Wajam
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 1,862 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 879,451 |
| First Seen: | March 26, 2012 |
| Last Seen: | February 4, 2026 |
| OS(es) Affected: | Windows |
Wajam is a potentially unwanted browser extension, which installs itself on the compromised Internet browser without a PC user's consent. Wajam works on Facebook, Twitter, and other social networking websites and search engines like Google and Bing, or websites like Amazon. Wajam takes over the targeted web browser (Mozilla Firefox, Safari, Google Chrome, and Internet Explorer) and modifies browser settings. Wajam leads to irritating redirects of the hacked web browser to doubtful websites. By using a Wajam add-on, you may get diverted straight to wajam.com.
Table of Contents
SpyHunter Detects & Remove Wajam
File System Details
Wajam may create the following file(s):
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | odjlotg4ngizo | 1d7ac3272c67a0b93dddaab0288524ec | 10,863 |
| 2. | ywizzmy3mzlkmge | 8f07611c34402b89f86e8d706ea8c7c8 | 10,100 |
| 3. | mpcsssahnv.mxcs | 93a31905617b13bbd180892f2b8c0135 | 3,508 |
| 4. | uwqhtuanltxs.uwqct | dda81d58aa7dfac846865c0c847cca8b | 2,892 |
| 5. | msjmkaaz.msp | 210ca79c436ce6169848a6bce5f709eb | 2,195 |
| 6. | cdiqdouiemolzknun.cdiq | b726434b53c5a9bceb5b1bb753fc77e6 | 2,150 |
| 7. | ywniyjq1ymeyzmj.exe | 04b59af69206520edfafa9f70be5eadc | 1,333 |
| 8. | pfxgtdrrjw.pfxg | 8797e96d6f74799daed231953db00009 | 1,033 |
| 9. | mjq2mgi.exe | c79791479bb83056c0e1fb8247046c47 | 914 |
| 10. | cyhgigdhlfdydy.cyhgg | befc7fde7eff9db7081048f3cd3f0ae6 | 852 |
| 11. | fknbqp.fknb | 2b89387de3c22217489f71b55759b90b | 802 |
| 12. | nhmsfjhhjqcpdaunw.nhm | 7412d2686a5d70682e71ff9ef5b84fca | 517 |
| 13. | qlmmtn.qlim | 6d82801e6ca55feca4e6b56c767b29dc | 483 |
| 14. | chrome_manager_x64.dll | fa5a1cf919aad0c6e45da6d07d597786 | 72 |
| 15. | ad88867192b334f5c530bed91cc56977.dll | 915091e0f0257ed4206c91f5dd80bf2c | 23 |
| 16. | d625af9dac2a22c9d69478974d850fcb.dll | 18976befd8fd70f2a0343d71d1b82e89 | 20 |
| 17. | a60554be0dac440e972820df4fe96e0bbee6745d59c11e73eddf5b10bfadfb43 | 6bdb13eb57b18a185f0bb5fd0f160309 | 20 |
| 18. | 82c87a31eddb0cf91f871ec2d3e84209.dll | 9bb1750f514bc5c0a5502db50e4ba3db | 19 |
| 19. | a01a7ca661c59a973d09c7208a4d60df.dll | 712b482c1af798db3867116b426a1850 | 17 |
| 20. | bc88993dd1204e429e0c66b84c72aae1.dll | 9980f48e25d2fbc8cb2f102a2f5ee29f | 15 |
| 21. | b94423de8f874ca097da051d5318db34.dll | f6db4340377d55a7b263ef12de7ec8cb | 13 |
| 22. | c459121f777c9e39d142eb585c045f69.dll | 472549598fe790228362ecb761d4d1d6 | 13 |
| 23. | wajam.exe | 2bc6345a545be87d185c4b5be5c7f43e | 12 |
| 24. | 2918cfa9f68540a3296f5243d98253f3010ef729c8058d1cb1da2c023a1a4524 | 557c78d66f91ca6f0be11e1df750c98b | 9 |
| 25. | chrome_manager.dll | c26b98c7a947a59108645fb4a431734d | 9 |
| 26. | 5c2ee62f222538a93081693c2302749570af0888e7bdf3f12c1a67218d0dfd32 | d89789dd1c4076e79f65df78b48cde7e | 9 |
| 27. | 842353c669d95054b80448ee33382ecb.dll | 8b287f3754f60df8a613ff3220a1ca19 | 7 |
| 28. | 2adf9949c14c2fe7d18152676ca496df.dll | bdf23db28e741989b3fec4c67a222ba6 | 7 |
| 29. | f4dc1445a961aa88a1b8f0eec6b2835b.dll | 5f1fb7591ff1def4bb9e37d6ae1ac766 | 6 |
Registry Details
Wajam may create the following registry entry or registry entries:
File name without path
http_wajam.com_0.localstorage
http_www.armandlamoureuxtechnology.com_0.localstorage
http_www.armandlamoureuxtechnology.com_0.localstorage-journal
http_www.cartiertechnology.com_0.localstorage
http_www.cartiertechnology.com_0.localstorage-journal
http_www.chabaneltechnology.com_0.localstorage
http_www.chabaneltechnology.com_0.localstorage-journal
http_www.colonialetechnology.com_0.localstorage
http_www.colonialetechnology.com_0.localstorage-journal
http_www.despinstechnology.com_0.localstorage
http_www.despinstechnology.com_0.localstorage-journal
http_www.downloadtryfree.com_0.localstorage
http_www.downloadtryfree.com_0.localstorage-journal
http_www.fastnfreedownload.com_0.localstorage
http_www.fastnfreedownload.com_0.localstorage-journal
http_www.jeanlesagetechnology.com_0.localstorage
http_www.jeanlesagetechnology.com_0.localstorage-journal
http_www.lauriertechnology.com_0.localstorage
http_www.lauriertechnology.com_0.localstorage-journal
http_www.preverttechnology.com_0.localstorage
http_www.preverttechnology.com_0.localstorage-journal
http_www.sirwilfridlauriertechnology.com_0.localstorage
http_www.sirwilfridlauriertechnology.com_0.localstorage-journal
http_www.technologieadrienprovencher.com_0.localstorage
http_www.technologiedollard.com_0.localstorage
http_www.technologiedollard.com_0.localstorage-journal
http_www.technologieduluth.com_0.localstorage
http_www.technologieduluth.com_0.localstorage-journal
http_www.technologiehutchison.com_0.localstorage
http_www.technologiehutchison.com_0.localstorage-journal
http_www.technologiesaintdominique.com_0.localstorage
http_www.technologiesaintdominique.com_0.localstorage-journal
http_www.technologiesaintjoseph.com_0.localstorage
http_www.technologiesaintjoseph.com_0.localstorage-journal
http_www.technologiesaintlaurent.com_0.localstorage
http_www.technologiesaintlaurent.com_0.localstorage-journal
http_www.technologiesainturbain.com_0.localstorage
http_www.technologiesainturbain.com_0.localstorage-journal
http_www.technologiestlaurent.com_0.localstorage
http_www.technologiestlaurent.com_0.localstorage-journal
http_www.technologiestuart.com_0.localstorage
http_www.technologiestuart.com_0.localstorage-journal
http_www.technologiewiseman.com_0.localstorage
http_www.technologiewiseman.com_0.localstorage-journal
http_www.trudeautechnology.com_0.localstorage
http_www.trudeautechnology.com_0.localstorage-journal
Wajam Website.lnk
Wajam.lnk
wajam_32.exe
wajam_64.exe
wajam_install.exe
www.armandlamoureuxtechnology[1].xml
www.bernardtechnology[1].xml
www.carmenbienvenuetechnology[1].xml
www.cartiertechnology[1].xml
www.chabaneltechnology[1].xml
www.colonialetechnology[1].xml
www.despinstechnology[1].xml
www.fastnfreedownload[1].xml
www.installappsfree[1].xml
www.jeanlesagetechnology[1].xml
www.lauriertechnology[1].xml
www.preverttechnology[1].xml
www.sirwilfridlauriertechnology[1].xml
www.technologieadrienprovencher[1].xml
www.technologiedollard[1].xml
www.technologieduluth[1].xml
www.technologiehutchison[1].xml
www.technologiesaintdominique[1].xml
www.technologiesaintjoseph[1].xml
www.technologiesaintlaurent[1].xml
www.technologiesainturbain[1].xml
www.technologiesirwilfridlaurier[1].xml
www.technologiestlaurent[1].xml
www.technologiestuart[1].xml
www.technologiewiseman[1].xml
www.trudeautechnology[1].xml
www.wajam[1].xml
www.yvonlheureuxtechnology[1].xml
Regexp file mask
%AppData%\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{5a95a9e0-59dd-4314-bd84-4d18ca84b1f3}.xpi
%WINDIR%\upinfo_file.cab
%WINDIR%\w{4,20}.(?!exe$|bat$|dll$|sys$|cpl$|scr$|tt2$|cmd$|vbs$|xem$|gif$|msi$)w{3,6}
SOFTWARE\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cartiertechnology.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\technologiesaintdominique.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\technologiesaintjoseph.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\technologiesainturbain.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\technologiesirwilfridlaurier.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\technologiestuart.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wajam.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.cartiertechnology.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.technologiesaintdominique.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.technologiesaintjoseph.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.technologiesainturbain.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.technologiesirwilfridlaurier.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.technologiestuart.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cartiertechnology.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\technologiesaintdominique.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\technologiesaintjoseph.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\technologiesainturbain.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\technologiesirwilfridlaurier.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\technologiestuart.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\wajam.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.cartiertechnology.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.technologiesaintdominique.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.technologiesaintjoseph.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.technologiesainturbain.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.technologiesirwilfridlaurier.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.technologiestuart.com
SOFTWARE\Classes\Wow6432Node\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Software\Microsoft\Internet Explorer\DOMStorage\armandlamoureuxtechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\bernardtechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\carmenbienvenuetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\cartiertechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\chabaneltechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\colonialetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\despinstechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\fastnfreedownload.com
Software\Microsoft\Internet Explorer\DOMStorage\jeanlesagetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\lauriertechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiedollard.com
Software\Microsoft\Internet Explorer\DOMStorage\technologieduluth.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiehutchison.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiesaintjoseph.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiesaintlaurent.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiesainturbain.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiestlaurent.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiestuart.com
Software\Microsoft\Internet Explorer\DOMStorage\technologiewiseman.com
Software\Microsoft\Internet Explorer\DOMStorage\trudeautechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Software\Microsoft\Internet Explorer\DOMStorage\www.armandlamoureuxtechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.bernardtechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.carmenbienvenuetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.cartiertechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.chabaneltechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.colonialetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.despinstechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.fastnfreedownload.com
Software\Microsoft\Internet Explorer\DOMStorage\www.jeanlesagetechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.lauriertechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiedollard.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologieduluth.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiehutchison.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiesaintjoseph.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiesaintlaurent.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiesainturbain.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiestlaurent.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiestuart.com
Software\Microsoft\Internet Explorer\DOMStorage\www.technologiewiseman.com
Software\Microsoft\Internet Explorer\DOMStorage\www.trudeautechnology.com
Software\Microsoft\Internet Explorer\DOMStorage\www.wajam.com
SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WdMan
SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
SOFTWARE\Microsoft\{acfbb36d-ee12-454w-9385-b7ef1ecb018d}
SOFTWARE\Social2Sear
SOFTWARE\WaIE
SOFTWARE\WaIEn
SOFTWARE\WaIEnhancer
SOFTWARE\WaIntEn
SOFTWARE\WaIntEnhancer
SOFTWARE\WaInterEn
Software\WaInterEnhancer
SOFTWARE\WaInternetEn
Software\WaInternetEnhancer
Software\WajaIEnhancer
SOFTWARE\WajaIntEn
SOFTWARE\WajaIntEnhancer
SOFTWARE\WajaInterEn Browser Enhancer
Software\WajaInterEnhancer
SOFTWARE\WajaInternetEn
SOFTWARE\WajaInternetEnhancer
SOFTWARE\WajaNEn
SOFTWARE\WajaNEnhance
SOFTWARE\WajaNetEn
Software\WajaWebEnhance
SOFTWARE\WajIEn
SOFTWARE\WajInterEn
SOFTWARE\WajNEnhance
SOFTWARE\WajNetEn
SOFTWARE\WajNetworkEnhancer
SOFTWARE\WajWebE
SOFTWARE\WajWebEnhance
SOFTWARE\WaNetEn
SOFTWARE\WaNetEnhance
SOFTWARE\WaNetworkEn
Software\WaNetworkEnhance
Software\WaNetworkEnhancer
SOFTWARE\WaWebE
SOFTWARE\WIEn
SOFTWARE\WIntEnhancer
SOFTWARE\WInterEnhancer
SOFTWARE\WNEn
SOFTWARE\WNEn Browser Enhancer
SOFTWARE\WNEnhance
SOFTWARE\WNetEnhance
Software\WNetEnhancer
SOFTWARE\WNetworkEn
SOFTWARE\WNetworkEnhance
SOFTWARE\Wow6432Node\Classes\AppID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
SOFTWARE\Wow6432Node\Social2Sear
SOFTWARE\Wow6432Node\WaIE
SOFTWARE\Wow6432Node\WaIEn
SOFTWARE\Wow6432Node\WaIEnhancer
SOFTWARE\Wow6432Node\WaIntEn
SOFTWARE\Wow6432Node\WaIntEnhancer
SOFTWARE\Wow6432Node\WaInterEn
Software\Wow6432Node\WaInterEnhancer
SOFTWARE\Wow6432Node\WaInternetEn
SOFTWARE\Wow6432Node\WaInternetEnhancer
SOFTWARE\Wow6432Node\WajaIEnhancer
SOFTWARE\Wow6432Node\WajaIntEn
SOFTWARE\Wow6432Node\WajaIntEnhancer
SOFTWARE\Wow6432Node\WajaInterEn Browser Enhancer
SOFTWARE\Wow6432Node\WajaInterEnhancer
SOFTWARE\Wow6432Node\WajaInternetEn
SOFTWARE\Wow6432Node\WajaInternetEnhancer
SOFTWARE\Wow6432Node\WajaNEn
SOFTWARE\Wow6432Node\WajaNEnhance
SOFTWARE\Wow6432Node\WajaNetEn
SOFTWARE\Wow6432Node\WajaWebEnhance
SOFTWARE\Wow6432Node\WajIEn
SOFTWARE\Wow6432Node\WajIntEnhance
SOFTWARE\Wow6432Node\WajInterEn
SOFTWARE\Wow6432Node\WajNEnhance
SOFTWARE\Wow6432Node\WajNetEn
SOFTWARE\Wow6432Node\WajNetworkEnhancer
SOFTWARE\Wow6432Node\WajWebE
SOFTWARE\Wow6432Node\WajWebEnhance
SOFTWARE\Wow6432Node\WaNetEn
SOFTWARE\Wow6432Node\WaNetEnhance
SOFTWARE\Wow6432Node\WaNetworkEn
SOFTWARE\Wow6432Node\WaNetworkEnhance
Software\Wow6432Node\WaNetworkEnhancer
SOFTWARE\Wow6432Node\WaWebE
SOFTWARE\Wow6432Node\WIEn
SOFTWARE\Wow6432Node\WIntEnhancer
SOFTWARE\Wow6432Node\WInterEnhancer
SOFTWARE\Wow6432Node\WNEn
SOFTWARE\Wow6432Node\WNEn Browser Enhancer
SOFTWARE\Wow6432Node\WNEnhance
SOFTWARE\Wow6432Node\WNetEnhance
SOFTWARE\Wow6432Node\WNetEnhancer
SOFTWARE\Wow6432Node\WNetworkEn
SOFTWARE\Wow6432Node\WNetworkEnhance
SOFTWARE\WOW6432Node\WWebE
SOFTWARE\WWebE
SYSTEM\ControlSet001\services\WaIEn Monitor
SYSTEM\ControlSet001\services\WaIEnhancer Service
SYSTEM\ControlSet001\Services\WaIntEn Monitor
SYSTEM\ControlSet001\services\WaIntEnhancer Service
SYSTEM\ControlSet001\services\WaInterEn Monitor
SYSTEM\ControlSet001\services\WaInterEnhancer Service
SYSTEM\ControlSet001\services\WaInternetEn Monitor
SYSTEM\ControlSet001\services\WaInternetEnhancer Service
SYSTEM\ControlSet001\services\WajaIntEn Monitor
SYSTEM\ControlSet001\Services\WajaIntEnhancer Service
SYSTEM\ControlSet001\Services\WajaInterEnhancer Service
SYSTEM\ControlSet001\services\WajaInternetEn Monitor
SYSTEM\ControlSet001\Services\WajaInternetEnhancer Service
SYSTEM\ControlSet001\services\WajaNetEn Monitor
SYSTEM\ControlSet001\Services\WajaWebEnhance Service
SYSTEM\ControlSet001\Services\WajIEn Monitor
SYSTEM\ControlSet001\Services\WajInterEnhancer Service
SYSTEM\ControlSet001\Services\WajInternetEn Monitor
SYSTEM\ControlSet001\services\WajNetEn Monitor
SYSTEM\ControlSet001\services\WaNetEn Monitor
SYSTEM\ControlSet001\Services\WaNetEnhance Service
SYSTEM\ControlSet001\services\WaNetworkEnhance Service
SYSTEM\ControlSet001\services\WaNetworkEnhancer Service
SYSTEM\ControlSet001\Services\WdMan
SYSTEM\ControlSet001\services\WIntEnhancer Service
SYSTEM\ControlSet001\services\WInterEnhancer Service
SYSTEM\ControlSet001\services\WNEn Monitor
SYSTEM\ControlSet001\services\WNetEnhancer Service
SYSTEM\ControlSet001\services\WNetworkEn Monitor
SYSTEM\ControlSet002\services\WaIEn Monitor
SYSTEM\ControlSet002\services\WaIEnhancer Service
SYSTEM\ControlSet002\services\WaIntEnhancer Service
SYSTEM\ControlSet002\services\WaInterEn Monitor
SYSTEM\ControlSet002\services\WaInterEnhancer Service
SYSTEM\ControlSet002\services\WaInternetEn Monitor
SYSTEM\ControlSet002\services\WaInternetEnhancer Service
SYSTEM\ControlSet002\services\WajaIntEn Monitor
SYSTEM\ControlSet002\Services\WajaInterEnhancer Service
SYSTEM\ControlSet002\services\WajaInternetEn Monitor
SYSTEM\ControlSet002\Services\WajaInternetEnhancer Service
SYSTEM\ControlSet002\services\WajaNetEn Monitor
SYSTEM\ControlSet002\Services\WajaWebEnhance Service
SYSTEM\ControlSet002\services\WajInterEn Monitor
SYSTEM\ControlSet002\Services\WajInterEnhancer Service
SYSTEM\ControlSet002\Services\WajInternetEn Monitor
SYSTEM\ControlSet002\services\WajNetEn Monitor
SYSTEM\ControlSet002\services\WaNetEn Monitor
SYSTEM\ControlSet002\Services\WaNetEnhance Service
SYSTEM\ControlSet002\services\WaNetworkEnhance Service
SYSTEM\ControlSet002\services\WaNetworkEnhancer Service
SYSTEM\ControlSet002\services\WdMan
SYSTEM\ControlSet002\services\WIntEnhancer Service
SYSTEM\ControlSet002\services\WInterEnhancer Service
SYSTEM\ControlSet002\services\WNEn Monitor
SYSTEM\ControlSet002\services\WNetEnhancer Service
SYSTEM\ControlSet002\services\WNetworkEn Monitor
SYSTEM\CurrentControlSet\services\WaIEn Monitor
SYSTEM\CurrentControlSet\services\WaIEnhancer Service
SYSTEM\CurrentControlSet\Services\WaIntEn Monitor
SYSTEM\CurrentControlSet\services\WaIntEnhancer Service
SYSTEM\CurrentControlSet\services\WaInterEn Monitor
SYSTEM\CurrentControlSet\services\WaInterEnhancer Service
SYSTEM\CurrentControlSet\services\WaInternetEn Monitor
SYSTEM\CurrentControlSet\services\WaInternetEnhancer Service
SYSTEM\CurrentControlSet\services\WajaIntEn Monitor
SYSTEM\CurrentControlSet\Services\WajaIntEnhancer Service
SYSTEM\CurrentControlSet\Services\WajaInterEnhancer Service
SYSTEM\CurrentControlSet\services\WajaInternetEn Monitor
SYSTEM\CurrentControlSet\Services\WajaInternetEnhancer Service
SYSTEM\CurrentControlSet\services\WajaNetEn Monitor
SYSTEM\CurrentControlSet\Services\WajaWebEnhance Service
SYSTEM\CurrentControlSet\Services\WajIEn Monitor
SYSTEM\CurrentControlSet\services\WajInterEn Monitor
SYSTEM\CurrentControlSet\Services\WajInterEnhancer Service
SYSTEM\CurrentControlSet\Services\WajInternetEn Monitor
SYSTEM\CurrentControlSet\services\WajNetEn Monitor
SYSTEM\CurrentControlSet\services\WaNetEn Monitor
SYSTEM\CurrentControlSet\Services\WaNetEnhance Service
SYSTEM\CurrentControlSet\services\WaNetworkEnhance Service
SYSTEM\CurrentControlSet\services\WaNetworkEnhancer Service
SYSTEM\CurrentControlSet\Services\WdMan
SYSTEM\CurrentControlSet\services\WIntEnhancer Service
SYSTEM\CurrentControlSet\services\WInterEnhancer Service
SYSTEM\CurrentControlSet\services\WNEn Monitor
SYSTEM\CurrentControlSet\services\WNetEnhancer Service
SYSTEM\CurrentControlSet\services\WNetworkEn Monitor
WaIEn
WaIEnhancer
WaIntEnhancer
WaInterEn
WaInterEnhancer
WaInternetEn
WaInternetEnhancer
WajaIntEn
WajaIntEnhancer
WajaInterEn Browser Enhancer
WajaInterEnhancer
WajaInternetEn
WajaInternetEnhancer
WajaNEn
WajaNEnhance
WajaNetEn
WajaWebEnhance
WajIEn
WajIntEnhance
WajInterEn
WajInterEnhancer
WajNEnhance
WajNetEn
WajNetworkE
WajWebEnhance
WaNetEn
WaNetEnhance
WaNetworkEnhance
WaNetworkEnhancer
WaWebE
WIntEnhancer
WInterEnhancer
WNEn
WNEnhance
WNetEnhance
WNetEnhancer
WNetworkEn
WNetworkEnhance
Directories
Wajam may create the following directory or directories:
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Social2Sear |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WIEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WIntEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WInterEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNetEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNetEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNetworkEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WNetworkEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WWebE |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaIE |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaIEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaIEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaIntEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaIntEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaInterEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaInterEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaInternetEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaNetEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaNetEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaNetworkEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaNetworkEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WaNetworkEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajIEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajInterEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajInterEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajNetEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajWebEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaIEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaIntEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaIntEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaInterEn Browser Enhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaInterEnhancer |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaInternetEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaInternetEnhance |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaNEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaNetEn |
| %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance |
| %ALLUSERSPROFILE%\Start Menu\Programs\Social2Sear |
| %ALLUSERSPROFILE%\Start Menu\Programs\WIEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WNEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WaNetworkEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WajIEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WajNetEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WajaIntEn |
| %ALLUSERSPROFILE%\Start Menu\Programs\WajaNetEn |
| %ALLUSERSPROFILE%\UpdaterService |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WIEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WNEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WaIEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WaWebE |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WajIEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WajInterEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WajWebE |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\WajaIntEn |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer |
| %PROGRAMFILES%\483439ee973f587d9bb1ffe33f27b80f |
| %PROGRAMFILES%\WIntEnhancer |
| %PROGRAMFILES%\WInterEnhancer |
| %PROGRAMFILES%\WNEnhance |
| %PROGRAMFILES%\WNen |
| %PROGRAMFILES%\WNetEnhance |
| %PROGRAMFILES%\WNetEnhancer |
| %PROGRAMFILES%\WNetworkEn |
| %PROGRAMFILES%\WNetworkEnhance |
| %PROGRAMFILES%\WaIEn |
| %PROGRAMFILES%\WaIntEn |
| %PROGRAMFILES%\WaIntEnhancer |
| %PROGRAMFILES%\WaInterEn |
| %PROGRAMFILES%\WaInterEnhancer |
| %PROGRAMFILES%\WaInternetEn |
| %PROGRAMFILES%\WaInternetEnhancer |
| %PROGRAMFILES%\WaNetEn |
| %PROGRAMFILES%\WaNetEnhance |
| %PROGRAMFILES%\WaNetworkEn |
| %PROGRAMFILES%\WaNetworkEnhance |
| %PROGRAMFILES%\WaNetworkEnhancer |
| %PROGRAMFILES%\WaWebE |
| %PROGRAMFILES%\WajIEn |
| %PROGRAMFILES%\WajInterEn |
| %PROGRAMFILES%\WajInterEnhancer |
| %PROGRAMFILES%\WajInternetEn |
| %PROGRAMFILES%\WajNEnhance |
| %PROGRAMFILES%\WajNetE |
| %PROGRAMFILES%\WajNetEn |
| %PROGRAMFILES%\WajNetworkE |
| %PROGRAMFILES%\WajWebE |
| %PROGRAMFILES%\WajWebEnhance |
| %PROGRAMFILES%\WajaIEnhancer |
| %PROGRAMFILES%\WajaIntEn |
| %PROGRAMFILES%\WajaIntEnhancer |
| %PROGRAMFILES%\WajaInterEnhancer |
| %PROGRAMFILES%\WajaInternetEn |
| %PROGRAMFILES%\WajaInternetEnhancer |
| %PROGRAMFILES%\WajaNEn |
| %PROGRAMFILES%\WajaNEnhance |
| %PROGRAMFILES%\WajaNetEn |
| %PROGRAMFILES%\WajaWebE |
| %PROGRAMFILES%\WajaWebEnhance |
| %PROGRAMFILES(x86)%\483439ee973f587d9bb1ffe33f27b80f |
| %PROGRAMFILES(x86)%\WIntEnhancer |
| %PROGRAMFILES(x86)%\WInterEnhancer |
| %PROGRAMFILES(x86)%\WNEnhance |
| %PROGRAMFILES(x86)%\WNetEnhance |
| %PROGRAMFILES(x86)%\WNetEnhancer |
| %PROGRAMFILES(x86)%\WNetworkEnhance |
| %PROGRAMFILES(x86)%\WaIEnhancer |
| %PROGRAMFILES(x86)%\WaIntEnhancer |
| %PROGRAMFILES(x86)%\WaInterEnhancer |
| %PROGRAMFILES(x86)%\WaInternetEnhancer |
| %PROGRAMFILES(x86)%\WaNetEnhance |
| %PROGRAMFILES(x86)%\WaNetworkEnhance |
| %PROGRAMFILES(x86)%\WaNetworkEnhancer |
| %PROGRAMFILES(x86)%\WajInterEnhancer |
| %PROGRAMFILES(x86)%\WajNEnhance |
| %PROGRAMFILES(x86)%\WajNetworkEnhancer |
| %PROGRAMFILES(x86)%\WajWebEnhance |
| %PROGRAMFILES(x86)%\WajaIEnhancer |
| %PROGRAMFILES(x86)%\WajaIntEnhancer |
| %PROGRAMFILES(x86)%\WajaInterEnhancer |
| %PROGRAMFILES(x86)%\WajaInternetEn |
| %PROGRAMFILES(x86)%\WajaInternetEnhancer |
| %PROGRAMFILES(x86)%\WajaNEnhance |
| %PROGRAMFILES(x86)%\WajaWebEnhance |
| %SystemRoot%\33f44237abb2f1bf9cf7409cc9fa0531 |
| %programfiles%\WajaInterEn Browser Enhancer |
URLs
Wajam may call the following URLs:
| wajam.com |
Analysis Report
General information
| Family Name: | Adware.Wajam |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
fa954a3d3cbe56c1a065cc2efecea596
SHA1:
9481993d15ed9582c44f5037933e9d834e75ed9d
SHA256:
408DFCB1C4CB3784AE4404676EE89099DA2D2F3A6A615F79DB6539D4619B23EC
File Size:
919.33 KB, 919334 bytes
|
|
MD5:
e5c5245ab82e972ab319cb1a4be73875
SHA1:
edb2068104c67261d2d5e3e2647b77417f17be91
SHA256:
1106F7D67FD281C3EBB62ADC01A0B6725A73D7E828E2C44D7254040F3F93C016
File Size:
56.59 KB, 56590 bytes
|
|
MD5:
65d06706104eca72f11302bdccaf030e
SHA1:
28e5f4be92336d00afa0ddd2ce1ba57dc503fae0
SHA256:
B00F8943494C009CE8640B436C18D39D3315B60796333B8EF53C9467DF6D7BFD
File Size:
1.29 MB, 1293383 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
File Traits
- .NET
- Installer Version
- x86
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\users\user\appdata\local\temp\nsdf3bf.tmp\nsislist.dll | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\nsdf3bf.tmp\system.dll | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\~nsu.tmp\au_.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
Registry Modifications
Registry Modifications
This section lists registry keys and values that were created, modified and/or deleted by samples in this family. Windows Registry activity can provide valuable insight into malware functionality. Additionally, malware often creates registry values to allow itself to automatically start and indefinitely persist after an initial infection has compromised the system.| Key::Value | Data | API Name |
|---|---|---|
| HKLM\system\controlset001\control\session manager::pendingfilerenameoperations | \??\C:\Users\Wzpqmyss\AppData\Local\Temp\~nsu.tmp\Au_.exe | RegNtPreCreateKey |
| HKLM\system\controlset001\control\session manager::pendingfilerenameoperations | \??\C:\Users\Wzpqmyss\AppData\Local\Temp\~nsu.tmp\Au_.exe��\??\C:\Users\Wzpqmyss\AppData\Local\Temp\~nsu.tmp | RegNtPreCreateKey |
| HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 | RegNtPreCreateKey |
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Process Shell Execute |
|
Shell Command Execution
Shell Command Execution
This section lists Windows shell commands that are run by the samples in this family. Windows Shell commands are often leveraged by malware for nefarious purposes and can be used to elevate security privileges, download and launch other malware, exploit vulnerabilities, collect and exfiltrate data, and hide malicious activity.
"C:\Users\Wzpqmyss\AppData\Local\Temp\~nsu.tmp\Au_.exe" _?=c:\users\user\downloads\
|
