× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1161e68618739147462a084f4beda4e1824def756654c93862433e3c1347ea44
File name: 32bwsx.exe
Detection ratio: 0 / 56
Analysis date: 2017-01-10 12:40:08 UTC ( 6 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware 20170110
AegisLab 20170110
AhnLab-V3 20170110
Alibaba 20170110
ALYac 20170110
Antiy-AVL 20170110
Arcabit 20170110
Avast 20170110
AVG 20170110
Avira (no cloud) 20170110
AVware 20170110
Baidu 20170110
BitDefender 20170110
Bkav 20170110
CAT-QuickHeal 20170110
ClamAV 20170110
CMC 20170110
Comodo 20170110
CrowdStrike Falcon (ML) 20161024
Cyren 20170110
DrWeb 20170110
Emsisoft 20170110
ESET-NOD32 20170110
F-Prot 20170110
Fortinet 20170110
GData 20170110
Ikarus 20170110
Sophos ML 20161216
Jiangmin 20170110
K7AntiVirus 20170110
K7GW 20170110
Kaspersky 20170110
Kingsoft 20170110
Malwarebytes 20170110
McAfee 20170108
McAfee-GW-Edition 20170110
Microsoft 20170110
eScan 20170110
NANO-Antivirus 20170110
nProtect 20170110
Panda 20170109
Qihoo-360 20170110
Rising 20170110
Sophos AV 20170110
SUPERAntiSpyware 20170110
Tencent 20170110
TheHacker 20170108
TotalDefense 20170110
TrendMicro 20170110
TrendMicro-HouseCall 20170110
Trustlook 20170110
VBA32 20170109
VIPRE 20170110
ViRobot 20170110
WhiteArmor 20170109
Yandex 20170109
Zillya 20170109
Zoner 20170110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © since 1990

Product 32bit Web Browser Installation
Original name 32bwsx.exe
Internal name 32bwsx.exe
File version 10.06.01
Description 32bit Web Browser Installer
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 1:40 PM 1/10/2017
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-22 20:13:53
Entry Point 0x0000800D
Number of sections 4
PE sections
Overlays
MD5 f8be032b0656fe72832be8237723d978
File type data
Offset 1048576
Size 4304
Entropy 7.25
PE imports
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetMapMode
PatBlt
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
DeleteObject
IntersectClipRect
BitBlt
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
GetTextExtentPointA
CreateCompatibleDC
ScaleViewportExtEx
SelectObject
SetWindowExtEx
CreateSolidBrush
Escape
SetBkColor
SetViewportExtEx
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
HeapDestroy
IsBadCodePtr
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
SetLastError
GetEnvironmentVariableA
GlobalFindAtomA
HeapAlloc
GetVersionExA
RemoveDirectoryA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesA
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
FindNextFileA
GlobalLock
GetTimeZoneInformation
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
GetModuleFileNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteA
MapWindowPoints
SetDlgItemTextA
GetMessagePos
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
ClientToScreen
GetTopWindow
ExcludeUpdateRgn
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetMenuState
ShowWindow
GetPropA
ValidateRect
EnableWindow
LoadImageA
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CheckRadioButton
LoadStringA
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
IsWindowUnicode
PtInRect
IsDialogMessageA
SetFocus
BeginPaint
OffsetRect
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
ShowCaret
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
GetDC
SetForegroundWindow
PostThreadMessageA
DrawTextA
IntersectRect
EndDialog
HideCaret
CharNextA
GetCapture
CheckMenuItem
UnhookWindowsHookEx
RegisterClipboardFormatA
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
InvalidateRect
wsprintfA
DefDlgProcA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
OleUninitialize
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CoCreateInstance
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
Number of PE resources by type
RT_STRING 12
RT_RCDATA 7
RT_BITMAP 5
RT_DIALOG 4
RT_ICON 2
RT_CURSOR 2
RT_GROUP_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 35
PE resources
ExifTool file metadata
LegalTrademarks
ElectraSoft, 32bit Web Browser

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
32bit Web Browser Installer

CharacterSet
Unicode

InitializedDataSize
950272

EntryPoint
0x800d

OriginalFileName
32bwsx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright since 1990

FileVersion
10.06.01

TimeStamp
2016:11:22 21:13:53+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
32bwsx.exe

ProductVersion
10.06.01

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ElectraSoft

CodeSize
118784

ProductName
32bit Web Browser Installation

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 dc4f5e3cc352fa3d63131e8755fcdf43
SHA1 6d376a0ac5b8c172024df0e0080c99ddcf2975e9
SHA256 1161e68618739147462a084f4beda4e1824def756654c93862433e3c1347ea44
ssdeep
12288:6P2wrnIwS3LTHG/3unrtTi/LsfV2Agygwul0yFyz:6P2wrn7SnQgi/LsfVeygwm0yFyz

authentihash 65f90a81d890e9803351acbfd3380904fb1dd03cd88ba86707cf6b55e40e5c0a
imphash 3939abde5434dd98e9c954580939d71d
File size 1.0 MB ( 1052880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-11-23 05:06:00 UTC ( 8 months ago )
Last submission 2016-12-30 18:13:44 UTC ( 6 months, 3 weeks ago )
File names 1161E68618739147462A084F4BEDA4E1824DEF756654C93862433E3C1347EA44.exe
3958305
32bwsx.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Opened mutexes
Runtime DLLs
UDP communications