» spyshelter.sys
Overview
Analysis
File Details
Behaviors (1)

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “Spyshelter”.

File name:

spyshelter.sys

Publisher:

SpyShelter (signed by Datpol Janusz Siemienowicz)

Product:

SpyShelter

Description:

SpyShelter Driver

Version:

9.1.00.00 built by: Windows

MD5:

d9de13b720f3537ff057fd80718ceacd

SHA-1:

03f6a6f949b2cd8f0857a71e98591771ef51ab6a

SHA-256:

38e81f0d18d39a19e2d36d0cea62e443323a9cd715a855f15c4768581ebecff8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 5:57:58 AM UTC (today)

File size:

397.8 KB (407,392 bytes)

Product version:

9.1

Original file name:

SpyShelterDrv.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

11/1/2013 10:08:56 AM

Valid to:

12/8/2014 5:09:30 PM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112176D4B94E84F997B75286D5F8613C2EFD

File PE Metadata

Compilation timestamp:

7/1/2014 12:16:52 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

12288:W5tTR+wiwafwczuYRBQcHk1jc1zAgasrLxcSZKCfuy4NDw0VHf7k:W5n+tVoczlBGK/nFcepWy4l5Hf7k

Entry address:

0x83F53

Entry point:

68, 9A, DF, 08, F1, C7, 04, 24, 98, 02, 40, E4, 9C, C7, 04, 24, 8F, 4E, 36, 09, 9C, FF, 34, 24, 57, 60, 8D, 64, 24, 2C, E9, 3C, 49, 05, 00, 5F, 4A, 04, D3, 2E, 4B, F8, 1F, 0D, F6, DC, B5, B3, 88, 75, 76, 37, 26, 15, 1A, 1F, 1A, 78, 4F, 4A, 2B, 01, C6, DB, DA, FF, FF, F8, D3, B8, F9, 75, 8A, A3, 1E, F9, 5B, 58, 2B, 22, 15, FE, 35, DB, C4, F7, 3A, FC, AE, 91, 79, 42, 47, C1, FD, 73, BD, E6, 19, 33, F2, CF, 72, 0A, F1, 32, A5, 6E, D2, F3, 86, BB, 42, 1E, 68, 35, A6, C1, 1E, DF, 09, D2, EC, 0F, 41, 6B, 7B, 01... 
[+]

Code size:

123.5 KB (126,464 bytes)

Driver

Display name:

Spyshelter

Description:

Spyshelter driver

Type:

Kernel device driver (KernelDriver)

Group:

FSFilter Activity Monitor

Depends on:

FltMgr

Scan spyshelter.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.