home

SIW.EXE

System Information for Windows

Topala Software Solutions

The application SIW.EXE, “System Information” by Topala Software Solutions has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
Topala Software Solutions  (signed and verified)

Product:
System Information for Windows

Description:
System Information

Version:
4,8,0,1

MD5:
614dc56316549e3300acc1984c23c0c1

SHA-1:
d73ef562fbd434a0ef7256092c75222c0ca0c766

SHA-256:
e2b28a3103cbdf1eefa2fbf3da7687fc75d638c592ab13b0e6b278322babe89d

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 9:10:36 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

AVG
Topala Software Solutions
2017.0.2850

Bkav FE
W32.HfsAutoA
1.3.0.4923

ESET NOD32
Win32/RemoteAdmin.RemoteExec.AA (variant)
10.9623

McAfee
Program.PWCrack-Finder
5600.6506

Reason Heuristics
PUP.TopalaSoftwareSolutions (M)
16.1.29.0

Trend Micro House Call
TROJ_GEN.F47V0828
7.2.29

File size:
4 MB (4,145,256 bytes)

Product version:
4,8,0,1

Copyright:
Copyright © 2005-2014 Gabriel Topala

Original file name:
SIW.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\siw_trial\technician\siw.exe

Digital Signature
Signed by:
Topala Software Solutions

Authority:
COMODO CA Limited

Valid from:
5/3/2012 8:00:00 PM

Valid to:
5/4/2015 7:59:59 PM

Subject:
CN=Topala Software Solutions, O=Topala Software Solutions, STREET="22 Elkhorn Dr., #251", PostalCode=M2K 1J4, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F1E362709E9545879CCFC63C3E7D085D

File PE Metadata
Compilation timestamp:
5/25/2014 11:21:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:0Jufoo3UsgfrstAmcLI4ZEQqmlrrVJ8re4bmqnvu:CanvtAmc8Lm5Jc1

Entry address:
0x2FD3FE

Entry point:
B8, 10, 12, 3A, 01, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, A0, A0, 69, 57, 19, DC, CC, 36, A7, 93, 41, 91, F9, BF, AB, EA, 4F, 09, A5, 01, 27, 4D, 57, A6, 02, 2E, EC, AB, 0A, 77, 03, BA, 2A, 76, 41, B2, DE, 08, CA, ED, 8D, 33, 2C, 34, 75, 51, BE, DB, 59, 61, 29, CC, FD, 03, 16, 23, 4F, AA, 0E, C6, 10, CB, 60, 65, B5, B8, 09, 3D, 6E, 73, 1B, 66, 2C, 0E, 3A, 1A, D6, D1, EA, D4, 40, 85, 8E, D3, 90, 84, DB, 48, 04, 12, EF, 11, A5...
 
[+]

Entropy:
7.7827

Packer / compiler:
PECompact v2

Code size:
3.5 MB (3,649,536 bytes)

Remove SIW.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.