home

SIW.EXE

System Information for Windows

Topala Software Solutions

This is a setup program which is used to install the application. The file has been seen being downloaded from forum.enativ.com.
Publisher:
Topala Software Solutions

Product:
System Information for Windows

Description:
System Information

Version:
2008, 09, 03, 0

MD5:
a19d939617a20d72734f05296eea6975

SHA-1:
7d6970e41b2ed9e8f0c08bf1ea89e42202764384

SHA-256:
8107a73ab3fce85dcd41363255977aea014424c69d8a846a6102b29eb1db058e

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/16/2024 5:24:40 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4959

Rising Antivirus
PE:Trojan.Win32.Generic.125AF63F!307951167
23.00.65.14415

File size:
1.5 MB (1,530,880 bytes)

Product version:
2008, 09, 03, 0

Copyright:
Copyright © 2004-2008 Gabriel Topala

Trademarks:
Copyright © 2004-2008 Gabriel Topala

Original file name:
SIW.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\tc up\plugins\media\siw\siw.exe

File PE Metadata
Compilation timestamp:
9/9/2008 1:39:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:1dJ1Pg+G44xyuuq2eOkO+Tsnczp/T3lyxpcX2snk/617npQe50a7G:1X1Q4k85nczB3w7sBk/UGEK

Entry address:
0x541D6

Entry point:
B8, 90, 62, 92, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 11, F9, 9A, AF, 58, ED, 95, 0D, 49, 3A, A9, 82, 64, 55, 24, 34, 6D, 4C, 6B, B5, 05, A9, F9, 41, BE, A5, 1B, B1, 90, 93, 7D, 96, 17, 8C, 84, C5, 4C, 26, DA, B2, 74, 1E, A2, DF, E7, 70, 12, 7B, A1, 62, 50, C9, 44, A8, 99, 54, F3, 28, C4, F4, 82, F2, 37, 41, 3D, A3, 7C, F4, B9, DA, 1E, 58, C7, 20, 11, 48, 50, 91, 1E, E0, 08, 35, 29, 35, 02, C7, B1, 4F, A8, 3C, 62, 6E, F6...
 
[+]

Packer / compiler:
PECompact v2

Code size:
1.6 MB (1,705,472 bytes)

The file SIW.EXE has been seen being distributed by the following URL.

http://forum.enativ.com/.../file.php?id=977&sid=48fa93ff17771064da8c1846bfc4b1fc

Scan SIW.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.