home

spyshelter.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.6.0 built by: Windows

MD5:
dc0dd018dc2a8354cbe42374bd6c8921

SHA-1:
eba8cf25bacd2c8d5e6186a12ca7011ca0cc6c77

SHA-256:
f262ce8d8237f725de2e0f238f410b8ba3d9db80a80257842350da1c96971561

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 6:19:26 PM UTC  (today)

File size:
1.8 MB (1,849,744 bytes)

Product version:
10.8.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/25/2016 10:55:30 AM

Valid to:
8/26/2017 7:49:24 AM

Subject:
CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=OLKUSZ, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
7F3EA61EAE04BAEDC14B924C

File PE Metadata
Compilation timestamp:
10/14/2016 7:56:28 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
49152:hS+pOpt9sIE206Z/OvsH7MdUqfFxw5Kicoyfk:LgptbVZ/dMdUqfHw5Kxk

Entry address:
0x29F6CA

Entry point:
68, 3D, 37, A8, CF, E8, 2E, 1E, 19, 00, A3, D5, 24, F9, 78, D9, C2, 24, 79, 57, 0D, DD, 24, 79, EB, DB, C2, 24, B9, A8, 2D, DD, 24, 79, B0, A5, C2, 24, 79, 43, 03, C2, 24, 39, D5, 2E, F3, 24, 79, 66, 6C, A9, DB, 06, D0, 82, 47, DB, C6, C2, 60, 47, DB, 06, 63, 86, 58, DB, 86, 03, 61, 47, DB, 86, 84, 2D, 58, DB, 86, 28, 5B, 47, DB, 46, C8, 8D, 58, DB, 86, 53, C5, 47, DB, 86, 00, 03, 47, DB, C6, F6, 4E, 76, DB, 86, 85, 8C, 2C, 24, F9, 73, 09, 31, DB, 86, 4C, E3, 2B, DB, C6, 7D, 4F, 85, 24, B9, 01, E2, 24, B9...
 
[+]

Entropy:
7.9492  (probably packed)

Code size:
202.5 KB (207,360 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.