home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “SpyShelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
8.5.00.00 built by: Windows

MD5:
220c13d3224e4dea0427bc8a64c11ba2

SHA-1:
3fc44f21a46386a33f9cb7554899f5e1baababd0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:38:42 PM UTC  (today)

File size:
345.8 KB (354,104 bytes)

Product version:
8.5

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
9/8/2012 6:58:51 PM

Valid to:
11/7/2013 9:09:30 AM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, OU=Datpol, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EAB2799A417769A6985740A2E4F3F285

File PE Metadata
Compilation timestamp:
6/25/2013 4:48:31 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
6144:jEk1ReA/R6d3h96Elmyx8+d+oQSkyyjx1QkbohWweFuOQP8UdhgZxQY23D/:jEkjeA/R6dnfleSkyuOIF+8UEuR37

Entry address:
0xBD253

Entry point:
60, FF, 74, 24, 08, 60, E9, 04, 3D, FB, FF, 0F, 70, 0F, 82, 3D, 03, 59, B5, 1A, 6D, 8F, 87, 01, A6, 66, 00, 28, CE, A0, AB, E1, BE, D2, F5, AF, 28, 84, E3, 91, 3E, E2, 2C, 71, 52, CD, F8, FE, 96, E3, E1, 51, 64, F0, 87, F5, BA, 76, C4, 2E, 7D, 5A, 9A, 3B, BB, 24, 24, 2E, 8E, 3B, 7C, B0, 2B, 59, 1E, AE, 25, 62, D3, 78, 77, E6, 6D, 68, 86, 3B, FA, 02, 34, 8D, 01, 62, 01, F9, 6A, 98, 95, C7, F0, 07, FB, A2, 47, CC, 91, 63, EC, 75, 3B, A1, 7E, E0, 7D, 86, FF, 69, D1, D8, 2C, 2A, CA, DB, 6C, 31, 5A, BC, C9, 6F...
 
[+]

Entropy:
7.9007  (probably packed)

Code size:
118 KB (120,832 bytes)

Driver
Display name:
SpyShelter

Type:
Kernel device driver (KernelDriver)


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.