WajamInternetEnhancer.exe

Wajam Internet Enhancer

Wajam Internet Technologies Inc.

The file is part of Wajam, a web browser extension that injects social search integration into various search portals such as Google. The application WajamInternetEnhancer.exe has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Wajam which is a potentially unwanted software program.
Publisher:
Wajam Internet Technologies Inc.

Product:
Wajam Internet Enhancer

Version:
2.12.1.60

MD5:
ff9009777d443ae92b7759d1505a67cd

SHA-1:
e4a446795bdcca8a02b44e05ba2c06a4c5b71da2

SHA-256:
7c6b891a2e4b0eddffe3fcde7309ac4c6b29f7cb63e4790824851e532bd62723

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
10/17/2018 2:43:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.WajamInternetTechnologies.V
14.7.14.2

File size:
82 KB (83,968 bytes)

Product version:
2.12.1.60

Copyright:
Copyright © 2014

Original file name:
WajamInternetEnhancer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\wajam\wajam internet enhancer\wajaminternetenhancer.exe

File PE Metadata
Compilation timestamp:
7/4/2014 4:38:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:W2xzUxTmaJ/P/6b1oJulb2tgTgl7i4F97RnsRtRvJzEf31/l5jeSSSSH2CRT7MSB:TxKTmaJ/P/6b1oolb2tgTgl7i4FFRsR1

Entry address:
0x15B3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
79 KB (80,896 bytes)

The file WajamInternetEnhancer.exe has been discovered within the following program.

Wajam  by Wajam
Wajam is a search-enhancement product, but it does not change homepage or search. This product shows display and/or text ads into third-party websites which may alter normal web page layouts.
www.wajam.com
73% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-gru2.facebook.com  (31.13.85.36:443)

TCP (HTTP):
Connects to ec2-54-221-252-20.compute-1.amazonaws.com  (54.221.252.20:80)

TCP (HTTP SSL):
Connects to 186-229-127-145.ded.intelignet.com.br  (186.229.127.145:443)

TCP (HTTP SSL):
Connects to fra02-014.ff.avast.com  (77.234.45.81:443)

TCP (HTTP SSL):
Connects to xx-fbcdn-shv-01-gru2.fbcdn.net  (31.13.85.4:443)

TCP (HTTP):
Connects to ec2-54-208-30-101.compute-1.amazonaws.com  (54.208.30.101:80)

TCP (HTTP):
Connects to a72-246-97-34.deploy.akamaitechnologies.com  (72.246.97.34:80)

TCP (HTTP):
Connects to server-54-230-163-116.jax1.r.cloudfront.net  (54.230.163.116:80)

TCP (HTTP):
Connects to server-52-85-167-81.gig50.r.cloudfront.net  (52.85.167.81:80)

TCP (HTTP SSL):
Connects to edge-star-shv-01-gru2.facebook.com  (31.13.85.8:443)

TCP (HTTP):
Connects to ec2-54-244-249-173.us-west-2.compute.amazonaws.com  (54.244.249.173:80)

TCP (HTTP):
Connects to ec2-54-204-1-141.compute-1.amazonaws.com  (54.204.1.141:80)

TCP (HTTP):
Connects to ec2-50-19-219-11.compute-1.amazonaws.com  (50.19.219.11:80)

TCP (HTTP):
Connects to ec2-107-21-236-22.compute-1.amazonaws.com  (107.21.236.22:80)

TCP (HTTP):
Connects to dmppixel-shared-mtc-c.evip.aol.com  (64.12.245.38:80)

TCP (HTTP SSL):
Connects to channel-proxy-shv-07-ash2.facebook.com  (173.252.113.2:443)

TCP (HTTP SSL):
Connects to channel-proxy-shv-06-frc1.facebook.com  (69.171.248.18:443)

TCP (HTTP SSL):
Connects to channel-proxy-shv-06-ash2.facebook.com  (173.252.102.24:443)

TCP (HTTP):
Connects to a92-122-60-62.deploy.akamaitechnologies.com  (92.122.60.62:80)

TCP (HTTP):
Connects to a72-246-97-40.deploy.akamaitechnologies.com  (72.246.97.40:80)

Remove WajamInternetEnhancer.exe - Powered by Reason Core Security