WajamInternetEnhancer.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application WajamInternetEnhancer.exe has been detected as adware by 11 anti-malware scanners.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.15.2.5

MD5:
3ed1691bb498714bd331684e8215ca37

SHA-1:
84bf3c785cbca8adfd1766660cd8b9e7142ae275

SHA-256:
b4c8cf459b0d288417ca5503038fba47e750869dead8cdd4efb55a4fdeba7723

Scanner detections:
11 / 68

Status:
Adware

Analysis date:
11/22/2024 4:53:07 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Searcher
7.1.1

Baidu Antivirus
Adware.Win32.Wajam
4.0.3.141229

Clam AntiVirus
Win.Adware.Wajam-1
0.98/21511

Dr.Web
Adware.Searcher.2676
9.0.1.0363

Malwarebytes
PUP.Optional.Wajam
v2014.12.29.07

NANO AntiVirus
Riskware.Win32.Searcher.diwheb
0.30.0.64448

Norman
Suspicious_Gen4.HEKZE
11.20141229

Reason Heuristics
PUP.WajamInternetTechnologies.V
14.12.29.7

SUPERAntiSpyware
Adware.Wajam/Variant
10148

Trend Micro House Call
TROJ_GEN.R0C1H05JD14
7.2.363

VIPRE Antivirus
Wajam
36124

File size:
82.5 KB (84,480 bytes)

Product version:
2.15.2.5

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancer.exe

File PE Metadata
Compilation timestamp:
9/25/2014 9:23:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:V8kmUTvP7ad3spivLHDU7MSwLLrf/dx4TMKYtY:VvmUj2HQ8/rf6D

Entry address:
0x15D2E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
79.5 KB (81,408 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

TCP (HTTP):
Connects to 97.47.37a9.ip4.static.sl-reverse.com  (169.55.71.151:80)

TCP (HTTP):
Connects to snt-re3-7a.sjc.dropbox.com  (108.160.162.101:80)

TCP (HTTP):
Connects to iuscmdistc1201-ge-6-0.msft.net  (207.46.129.137:80)

TCP (HTTP):
Connects to ec2-54-208-30-101.compute-1.amazonaws.com  (54.208.30.101:80)

TCP (HTTP):
Connects to ec2-54-154-74-215.eu-west-1.compute.amazonaws.com  (54.154.74.215:80)

TCP (HTTP SSL):
Connects to ec2-52-72-157-241.compute-1.amazonaws.com  (52.72.157.241:443)

TCP (HTTP SSL):
Connects to ec2-52-6-82-78.compute-1.amazonaws.com  (52.6.82.78:443)

TCP (HTTP SSL):
Connects to ec2-52-40-59-115.us-west-2.compute.amazonaws.com  (52.40.59.115:443)

TCP (HTTP):

TCP (HTTP):
Connects to ec2-50-16-213-172.compute-1.amazonaws.com  (50.16.213.172:80)

TCP (HTTP):
Connects to ec2-107-20-243-153.compute-1.amazonaws.com  (107.20.243.153:80)

TCP (HTTP SSL):
Connects to blu402-m.hotmail.com  (134.170.0.199:443)

TCP (HTTP):
Connects to a23-202-103-153.deploy.static.akamaitechnologies.com  (23.202.103.153:80)

TCP (HTTP):
Connects to a184-26-143-24.deploy.static.akamaitechnologies.com  (184.26.143.24:80)

TCP (HTTP):
Connects to a184-26-142-251.deploy.static.akamaitechnologies.com  (184.26.142.251:80)

TCP (HTTP):
Connects to 30.3a.1632.ip4.static.sl-reverse.com  (50.22.58.48:80)

TCP (HTTP SSL):
Connects to 200-147-15-194.static.uol.com.br  (200.147.15.194:443)

TCP (HTTP):
Connects to 200-147-118-52.static.uol.com.br  (200.147.118.52:80)

Remove WajamInternetEnhancer.exe - Powered by Reason Core Security