× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6d07ec7de3c5db7953286fe0e32bf070a7a5c3d8920b69622590f0e4d972d6b9
File name: 32bwsx(1).exe
Detection ratio: 0 / 61
Analysis date: 2017-03-20 02:46:07 UTC ( 4 days, 13 hours ago ) View latest
Antivirus Result Update
Ad-Aware 20170320
AegisLab 20170320
AhnLab-V3 20170319
Alibaba 20170228
ALYac 20170319
Antiy-AVL 20170320
Arcabit 20170320
Avast 20170320
AVG 20170320
Avira (no cloud) 20170319
AVware 20170320
Baidu 20170318
BitDefender 20170320
CAT-QuickHeal 20170318
ClamAV 20170319
CMC 20170317
Comodo 20170320
CrowdStrike Falcon (ML) 20170130
Cyren 20170320
DrWeb 20170320
Emsisoft 20170320
Endgame 20170317
ESET-NOD32 20170319
F-Prot 20170320
F-Secure 20170320
Fortinet 20170320
GData 20170320
Ikarus 20170319
Invincea 20170203
Jiangmin 20170320
K7AntiVirus 20170319
K7GW 20170320
Kaspersky 20170320
Kingsoft 20170320
Malwarebytes 20170320
McAfee 20170320
McAfee-GW-Edition 20170320
Microsoft 20170320
eScan 20170320
NANO-Antivirus 20170320
nProtect 20170320
Palo Alto Networks (Known Signatures) 20170320
Panda 20170319
Qihoo-360 20170320
Rising 20170320
SentinelOne (Static ML) 20170315
Sophos 20170320
SUPERAntiSpyware 20170319
Symantec 20170319
Tencent 20170320
TheHacker 20170318
TotalDefense 20170319
TrendMicro 20170320
TrendMicro-HouseCall 20170320
Trustlook 20170320
VBA32 20170317
VIPRE 20170320
ViRobot 20170320
Webroot 20170320
WhiteArmor 20170315
Yandex 20170318
Zillya 20170317
ZoneAlarm by Check Point 20170319
Zoner 20170320
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © since 1990

Product 32bit Web Browser Installation
Original name 32bwsx.exe
Internal name 32bwsx.exe
File version 10.06.01
Description 32bit Web Browser Installer
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 3:45 PM 3/24/2017
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-12 15:34:27
Entry Point 0x0000800D
Number of sections 4
PE sections
Overlays
MD5 fbc24178f7152ae845f6a2fbca643514
File type data
Offset 1048576
Size 4304
Entropy 7.25
PE imports
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetMapMode
PatBlt
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
DeleteObject
IntersectClipRect
BitBlt
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
GetTextExtentPointA
CreateCompatibleDC
ScaleViewportExtEx
SelectObject
SetWindowExtEx
CreateSolidBrush
Escape
SetBkColor
SetViewportExtEx
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
HeapDestroy
IsBadCodePtr
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
SetLastError
GetEnvironmentVariableA
GlobalFindAtomA
HeapAlloc
GetVersionExA
RemoveDirectoryA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesA
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
FindNextFileA
GlobalLock
GetTimeZoneInformation
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
GetModuleFileNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteA
MapWindowPoints
SetDlgItemTextA
GetMessagePos
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
ClientToScreen
GetTopWindow
ExcludeUpdateRgn
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetMenuState
ShowWindow
GetPropA
ValidateRect
EnableWindow
LoadImageA
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CheckRadioButton
LoadStringA
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
IsWindowUnicode
PtInRect
IsDialogMessageA
SetFocus
BeginPaint
OffsetRect
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
ShowCaret
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
GetDC
SetForegroundWindow
PostThreadMessageA
DrawTextA
IntersectRect
EndDialog
HideCaret
CharNextA
GetCapture
CheckMenuItem
UnhookWindowsHookEx
RegisterClipboardFormatA
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
InvalidateRect
wsprintfA
DefDlgProcA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
OleUninitialize
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CoCreateInstance
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
Number of PE resources by type
RT_STRING 12
RT_RCDATA 7
RT_BITMAP 5
RT_DIALOG 4
RT_ICON 2
RT_CURSOR 2
RT_GROUP_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 35
PE resources
ExifTool file metadata
LegalTrademarks
ElectraSoft, 32bit Web Browser

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
32bit Web Browser Installer

CharacterSet
Unicode

InitializedDataSize
950272

EntryPoint
0x800d

OriginalFileName
32bwsx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright since 1990

FileVersion
10.06.01

TimeStamp
2017:01:12 16:34:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
32bwsx.exe

ProductVersion
10.06.01

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ElectraSoft

CodeSize
118784

ProductName
32bit Web Browser Installation

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 1d508befa0fc0c59395fa4c163eae9ed
SHA1 6591bc236ff7de761ce070220d9da0d790535097
SHA256 6d07ec7de3c5db7953286fe0e32bf070a7a5c3d8920b69622590f0e4d972d6b9
ssdeep
12288:8P2wrnIwS3OTHG/3unrtTi/LsfV2Agygwus0yFyF:8P2wrn7S2Qgi/LsfVeygw30yFyF

authentihash 904aed873241f0d3ef56c10491aa2845b5a3d15ea8e732bb744a137c792bdfc2
imphash 3939abde5434dd98e9c954580939d71d
File size 1.0 MB ( 1052880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-01-12 22:45:26 UTC ( 2 months, 1 week ago )
Last submission 2017-03-03 22:09:49 UTC ( 2 weeks, 6 days ago )
File names 32bwsx(1).exe
3872079
32bwsx.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
UDP communications