wajaminternetenhancerapp.exe

Internet Enhancer

The application wajaminternetenhancerapp.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This executable runs as a local area network (LAN) Internet proxy server listening on port 51756 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Wajam which is a potentially unwanted software program. While running, it connects to the Internet address server-54-192-150-14.sin2.r.cloudfront.net on port 80 using the HTTP protocol.
Product:
Internet Enhancer

Version:
2.19.2.6

MD5:
2342a1543a75a21f65a3f2942dd4044f

SHA-1:
384430d0db71722482486fae57b179f2a27e29cc

SHA-256:
63c6bbbbde3ac628dda6f7cdc8192fa52bfe444667e1db2a5bb56c2e3997426d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 3:44:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Wajam.Meta
15.6.15.10

File size:
81 KB (82,944 bytes)

Product version:
2.19.2.6

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancerapp.exe

File PE Metadata
Compilation timestamp:
12/2/2014 9:56:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:mp/+g+sxaQQ85+3pfTefSWazmxuhbZKe:pnqt5kf/WazR3

Entry address:
0x1592E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
78.5 KB (80,384 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:51756/

Local host port:
51756

Default credentials:
No


The file wajaminternetenhancerapp.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-sin6.facebook.com  (157.240.7.35:443)

TCP (HTTP SSL):
Connects to edge-z-m-mini-shv-01-sin6.facebook.com  (157.240.7.36:443)

TCP (HTTP SSL):
Connects to ec2-34-199-132-228.compute-1.amazonaws.com  (34.199.132.228:443)

TCP (HTTP SSL):
Connects to xx-fbcdn-shv-01-sin6.fbcdn.net  (157.240.7.26:443)

TCP (HTTP SSL):
Connects to edge-star-shv-01-sin6.facebook.com  (157.240.7.20:443)

TCP (HTTP SSL):
Connects to ec2-52-72-157-241.compute-1.amazonaws.com  (52.72.157.241:443)

TCP (HTTP SSL):
Connects to a-0001.a-msedge.net  (204.79.197.200:443)

TCP (HTTP):
Connects to ocsp.comodoca.com  (178.255.83.1:80)

TCP (HTTP SSL):
Connects to edge-video-shv-01-sin6.fbcdn.net  (157.240.7.21:443)

TCP (HTTP):

TCP (HTTP SSL):
Connects to svx-tsel-208-68-bns-tbs.telkomsel.com  (202.3.208.68:443)

TCP (HTTP):
Connects to server-52-85-77-193.lax3.r.cloudfront.net  (52.85.77.193:80)

TCP (HTTP):
Connects to ip184.ip-217-182-14.eu  (217.182.14.184:80)

TCP (HTTP):
Connects to hwcdn.net  (69.16.175.10:80)

TCP (HTTP):
Connects to haproxy9.ca.servers.visadd.com  (142.4.193.32:80)

TCP (HTTP SSL):
Connects to ec2-107-22-241-244.compute-1.amazonaws.com  (107.22.241.244:443)

TCP (HTTP):
Connects to e1.ttms.eu  (46.105.156.67:80)

TCP (HTTP):
Connects to 80.75.c0ad.ip4.static.sl-reverse.com  (173.192.117.128:80)

TCP (HTTP):
Connects to 131.subnet180-250-66.speedy.telkom.net.id  (180.250.66.131:80)

TCP (HTTP):
Connects to server-54-230-150-95.sin2.r.cloudfront.net  (54.230.150.95:80)

Remove wajaminternetenhancerapp.exe - Powered by Reason Core Security