» spyshelter.sys
Overview
Analysis
File Details

spyshelter.sys

Datpol Janusz Siemienowicz

File name:

spyshelter.sys

Publisher:

SpyShelter (signed by Datpol Janusz Siemienowicz)

Product:

SpyShelter

Description:

SpyShelter Driver

Version:

8.5.00.00 built by: Windows

MD5:

2dd4a8336efa3a176f82a03be29c71ef

SHA-1:

22a964e98a03c54fcaeda918be32b7fb68f74d55

SHA-256:

e9e42085a424fc620fd283940d966d02a6fef81b8f8a2ed074fcd7bdf4d97685

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/4/2024 5:04:00 PM UTC (today)

File size:

771.3 KB (789,816 bytes)

Product version:

8.5

Original file name:

SpyShelterDrv.sys

File type:

Driver (Win64 SYS)

Language:

English (United States)

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

9/8/2012 7:58:51 PM

Valid to:

11/7/2013 10:09:30 AM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, OU=Datpol, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121EAB2799A417769A6985740A2E4F3F285

File PE Metadata

Compilation timestamp:

6/25/2013 6:05:05 AM

OS version:

6.1

OS bitness:

Win64

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

12288:lneu7tTBZFlbKjY7EyX2n26vdITHvNC5zz/WwVGxgo9AOQN3PeUVAeZLeKSP:9e+tTdlbKeVJqIgZVQlqOQ5nVAkeKSP

Entry address:

0xC9DC4

Entry point:

E9, DF, 6C, FF, FF, E9, AE, 11, 00, 00, 0F, 82, 3F, CD, FF, FF, 84, F7, F9, 80, 7F, FF, 00, E9, 4D, C4, FF, FF, 84, EE, 0F, B7, 0C, 4F, 66, 81, EF, 44, 08, 29, CF, 66, 0F, BA, EF, 05, 66, 0F, BE, F8, 8B, 7A, 1C, 84, D2, 48, 01, C7, 66, 0F, BA, E3, 01, F8, F5, 8B, 3C, 8F, 0F, 87, 9C, 78, FF, FF, F9, F9, F8, 85, FF, E9, 08, 6D, FF, FF, 0F, 84, 4D, 54, FF, FF, 66, 41, F7, D0, 66, F7, D3, F6, D7, 48, 89, C3, 41, 0F, C9, 66, 44, 0F, BE, C9, 41, 87, C9, 0F, 9A, C0, 4C, 8D, 4D, F0, 66, F7, D0, 4C, 8B, 45, F8, 48... 
[+]

Entropy:

7.3681

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

138 KB (141,312 bytes)

Scan spyshelter.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.