× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6e297c21542427ac18a6b232322050fda0ba3689a3108a7daac34931cece2d69
File name: 32bwsx.exe
Detection ratio: 0 / 61
Analysis date: 2017-06-16 19:34:06 UTC ( 5 days, 16 hours ago ) View latest
Antivirus Result Update
Ad-Aware 20170616
AegisLab 20170616
AhnLab-V3 20170616
Alibaba 20170616
ALYac 20170616
Antiy-AVL 20170616
Arcabit 20170616
Avast 20170616
AVG 20170616
Avira (no cloud) 20170616
AVware 20170616
Baidu 20170615
BitDefender 20170616
CAT-QuickHeal 20170616
ClamAV 20170616
CMC 20170616
Comodo 20170616
CrowdStrike Falcon (ML) 20170420
Cyren 20170616
DrWeb 20170616
Emsisoft 20170616
Endgame 20170615
ESET-NOD32 20170616
F-Prot 20170616
F-Secure 20170616
Fortinet 20170616
GData 20170616
Ikarus 20170616
Invincea 20170607
Jiangmin 20170616
K7AntiVirus 20170616
K7GW 20170616
Kaspersky 20170616
Kingsoft 20170616
Malwarebytes 20170616
McAfee 20170616
McAfee-GW-Edition 20170616
Microsoft 20170616
eScan 20170616
NANO-Antivirus 20170616
nProtect 20170616
Palo Alto Networks (Known Signatures) 20170616
Panda 20170616
Qihoo-360 20170616
Rising 20170616
SentinelOne (Static ML) 20170516
Sophos 20170616
SUPERAntiSpyware 20170616
Symantec 20170616
Symantec Mobile Insight 20170614
Tencent 20170616
TheHacker 20170616
TotalDefense 20170616
TrendMicro 20170616
TrendMicro-HouseCall 20170616
Trustlook 20170616
VBA32 20170616
VIPRE 20170616
ViRobot 20170616
Webroot 20170616
WhiteArmor 20170616
Yandex 20170616
Zillya 20170616
ZoneAlarm by Check Point 20170616
Zoner 20170616
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © since 1990

Product 32bit Web Browser Installation
Original name 32bwsx.exe
Internal name 32bwsx.exe
File version 10.06.01
Description 32bit Web Browser Installer
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 3:36 AM 6/22/2017
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-28 19:02:18
Entry Point 0x0000800D
Number of sections 4
PE sections
Overlays
MD5 8663d6d264bb6bb1821cf5b8518f4d85
File type data
Offset 1048576
Size 4304
Entropy 7.27
PE imports
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetMapMode
PatBlt
SaveDC
TextOutA
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
DeleteObject
IntersectClipRect
BitBlt
SetTextColor
GetObjectA
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
GetTextExtentPointA
CreateCompatibleDC
ScaleViewportExtEx
SelectObject
SetWindowExtEx
CreateSolidBrush
Escape
SetBkColor
SetViewportExtEx
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
HeapDestroy
IsBadCodePtr
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
SetLastError
GetEnvironmentVariableA
GlobalFindAtomA
HeapAlloc
GetVersionExA
RemoveDirectoryA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
SetFileAttributesA
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
FreeLibrary
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GlobalDeleteAtom
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
FindNextFileA
GlobalLock
GetTimeZoneInformation
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
GetModuleFileNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteA
MapWindowPoints
SetDlgItemTextA
GetMessagePos
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
ClientToScreen
GetTopWindow
ExcludeUpdateRgn
GetActiveWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
GetMenuState
ShowWindow
GetPropA
ValidateRect
EnableWindow
LoadImageA
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CheckRadioButton
LoadStringA
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
IsWindowUnicode
PtInRect
IsDialogMessageA
SetFocus
BeginPaint
OffsetRect
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
ShowCaret
GetSubMenu
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
GetDC
SetForegroundWindow
PostThreadMessageA
DrawTextA
IntersectRect
EndDialog
HideCaret
CharNextA
GetCapture
CheckMenuItem
UnhookWindowsHookEx
RegisterClipboardFormatA
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
InvalidateRect
wsprintfA
DefDlgProcA
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
OleUninitialize
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CoCreateInstance
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
Number of PE resources by type
RT_STRING 12
RT_RCDATA 7
RT_BITMAP 5
RT_DIALOG 4
RT_ICON 2
RT_CURSOR 2
RT_GROUP_CURSOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 35
PE resources
ExifTool file metadata
LegalTrademarks
ElectraSoft, 32bit Web Browser

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
32bit Web Browser Installer

CharacterSet
Unicode

InitializedDataSize
950272

EntryPoint
0x800d

OriginalFileName
32bwsx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright since 1990

FileVersion
10.06.01

TimeStamp
2017:03:28 20:02:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
32bwsx.exe

ProductVersion
10.06.01

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ElectraSoft

CodeSize
118784

ProductName
32bit Web Browser Installation

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 21ac09bec3c5ce99133722500601615a
SHA1 d8aeff73be2dcec176fa9ce3518734710291b619
SHA256 6e297c21542427ac18a6b232322050fda0ba3689a3108a7daac34931cece2d69
ssdeep
12288:nP2wrnIwS3ZTHG/3unrtTi/LsfV2AgygwuB0yFy7:nP2wrn7SJQgi/LsfVeygwe0yFy7

authentihash dc851447204a7559606faacce024b032769c67def67da8aeff9d0bc3821149c1
imphash 3939abde5434dd98e9c954580939d71d
File size 1.0 MB ( 1052880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.8%)
Win32 Executable MS Visual C++ (generic) (26.6%)
Win64 Executable (generic) (23.6%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-03-29 09:23:41 UTC ( 2 months, 3 weeks ago )
Last submission 2017-05-23 12:24:03 UTC ( 4 weeks, 1 day ago )
File names 32bwsx.exe
32bwsx.exe
6E297C21542427AC18A6B232322050FDA0BA3689A3108A7DAAC34931CECE2D69
32bwsx.exe
32bit-web-browser-17-04-01.exe
32BWSX.EXE
32bwsx.exe
6E297C21542427AC18A6B232322050FDA0BA3689A3108A7DAAC34931CECE2D69.exe
3872079
32bwsx.exe
32bwsx.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
UDP communications