WajamInternetEnhancer.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application WajamInternetEnhancer.exe has been detected as adware by 2 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 54789 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Wajam which is a potentially unwanted software program.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.14.1.81

MD5:
8471895f76b90c530a021f2d4466459e

SHA-1:
f84192ab5ec3c261ceba9fa865f61e2cae2b1997

SHA-256:
46d99615d14f7cd5bf4e6cf6c2edc6fb79706b9e80892676f25747e3043b2acc

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/24/2024 5:32:15 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.Wajam
v2014.08.27.06

Reason Heuristics
PUP.WajamInternetTechnologies.V
14.8.27.6

File size:
82.5 KB (84,480 bytes)

Product version:
2.14.1.81

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancer.exe

File PE Metadata
Compilation timestamp:
8/25/2014 10:15:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:o2xzUxTtaIfYxA8K9vnSJvleC0o3My2qGfvib1F7MSwLaVf/ZyQngVM:VxKTtaEYxVKPSJlomX8eVft

Entry address:
0x15BFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
79.5 KB (81,408 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:54789/

Local host port:
54789

Default credentials:
No


The file WajamInternetEnhancer.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to WIN-068J6M2A2OI  (38.130.218.56:80)

TCP (HTTP):
Connects to IP-130-73-156-104.static.fibrenoire.ca  (104.156.73.130:80)

TCP (HTTP):
Connects to a104-93-209-52.deploy.static.akamaitechnologies.com  (104.93.209.52:80)

TCP (HTTP):
Connects to static.145.4.76.144.clients.your-server.de  (144.76.4.145:80)

TCP (HTTP):
Connects to server-52-85-77-9.lax3.r.cloudfront.net  (52.85.77.9:80)

TCP (HTTP):
Connects to scl03s05-in-f7.1e100.net  (173.194.42.199:80)

TCP (HTTP):
Connects to rtr3.l7.search.vip.sg3.yahoo.com  (106.10.162.43:80)

TCP (HTTP SSL):
Connects to pa-in-f188.1e100.net  (74.125.25.188:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f9.1e100.net  (74.125.224.73:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f8.1e100.net  (74.125.224.72:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f5.1e100.net  (74.125.224.69:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f14.1e100.net  (74.125.224.78:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f12.1e100.net  (74.125.224.76:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f11.1e100.net  (74.125.224.75:443)

TCP (HTTP SSL):
Connects to lax17s02-in-f10.1e100.net  (74.125.224.74:443)

TCP (HTTP SSL):
Connects to lax04s09-in-f7.1e100.net  (74.125.239.7:443)

TCP (HTTP SSL):
Connects to lax04s09-in-f5.1e100.net  (74.125.239.5:443)

TCP (HTTP SSL):
Connects to lax02s20-in-f8.1e100.net  (74.125.224.136:443)

TCP (HTTP SSL):
Connects to lax02s20-in-f12.1e100.net  (74.125.224.140:443)

TCP (HTTP SSL):
Connects to lax02s20-in-f11.1e100.net  (74.125.224.139:443)

Remove WajamInternetEnhancer.exe - Powered by Reason Core Security