wajaminternetenhancerapp.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application wajaminternetenhancerapp.exe has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Wajam which is a potentially unwanted software program. While running, it connects to the Internet address 213-133-109-69.clients.your-server.de on port 80 using the HTTP protocol.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.18.1.12

MD5:
49a730711ee2bdf23faee6eb026bcd31

SHA-1:
dd5315380d45f26a575e8bbf5995263a64714058

SHA-256:
53076e7405d5df443342ce8a79911e9d2b2fd795c455c44f791d53647c663f14

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/2/2024 7:23:57 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.Wajam
v2014.11.28.04

Reason Heuristics
PUP.WajamInternetTechnologies.Y
14.11.28.4

File size:
81 KB (82,944 bytes)

Product version:
2.18.1.12

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancerapp.exe

File PE Metadata
Compilation timestamp:
11/27/2014 5:17:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:lor/UK5xiI6XM3rRvbzLSInMIlkAA83nkI0jsKKJ:loIKXiI6S1LfAHISsKc

Entry address:
0x1577E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
78 KB (79,872 bytes)

The file wajaminternetenhancerapp.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-186-96-195.us-west-2.compute.amazonaws.com  (54.186.96.195:80)

TCP (HTTP):
Connects to rtr3.l7.search.vip.sg3.yahoo.com  (106.10.162.43:80)

TCP (HTTP):
Connects to ocsp.comodoca.com  (178.255.83.1:80)

TCP (HTTP):
Connects to ip-50-63-202-49.ip.secureserver.net  (50.63.202.49:80)

TCP (HTTP):
Connects to gmailing.avira.com  (62.146.210.20:80)

TCP (HTTP):
Connects to ec2-54-243-186-204.compute-1.amazonaws.com  (54.243.186.204:80)

TCP (HTTP):
Connects to ec2-52-30-226-196.eu-west-1.compute.amazonaws.com  (52.30.226.196:80)

TCP (HTTP):
Connects to d5.16.5177.ip4.static.sl-reverse.com  (119.81.22.213:80)

TCP (HTTP):
Connects to cb.9d.a86c.ip4.static.sl-reverse.com  (108.168.157.203:80)

TCP (HTTP):
Connects to 97.47.37a9.ip4.static.sl-reverse.com  (169.55.71.151:80)

TCP (HTTP):
Connects to 50.115.122.45.static.westdc.net  (50.115.122.45:80)

TCP (HTTP):
Connects to rtr3.l7.search.vip.ir2.yahoo.com  (217.12.15.96:80)

TCP (HTTP SSL):
Connects to origin.du131w.dub131.mail.live.com  (157.56.198.220:443)

TCP (HTTP):

TCP (HTTP):

TCP (HTTP):
Connects to ec2-52-50-196-247.eu-west-1.compute.amazonaws.com  (52.50.196.247:80)

TCP (HTTP SSL):
Connects to ec2-50-19-113-170.compute-1.amazonaws.com  (50.19.113.170:443)

TCP (HTTP):
Connects to cache.google.com  (64.15.120.32:80)

TCP (HTTP):
Connects to 213-133-109-69.clients.your-server.de  (213.133.109.69:80)

TCP (HTTP):
Connects to www.avira.com  (62.146.210.33:80)

Remove wajaminternetenhancerapp.exe - Powered by Reason Core Security