WajamInternetEnhancer.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application WajamInternetEnhancer.exe has been detected as adware by 2 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 62015 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Wajam which is a potentially unwanted software program.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.12.2.8

MD5:
0cd1ed1f37c64e88661dedbd08bdadc8

SHA-1:
d517042a4d27654c3b4363d41ad111b5dc311d66

SHA-256:
a7efa1e50912ae0f8cfe680c6aceac5aee8726ad466660a78f1e6f95ab05652c

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
12/24/2024 12:44:44 PM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.Wajam
v2014.09.11.02

Reason Heuristics
PUP.WajamInternetTechnologies.V
14.8.3.8

File size:
82 KB (83,968 bytes)

Product version:
2.12.2.8

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancer.exe

File PE Metadata
Compilation timestamp:
7/31/2014 2:45:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:c2xzUxTmaJ/P/6b1oJulb2tgTgl7i4F97RnsRtRvJzEf31/l5jeSSSSH2C6U7MSF:RxKTmaJ/P/6b1oolb2tgTgl7i4FFRsRl

Entry address:
0x15B3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7773

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
79 KB (80,896 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:62015/

Local host port:
62015

Default credentials:
No


The file WajamInternetEnhancer.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to rtr3.l7.search.vip.bf1.yahoo.com  (63.250.200.63:80)

TCP (HTTP):
Connects to ec2-54-225-184-218.compute-1.amazonaws.com  (54.225.184.218:80)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-gru2.facebook.com  (31.13.85.36:443)

TCP (HTTP):
Connects to ec2-54-247-91-215.eu-west-1.compute.amazonaws.com  (54.247.91.215:80)

TCP (HTTP):
Connects to bb41034a.virtua.com.br  (187.65.3.74:80)

TCP (HTTP SSL):
Connects to yb-in-f100.1e100.net  (64.233.185.100:443)

TCP (HTTP SSL):
Connects to xx-fbcdn-shv-01-gru2.fbcdn.net  (31.13.85.4:443)

TCP (HTTP SSL):
Connects to vz-in-f95.1e100.net  (108.177.11.95:443)

TCP (HTTP SSL):
Connects to vw-in-f95.1e100.net  (173.194.217.95:443)

TCP (HTTP SSL):
Connects to vt-in-f95.1e100.net  (173.194.215.95:443)

TCP (HTTP SSL):
Connects to vl-in-f139.1e100.net  (74.125.141.139:443)

TCP (HTTP SSL):
Connects to vl-in-f102.1e100.net  (74.125.141.102:443)

TCP (HTTP SSL):
Connects to sof02s18-in-f35.1e100.net  (216.58.212.35:443)

TCP (HTTP):
Connects to server-54-230-17-45.iad12.r.cloudfront.net  (54.230.17.45:80)

TCP (HTTP):
Connects to server-54-230-140-235.sfo5.r.cloudfront.net  (54.230.140.235:80)

TCP:
Connects to qh-in-f188.1e100.net  (74.125.22.188:5228)

TCP (HTTP SSL):
Connects to pa-in-f95.1e100.net  (74.125.25.95:443)

TCP (HTTP):
Connects to ord08s12-in-f27.1e100.net  (74.125.225.27:80)

TCP (HTTP):
Connects to ord08s09-in-f26.1e100.net  (74.125.225.154:80)

TCP (HTTP):
Connects to oasn04a.247realmedia.com  (208.71.122.194:80)

Remove WajamInternetEnhancer.exe - Powered by Reason Core Security