Trojan.Sivis

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	12,026
Threat Level:	80 % (High)
Infected Computers:	631

First Seen:	September 25, 2012
Last Seen:	March 22, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Sivis
Signature status:	No Signature

Known Samples

MD5: fe95d6f2f67500c841e5dc00df48c5c0

SHA1: df145341b70fd5028f9c5bf7dd8d0ba41af12f2a

SHA256: 8C3E7776B4DE824C93CDFFAA7769DA9D53699EC26E437AFBF363578B927686A7

File Size: 9.29 MB, 9286656 bytes

MD5: 98c47323dec1ec88193c7d2f7579dbde

SHA1: 3e945b934c145eb6addf85afeaf88df6221edc7c

SHA256: 4A8CA368B60B700838A6E56839A43DC8BA8B24CA335403C036C6E8D119375B2A

File Size: 9.29 MB, 9286656 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have relocations information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
File Description	Plants vs. Zombies
File Version	1.0.0.1051
Internal Name	Plants vs. Zombies
Legal Copyright	Copyright (C) 2009
Original Filename	PlantsVsZombies.exe
Product Name	Plants vs. Zombies
Product Version	1.0.0.1051

File Traits

2+ executable sections
x86

Block Information

Total Blocks:	8,426
Potentially Malicious Blocks:	3,093
Whitelisted Blocks:	3,508
Unknown Blocks:	1,825

Visual Map

0 ? x x x ? 0 x x ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 0 x x x x x x 0 0 x x 0 0 x 0 0 0 x 0 x 0 x x x x x ? x x x x x x x ? ? 0 x x ? x ? 0 0 ? 0 ? ? x x x x x x x x x x 0 x x x x x 0 x x ? ? 0 ? ? ? ? ? ? 0 ? ? ? 0 x x x 0 0 0 0 0 x x ? ? ? x x ? x ? ? ? ? ? ? ? ? x x x x x ? 0 ? x x x x x x 0 x x x x x 0 x x x x x ? ? x ? 0 x x ? ? 0 0 x x x x x ? x ? x x x 0 ? ? ? ? 0 x x x x ? ? ? x ? ? ? 0 x ? ? 0 ? ? ? 0 ? 0 ? 0 ? ? 0 0 ? 0 ? 0 0 ? ? ? 0 ? x x x ? ? ? ? ? x 0 ? 0 ? ? 0 ? 0 ? 0 ? ? ? 0 0 0 0 ? 0 0 ? 0 x ? 0 ? ? ? ? ? ? ? ? ? 0 x x x ? 0 ? 0 ? ? 0 ? 0 x ? 0 ? 0 ? ? ? 0 ? 0 ? 0 0 0 ? 0 x x x x x x ? ? ? 0 x 0 ? ? ? 0 0 x x ? 0 x ? ? ? 0 ? ? 0 0 0 0 0 0 0 0 0 x x x x x x x x x 0 0 ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? 0 x ? ? ? 0 0 ? x ? ? 0 ? 0 x x ? ? 0 0 ? x x x x ? 0 0 x ? x 0 x x x x x ? 0 0 0 ? ? ? 0 ? 0 0 x x ? x x x x x x x x x x x x x x x x x x x x x ? ? 0 ? 0 0 ? x ? x x x x 0 x x x x ? ? 0 ? ? ? 0 ? x x x x x 0 0 x x x x x x x x x 0 0 0 x x x x 0 x x 0 x x x 0 0 x x 0 x x 0 0 0 0 x x x ? 0 ? ? ? ? ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x 0 x x ? ? ? x x x 0 ? x x 0 x x ? 0 ? 0 0 x ? ? 0 ? 0 ? ? 0 ? 0 ? ? x x x x x 0 x x x x x x ? 0 0 ? x x x 0 ? x x x x x x 0 x x x x x x x x x x x 0 x 0 x x x x x x x x x 0 0 x 0 x x ? ? 0 0 x x x x x x ? ? ? ? ? x x ? ? ? ? ? 0 x x ? ? x x x 0 ? ? ? ? 0 x 0 x x x x x x x x 0 x 0 x x x 0 x 0 x x x x x x x x x x x x x x ? x x x x x ? ? x x ? ? 0 0 ? ? 0 0 x x 0 0 0 ? 0 ? ? ? ? ? ? ? x ? ? x x x x x x 0 x x x x x x x 0 x x x x x x x x x ? x x x ? x x x x x ? 0 x ? ? 0 x ? ? x x x x x x 0 ? x x x ? 0 ? x ? ? ? x ? ? ? ? 0 x x x x x x x x x x x 0 0 0 x x 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x x x 0 0 x x x x 0 x x x x x x x x x 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 x x x x 0 x x x x 0 0 x x x x 0 0 0 0 x x x x x x x x x x x x x x x x x 0 x x 0 x x x 0 0 0 0 0 0 ? 0 x x x 0 x x x x x x x ? x x x x x ? ? 0 ? ? ? 0 0 ? ? ? x x x x x x x x x x x x x x x x x x x x x x ? ? ? x ? ? x ? 0 ? x ? ? x ? x ? ? ? x x x x x x x x x x x x ? ? 0 ? ? x x ? ? x x x 0 0 0 x x 0 0 0 x 0 x x 0 x x x x x x x ? 0 x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 x ? x x x x x x x x x x x x x x x x 0 ? ? 0 x x x x x x x x x 0 0 x x 0 x x x x x x ? x x x x x ? ? x 0 x x x ? 0 0 ? ? ? x 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x ? ? ? ? ? 0 ? ? 0 ? ? x x x ? ? ? 0 ? x ? ? x x x ? 0 ? ? 0 x 0 0 ? ? 0 ? ? ? ? ? 0 0 ? 0 ? ? ? ? 0 0 x ? ? 0 ? 0 0 0 x x ? ? ? ? ? ? ? 0 0 0 ? ? 0 ? ? x x x x ? ? ? ? x ? 0 ? 0 0 0 ? ? 0 0 x ? ? ? 0 x x x x x x ? 0 ? ? ? x x x 0 x x x x x x x x x x 0 ? 0 ? ? x ? 0 ? 0 ? ? ? x ? x 0 ? x x ? ? x 0 ? x x ? 0 x 0 x x x ? ? x x ? ? ? ? ? ? ? ? ? ? ? x x ? ? x x x x x x x 0 ? 0 ? ? ? 0 ? ? ? 0 ? ? x x ? ? ? 0 0 ? ? ? 0 ? ? ? ? ? x ? 0 ? x x ? 0 0 ? ? ? ? x 0 x ? 0 ? ? ? x 0 x ? ? ? 0 ? ? ? ? ? ? ? 0 ? 0 0 0 0 x ? ? ? ? ? ? x 0 x x x 0 x x x x 0 x 0 x 0 x x x x x x x x x x x x 0 x x x x x x 0 x x x x 0 x x x x x 0 x 0 0 x x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 x 0 x ? ? ? 0 0 ? ? 0 ? 0 ? ? ? 0 ? 0 x ? ? ? x ? x ? ? ? ? ? 0 ? ? ? ? x ? x ? ? ? ? ? x x 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? x 0 ? ? x x x x x ? ? ? 0 ? ? ? 0 ? ? 0 x x ? x x 0 x x x x 0 0 x 0 x x x 0 0 0 x 0 x 0 x x x 0 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x ? x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x ? ? ? x x x x x x x x x x x x x x x x x x ? 0 ? x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x x x x x ? ? x 0 x x x x x x x x x x x x x x x 0 ? ? ? ? ? ? 0 ? ? x ? 0 x x ? x ? ? ? ? ? ? 0 ? 0 ? ? ? 0 ? 0 x x x ? ? x ? ? ? ? ? x 0 x ? x ? x ? 0 0 ? 0 x x x x x 0 0 x x x ? ? ? ? 0 ? 0 x x x x x x x ? x x x ? x x 0 x x x x x x x x x x x x x x x x x ? ? x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Sivis

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Submit Comment

Trending

PUP.Super Driver Updater

Trojanized RedAlert Application

iScans Fake Crypto Tracker Scam

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Pornktube.porn

Discord Shows Black Screen when Sharing Screen