» SIV.exe
Overview
Analysis
File Details

SIV.exe

SIV

RH Software

File name:

SIV.exe

Publisher:

Ray Hinchliffe (signed by RH Software)

Product:

SIV

Description:

System Information Viewer

Version:

V3.30

MD5:

3eebdf87bb6a20c1e92f603cebd92961

SHA-1:

08e62fb4e36689a8b6c09462d44d6d2ea074336d

SHA-256:

02d5bf96fa43302d91fb4c9e6f829bc87c7a82f476651dfda13fadee28b2f6ad

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/27/2024 3:02:36 AM UTC (today)

Scan engine

Detection

Engine version

Fortinet FortiGate

suspicious

6/24/2014

File size:

2 MB (2,087,424 bytes)

Product version:

V3.30

Original file name:

SIV.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\virtualstore\Program Files\pcwelt\pcwvistape\pcwvistape\tools\vistape\target\vistape-core\programs\siv\siv.exe

Digital Signature

Signed by:

RH Software

Authority:

VeriSign, Inc.

Valid from:

12/6/2007 1:00:00 AM

Valid to:

2/21/2009 12:59:59 AM

Subject:

CN=RH Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RH Software, S=Hants, C=GB

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6CCFDCBA5E421AB13DD4352AC138160C

File PE Metadata

Compilation timestamp:

4/28/2008 6:47:45 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:gkpz1GSJWOCgZi6DL1xfNYsj7MJFcWXarlbcZDEZQ0+KQ4dD3OkvQ+Aaji:7puMDRPYsEbcWXobVZW6D3BrAau

Entry address:

0xA55AE

Entry point:

55, 8B, EC, 6A, FF, 68, A8, A3, 4A, 00, 68, 96, 57, 4A, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 58, 63, 4A, 00, 59, 83, 0D, A0, 5A, 4F, 00, FF, 83, 0D, A4, 5A, 4F, 00, FF, FF, 15, 54, 63, 4A, 00, 8B, 0D, B8, BA, 4E, 00, 89, 08, FF, 15, 50, 63, 4A, 00, 8B, 0D, B4, BA, 4E, 00, 89, 08, A1, 4C, 63, 4A, 00, 8B, 00, A3, A8, 5A, 4F, 00, E8, 28, 01, 00, 00, 39, 1D, 30, B9, 4E, 00, 75, 0C, 68, 42, 57, 4A, 00, FF, 15, 48, 63... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

660 KB (675,840 bytes)

Scan SIV.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.