home

wj_validate.exe

Super Downloads

Wajam is a potentially unwanted program that displays social media posts from the user's contacts in search results. The application wj_validate.exe by Super Downloads has been detected as adware by 8 anti-malware scanners. It is also typically executed from the user's temporary directory.
Publisher:
Super Downloads  (signed and verified)

MD5:
a71c404d0ae4c842321449fea3574c75

SHA-1:
e2e06b163525f48559c10e042db6912f1a86d3a5

SHA-256:
093be42bede55ffd6997e9a8af41ad1ddd78e18e9339dfe031ff7120fde99335

Scanner detections:
8 / 68

Status:
Adware

Analysis date:
11/1/2024 9:33:21 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Searcher.2593
9.0.1.0104

ESET NOD32
Win32/Wajam (variant)
8.9530

Malwarebytes
PUP.Optional.Wajam
v2014.04.14.07

NANO AntiVirus
Riskware.Win32.Searcher.csnymk
0.28.0.58101

Reason Heuristics
PUP.SuperDownloads.L
14.4.14.7

Trend Micro House Call
PAK_Generic.001
7.2.104

Trend Micro
PAK_Generic.001
10.465.14

VIPRE Antivirus
Wajam
27288

File size:
16 KB (16,360 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\wj_validate.exe

Digital Signature
Signed by:
Super Downloads

Authority:
COMODO CA Limited

Valid from:
12/12/2013 1:00:00 AM

Valid to:
12/12/2016 12:59:59 AM

Subject:
CN=Super Downloads, O=Super Downloads, STREET="4115, boul. St-Laurent", L=Montreal, S=Quebec, PostalCode=H2W 1Y7, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EDE829ED1E6AB7C7A9D6279BB970B503

File PE Metadata
Compilation timestamp:
8/14/2013 9:36:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
384:uRfniwHlZRBMKbKu+nXfHIS1ADMC18lgp:uRfiwFFMeKu8PV1hip

Entry address:
0x92B0

Entry point:
60, BE, 00, 70, 40, 00, 8D, BE, 00, A0, FF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA]

Code size:
12 KB (12,288 bytes)

Remove wj_validate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.