» SIW.EXE
Overview
Analysis
File Details

SIW.EXE

System Information for Windows

Topala Software Solutions

The application SIW.EXE, “System Information” by Topala Software Solutions has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

SIW.EXE

Publisher:

Topala Software Solutions (signed and verified)

Product:

System Information for Windows

Description:

System Information

Version:

4,8,0,1

MD5:

cc76f3f89ca4e9a9c6e9e3218316b7c7

SHA-1:

28fe958327b29e7851c64a331c4a31b9a045ba12

SHA-256:

9017cc54bc8e5daa1f05e4c2bd809222b324fd730ca0064a059dde4099bfc9da

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/5/2024 7:05:31 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.12.5.4

File size:

4 MB (4,145,256 bytes)

Product version:

4,8,0,1

Original file name:

SIW.EXE

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\siw pro trial\siw.exe

Digital Signature

Signed by:

Topala Software Solutions

Authority:

COMODO CA Limited

Valid from:

5/3/2012 9:00:00 PM

Valid to:

5/4/2015 8:59:59 PM

Subject:

CN=Topala Software Solutions, O=Topala Software Solutions, STREET="22 Elkhorn Dr., #251", PostalCode=M2K 1J4, C=CA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F1E362709E9545879CCFC63C3E7D085D

File PE Metadata

Compilation timestamp:

5/25/2014 12:21:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:lJufoo3UsgfrstAmcLI4ZEQqmlrrVJ8re4bmqnAu:5anvtAmc8Lm5Jc1

Entry address:

0x2FD3FE

Entry point:

B8, 10, 12, 3A, 01, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, A0, A0, 69, 57, 19, DC, CC, 36, A7, 93, 41, 91, F9, BF, AB, EA, 4F, 09, A5, 01, 27, 4D, 57, A6, 02, 2E, EC, AB, 0A, 77, 03, BA, 2A, 76, 41, B2, DE, 08, CA, ED, 8D, 33, 2C, 34, 75, 51, BE, DB, 59, 61, 29, CC, FD, 03, 16, 23, 4F, AA, 0E, C6, 10, CB, 60, 65, B5, B8, 09, 3D, 6E, 73, 1B, 66, 2C, 0E, 3A, 1A, D6, D1, EA, D4, 40, 85, 8E, D3, 90, 84, DB, 48, 04, 12, EF, 11, A5... 
[+]

Packer / compiler:

PECompact v2

Code size:

3.5 MB (3,649,536 bytes)

Remove SIW.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.