» spyshelter.sys
Overview
Analysis
File Details

spyshelter.sys

Datpol Janusz Siemienowicz

File name:

spyshelter.sys

Publisher:

SpyShelter (signed by Datpol Janusz Siemienowicz)

Product:

SpyShelter

Description:

SpyShelter Driver

Version:

9.6.5.0 built by: Windows

MD5:

c1c5c50f46b74af8195983b699eab7bb

SHA-1:

03c64431849ec1dd94e3c69ae55cd8e31041fa3c

SHA-256:

d35df9a3ad44476e6e8bff2c43fcb38ff3931c2e3587c72abd205a31afdf45fe

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 7:53:43 AM UTC (today)

File size:

430.3 KB (440,584 bytes)

Product version:

9.6.5

Original file name:

SpyShelterDrv.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

11/5/2014 10:08:03 AM

Valid to:

1/8/2016 8:09:30 AM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata

Compilation timestamp:

2/18/2015 12:28:57 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

12288:UTxIvzpS9+L0kZHFAWo85OaOHG1gZ2Zrrhwp:CSvcbkFPzWH7Kfq

Entry address:

0xE96BA

Entry point:

9C, C7, 04, 24, 4A, E3, 42, 12, 9C, E9, 93, FA, F9, FF, 66, 39, CE, 01, C7, FF, 74, 24, 04, F5, E9, 82, 18, FA, FF, 8D, 64, 24, 04, 0F, 84, 5E, 12, FA, FF, F5, F6, C5, 0D, 81, C2, 1C, 01, 00, 00, 60, 60, C6, 44, 24, 04, AF, 8D, 64, 24, 40, E9, 9D, 1E, FC, FF, 58, 8D, BC, F8, CE, 9C, CC, FC, 27, 44, 13, 0A, 53, 8C, CB, 5A, 03, DC, 7B, E6, 75, F8, 61, B6, A7, 28, 31, B2, A9, B0, A9, 26, 37, 88, 0F, 94, 10, 4D, B2, 1F, A2, 6F, 9A, F7, 95, F2, 3C, AB, 29, 0F, 19, C1, BA, 7E, 66, 7B, D4, DA, 0D, CA, 93, 44, 0D... 
[+]

Entropy:

7.8948 (probably packed)

Code size:

155.5 KB (159,232 bytes)

Scan spyshelter.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.