wajam_validate.exe

The application wajam_validate.exe has been detected as a potentially unwanted program by 9 anti-malware scanners. This file is typically installed with the program Open Downloader Manager by Installer Technology Co which is a potentially unwanted software program. According to AVG, this software downloads additional adware offers during setup.
MD5:
46f5c497f96e733176b010ff0ee56de3

SHA-1:
a836a8346f791ec8a83b51bc78e84b2f6659e6da

SHA-256:
561b6080396ba1218d886e7f4999918b3e85d50b4bfc05772c911cbe5af7947a

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
2/24/2014 5:16:26 AM UTC  (eight months ago)

Scan engine
Detection
Engine version

AVG
Downloader.Generic13
2014.0.3542

Dr.Web
Adware.Searcher.2593
9.0.1.0330

ESET NOD32
Win32/Wajam
8.9461

NANO AntiVirus
Trojan.Win32.Searcher.cjaztx
0.28.0.57029

Reason Heuristics
Threat.Win.Reputation.IMP
14.4.3.0

The Hacker
Posible_Worm32
6.8.0.2.316

Trend Micro House Call
TROJ_GEN.R047H01HF13
7.2.239

Trend Micro
PAK_Generic.001
10.465.27

VIPRE Antivirus
Wajam
24866

File size:
11 KB (11,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\user\appdata\local\temp\random.tmp\wajam_validate.exe

File PE Metadata
Compilation timestamp:
8/14/2013 12:36:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

CTPH (ssdeep):
192:YucR8gniwHla15UMi9q9bEBOrwic65Is6UqcnZuTgtnH3faOdaD7G1IpI:kRfniwHlZRBMKbKu+nXf5IS1A

Entry address:
0x92B0

Entry point:
60, BE, 00, 70, 40, 00, 8D, BE, 00, A0, FF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.3095

Packer / compiler:
UPX 2.90LZMA]

Code size:
12 KB (12,288 bytes)

The file wajam_validate.exe has been discovered within the following program.

Open Downloader Manager  by Installer Technology Co
ODM is a download manager that plugs into various web browsers (IE, Chrome and Firefox). The installer is designed to bundle and offer various additional offers including toolbars and other potentially harmful programs.
opendownloadmanager.com
73% remove it
 
Powered by Should I Remove It?

The following containers package wajam_validate.exe in it.

10 / 68    (PUP)
mp3_converter_test555_8184.exe  (7abb83496e3f8e5a00473714d8d50decde29c1ed)

5 / 68      (PUP)
wajamchecker.exe  (0a12774e4d19a9867069c8d3cd3e380d7cb2f59c)

11 / 68    (PUP)
instman.exe  (11bb4e96f6f735464c99152445ff31129dd51e23)

18 / 68    (PUP)
installmanager.exe  (541f50e308ee3d93320f6cbb79c3ea7694886e1b)

10 / 68    (PUP)
myphoneexplorer_v2_5185.exe  (4c4a6d10418ca0f0014b7e65ed0ed8d0dc42a670)

9 / 68      (PUP)
installmanager.exe  (5f0ffc6a631f7b92064947c3686c91fa1f8d45e1)

10 / 68    (PUP)
installmanager.exe  (63fff708910001e5e3ae59d60798ea2048f7d1f8)

11 / 68    (PUP)
ultimate_iso_maker_2_7160.exe  (9f24f2e3cd6a631218184a1b76f484b6e83be1a1)

10 / 68    (PUP)
installmanager.exe  (bc9132a750b87d8f9abc3c11814a474eac3edf99)

8 / 68      (PUP)
im.exe  (f8606451d1a7eb3c7631f801f5c750ce49cf13b5)

There are 9 known code variantions that share the same compilation structure.

43 / 68    (Infected)
wajam_validate.exe  (d81f1843766b7fa72c51bf5904683c948e200961)

0 / 68
wajam_validate.exe  (b178ce625433dda8797bc31d56d1b5d34b08ff0b)

0 / 68
wajam_validate.exe  (1043547a78622289093b09ed807fd05b252add14)

0 / 68
wajam_validate.exe  (154a14a0ac6cdc9ffa8de38bcd88970d92588468)

0 / 68
wajam_validate.exe  (14bf8350c574d1eb274be5c443de45cc95ab7fe8)

0 / 68
wajam_validate.exe  (eb29e9cb2082c74d9f0f876169b1ecc501df9ad4)

41 / 68    (Infected)
wajam_validate.exe  (ceff7450ffb6537d31c1998361d0780895f337c4)

39 / 68    (Infected)
wajam_validate.exe  (3b77c9b688790b1638895013fdcfbf9cd0fe1505)

3 / 68      (PUP)
wajam_validate.exe  (62c4da570fd203ca3e3e9bf1f7d90b075ff5a637)

Detection Incidence by Country