (108.160.172.193:443)

TCP (HTTP SSL):
Connects to r-52-45-234-77.ff.avast.com  (77.234.45.52:443)

TCP (HTTP):
Connects to 149-210-169-43.colo.transip.net  (149.210.169.43:80)

TCP (HTTP):
Connects to um-21.btrll.com  (162.208.22.39:80)

TCP (HTTP):
Connects to static-122-212-205-209.24shells.net  (209.205.212.122:80)

TCP (HTTP SSL):
Connects to server-54-230-51-21.jfk5.r.cloudfront.net  (54.230.51.21:443)

TCP (HTTP):
Connects to server-54-230-51-145.jfk5.r.cloudfront.net  (54.230.51.145:80)

TCP (HTTP):
Connects to server-54-192-48-72.jfk5.r.cloudfront.net  (54.192.48.72:80)

TCP (HTTP):
Connects to server-54-192-48-55.jfk5.r.cloudfront.net  (54.192.48.55:80)

TCP (HTTP):
Connects to server-54-192-48-42.jfk5.r.cloudfront.net  (54.192.48.42:80)

TCP (HTTP):
Connects to server-54-192-48-15.jfk5.r.cloudfront.net  (54.192.48.15:80)

TCP (HTTP):
Connects to server-54-192-48-121.jfk5.r.cloudfront.net  (54.192.48.121:80)

TCP (HTTP):
Connects to s3-1.amazonaws.com  (52.216.81.211:80)

TCP (HTTP SSL):
Connects to no.hugo.autoupdate.opera.com  (82.145.215.118:443)

TCP (HTTP):
Connects to map2.hwcdn.net  (205.185.216.10:80)

TCP (HTTP):
Connects to ie8-lo4ba.ebayc3.com  (66.211.186.206:80)

TCP (HTTP):
Connects to giitis.info  (174.37.174.84:80)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-gru2.facebook.com  (31.13.85.36:443)

TCP (HTTP):
Connects to ec2-54-85-217-66.compute-1.amazonaws.com  (54.85.217.66:80)

TCP (HTTP):
Connects to ec2-54-84-111-98.compute-1.amazonaws.com  (54.84.111.98:80)

Remove WajamInternetEnhancer.exe - Powered by Reason Core Security