home

SpyShelter.exe

SpyShelter

Datpol Janusz Siemienowicz

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SpyShelter’.
Publisher:
Datpol  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter GUI

Version:
10,8,9,0

MD5:
5bb6645ebc9a185930e6f78348397cd7

SHA-1:
36e663d920bf22f182ffdf2dfa64a2abbc522b65

SHA-256:
ee66d28f4125f21cae9d9108a1984b02c959641cefbb3940f6cb2c724dfb0ef6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 3:39:15 PM UTC  (today)

File size:
3.6 MB (3,740,928 bytes)

Product version:
10,8,9,0

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelter.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.exe

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/25/2016 4:55:30 PM

Valid to:
8/26/2017 1:49:24 PM

Subject:
CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=OLKUSZ, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
7F3EA61EAE04BAEDC14B924C

File PE Metadata
Compilation timestamp:
10/27/2016 10:29:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:29GmQI8+rsqN1Tk5YV/xn7y7rEW2FybAyoUg5Yg:2LQazJyYV/x7O2xt5Yg

Entry address:
0x9559A5

Entry point:
EB, 08, 74, C5, 36, 00, 00, 00, 00, 00, E9, D6, 45, E1, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 5E, 00, 0C, 00, 00, 00, D5, 3F, 00, 0F, 00, 20, 5E, 00, 0C, 00, 00, 00, B4, 3E, 1A, 3F, 00, 40, 5E, 00, 0C, 00, 00, 00, 30, 33, A4, 36, 00...
 
[+]

Code size:
4.3 MB (4,465,152 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SpyShelter

Command:
C:\Program Files\spyshelter firewall\spyshelter.exe


Scan SpyShelter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.