» Shieldf.sys
Overview
Analysis
File Details
Behaviors (1)

Shieldf.sys

Data Shield Professional

Spectra Computers India Private Limited

It runs as a Windows file system device driver named “Shieldf”.

File name:

Shieldf.sys

Publisher:

Keshav Software & Developers (signed by Spectra Computers India Private Limited)

Product:

Data Shield Professional

Description:

Shield file system filter

Version:

10.4

MD5:

fdc12c8af4a5894170e1dddcb1f5af3d

SHA-1:

5c018a375dba89555d63678171a0f8b68efed038

SHA-256:

cbb1ae5ec1b17ad2b52561a60e83b1720f4c56d7a8c522f72f03b27ebf5184dd

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/5/2024 11:52:26 PM UTC (a few moments ago)

File size:

26.5 KB (27,136 bytes)

Product version:

10.4

Original file name:

Shieldf.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Windows\System32\drivers\shieldf.sys

Digital Signature

Signed by:

Spectra Computers India Private Limited

Authority:

DigiCert Inc

Valid from:

4/7/2015 5:30:00 AM

Valid to:

6/10/2016 5:30:00 PM

Subject:

CN=Spectra Computers India Private Limited, O=Spectra Computers India Private Limited, L=New Mumbai, S=Maharashtra, C=IN

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

01A43EFC2EFEE274EA6D4D0D73E5B0BF

File PE Metadata

Compilation timestamp:

6/23/2015 11:16:51 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

384:qV58pqDCG2A2MBAv6ufdN+VDZUJypbT34ZL+yVIrzhnIZjB/cfZZvfOw:q8ADCw3BAiGRJypH3v6ahn2/cew

Entry address:

0x703E

Entry point:

8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 1C, C6, FF, FF, CC, CC, 98, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E8, 76, 00, 00, 0C, 50, 00, 00, 8C, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3A, 77, 00, 00, 00, 50, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, F6, 76, 00, 00, 18, 77, 00, 00, 00, 00, 00, 00, C8, 71, 00, 00, E0, 71, 00, 00, F0, 71, 00, 00, 00, 72, 00, 00, 14, 72, 00, 00, 2C, 72, 00, 00, 4A, 72, 00, 00, 66, 72, 00, 00, 7E, 72, 00, 00, 88, 72... 
[+]

Entropy:

6.4776

Code size:

17 KB (17,408 bytes)

Driver

Display name:

Shieldf

Type:

File system 'filter' driver (FileSystemDriver)

Group:

Filter

Scan Shieldf.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.