wajam_validate.exe

The application wajam_validate.exe has been detected as a potentially unwanted program by 9 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup.
MD5:
46f5c497f96e733176b010ff0ee56de3

SHA-1:
a836a8346f791ec8a83b51bc78e84b2f6659e6da

SHA-256:
561b6080396ba1218d886e7f4999918b3e85d50b4bfc05772c911cbe5af7947a

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
2/24/2014 5:16:26 AM UTC  (one month ago)

Scan engine
Detection
Engine version

AVG
Downloader.Generic13
2014.0.3542

Dr.Web
Adware.Searcher.2593
9.0.0.0330

ESET NOD32
Win32/Wajam
8.9461

NANO AntiVirus
Trojan.Win32.Searcher.cjaztx
0.28.0.57029

Reason Heuristics
Threat.Win.Reputation.IMP
14.4.3.0

The Hacker
Posible_Worm32
6.8.0.2.316

Trend Micro House Call
TROJ_GEN.R047H01HF13
7.2.239

Trend Micro
PAK_Generic.001
10.465.27

VIPRE Antivirus
Wajam
24866

File size:
11 KB (11,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\user\appdata\local\temp\random.tmp\wajam_validate.exe

File PE Metadata
Compilation timestamp:
8/14/2013 12:36:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
192:YucR8gniwHla15UMi9q9bEBOrwic65Is6UqcnZuTgtnH3faOdaD7G1IpI:kRfniwHlZRBMKbKu+nXf5IS1A

Entry address:
0x92B0

Entry point:
60, BE, 00, 70, 40, 00, 8D, BE, 00, A0, FF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.3095

Packer / compiler:
UPX 2.90LZMA]

Code size:
12 KB (12,288 bytes)

There are 8 known code variantions that share the same compilation structure.

0 / 68
wajam_validate.exe  (b178ce625433dda8797bc31d56d1b5d34b08ff0b)

0 / 68
wajam_validate.exe  (1043547a78622289093b09ed807fd05b252add14)

0 / 68
wajam_validate.exe  (154a14a0ac6cdc9ffa8de38bcd88970d92588468)

0 / 68
wajam_validate.exe  (14bf8350c574d1eb274be5c443de45cc95ab7fe8)

0 / 68
wajam_validate.exe  (eb29e9cb2082c74d9f0f876169b1ecc501df9ad4)

42 / 68    (Malware)
wajam_validate.exe  (ceff7450ffb6537d31c1998361d0780895f337c4)

40 / 68    (Malware)
wajam_validate.exe  (3b77c9b688790b1638895013fdcfbf9cd0fe1505)

3 / 68      (PUP)
wajam_validate.exe  (62c4da570fd203ca3e3e9bf1f7d90b075ff5a637)

Detection Incidence by Country