home

SIW.EXE

System Information for Windows

Topala Software Solutions

This is a setup program which is used to install the application. The file has been seen being downloaded from dl-web.dropbox.com and multiple other hosts.
Publisher:
Topala Software Solutions

Product:
System Information for Windows

Description:
System Information

Version:
2010,07,14, 0

MD5:
13dbc7b84232604ddaca90bb9296c9a8

SHA-1:
030e9556494c2784f301fab8708e224c0e444106

SHA-256:
fed89885f13bded6403daa145d2ef0e37824d1a21fbd44f738f5738f897bc70f

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/28/2024 9:15:09 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Bkav FE
HW32.CDB
1.3.0.4613

ESET NOD32
Win32/RemoteAdmin.RemoteExec.AA (variant)
8.9245

File size:
2.2 MB (2,277,376 bytes)

Product version:
2010,07,14, 0

Copyright:
Copyright © 2004-2010 Topala Software Solutions

Trademarks:
Copyright © 2004-2010 Topala Software Solutions

Original file name:
SIW.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\siw.exe

File PE Metadata
Compilation timestamp:
10/29/2010 2:08:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:TmQGRlETbr3OYojfQjE3ZJS1emmMEwt2K3Dl2Dim:6dsbjff5EwoK3UDz

Entry address:
0x598E3

Entry point:
B8, BC, 92, D6, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, B0, 5B, 6A, FB, 30, 1E, 61, AB, 57, FB, 60, 55, 5E, B6, EE, FF, B1, A9, 79, 25, 1B, EB, E5, 6F, B3, FC, 29, FC, 3D, 6E, F5, E8, 22, 08, B9, 50, 71, 5E, 80, 77, 5D, 74, 65, E2, 58, 2F, B7, A9, 78, 24, 90, 54, EF, 00, F5, 20, 55, 66, 80, E1, C7, A3, 5B, 56, 7C, 43, A1, B5, AE, CB, 59, 4C, 2D, 04, E8, 71, 48, 97, 67, C5, F3, 72, 1E, D9, A9, 93, 53, 36, B7, 75, C0, 5F, 45...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.8 MB (1,884,160 bytes)

The file SIW.EXE has been seen being distributed by the following 9 URLs.

https://dl-web.dropbox.com/get/brane/data/soft/windows/.../siw.exe

http://www.portablefreeware.com/download.php?dd=159

https://doc-10-cc-docsviewer.googleusercontent.com/viewer/securedownload/0i10nh714gs75ntsm805h0dgq39uk5l0/dtmblmhhh606q2pofd722n97mn212dta/1396066500000/ZXhwbG9yZXI=/.../MEIxdlNhQWRTbGFjblJFRjNOMjVLVFY5YVVUZw==?sec=AHSqidacYO2Tu15AET3O0A5xx7DsnMoZvhFuiOhbEC0Ly6ZUTtAuZ0CdykKH30snBMyQfnpD0UNr&a=dl&filename=SystemInfoForWindows.zip&rel=zip;z1;siw.exe&nonce=gjrnhiamrfi2q&user=AGZ5hq8_gwAf3CfiBcedACty2Dd-&hash=sfsgts838fomspo67m2hl15em7sabn6o

https://docs.google.com/viewer/noncesigner?nonce=gjrnhiamrfi2q&continue=https://doc-10-cc-docsviewer.googleusercontent.com/viewer/securedownload/0i10nh714gs75ntsm805h0dgq39uk5l0/dtmblmhhh606q2pofd722n97mn212dta/1396066500000/ZXhwbG9yZXI=/.../MEIxdlNhQWRTbGFjblJFRjNOMjVLVFY5YVVUZw==?sec=AHSqidacYO2Tu15AET3O0A5xx7DsnMoZvhFuiOhbEC0Ly6ZUTtAuZ0CdykKH30snBMyQfnpD0UNr&a=dl&filename=SystemInfoForWindows.zip&rel=zip;z1;siw.exe&hash=e1366ssoc5n4t8gtqkfoun6678isr212

https://doc-10-cc-docsviewer.googleusercontent.com/viewer/securedownload/0i10nh714gs75ntsm805h0dgq39uk5l0/dtmblmhhh606q2pofd722n97mn212dta/1396066500000/ZXhwbG9yZXI=/.../MEIxdlNhQWRTbGFjblJFRjNOMjVLVFY5YVVUZw==?a=dl&filename=SystemInfoForWindows.zip&sec=AHSqidacYO2Tu15AET3O0A5xx7DsnMoZvhFuiOhbEC0Ly6ZUTtAuZ0CdykKH30snBMyQfnpD0UNr&rel=zip;z1;siw.exe

http://downloads.pcworld.com/pub/new//utilities/.../siw.exe

http://www.gtopala.com/.../siw.exe

http://dl.dropboxusercontent.com/u/.../website-portablefreeware/SIW mirror/siw.exe

https://dl-web.dropbox.com/get/Whacko turk/.../siw.exe

Scan SIW.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.