home

spyshelter.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.6.0.0 built by: Windows

MD5:
d7c1b37d72a7392b2feb1308d9e8b021

SHA-1:
2ba713347ad569e5fa27a7cdd7dc90a656098e45

SHA-256:
9c432e80b1e0cda1d5dd21ab5dfe6c60f37c23a5fae34880816f4bca15d60448

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:33:55 AM UTC  (today)

File size:
1.3 MB (1,346,440 bytes)

Product version:
10.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
Anglu (Amerikas Savienotas Valstis)

Common path:
C:\Program Files\spyshelter firewall\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 2:54:53 PM

Valid to:
9/9/2016 6:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B855E0C0CC521D24E52FEBEB543ED512

File PE Metadata
Compilation timestamp:
12/21/2015 11:20:35 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:phaxiqSwAyzXian1mShNdfsJdGsjQunl3+6Mvu4xugs/yfpFFD9J4bmI+omKOJJZ:phax9bvbEp8ulutugGyfpFpKmY14

Entry address:
0x1AF935

Entry point:
68, 1A, B5, B7, 89, E8, B3, 90, 13, 00, 00, 00, 00, 46, 6C, 74, 46, 72, 65, 65, 53, 65, 63, 75, 72, 69, 74, 79, 44, 65, 73, 63, 72, 69, 70, 74, 6F, 72, 00, 11, C3, 2B, EE, 1C, 81, BF, FF, 3A, C4, 14, A7, E5, 9F, E9, 44, 2B, C8, 44, 2B, C0, 8B, C1, E9, 7E, 21, 00, 00, 0F, 83, 7B, 2B, 12, 00, 41, 80, 39, 56, E9, 64, 6D, 12, 00, F8, 41, C1, E1, 08, F5, F9, 44, 0B, C0, 48, FF, C5, 66, 0F, BB, C0, 9F, 41, 8B, C1, 41, F6, C1, 10, C1, E8, 0B, 0F, AF, C1, F5, 44, 3B, C0, E9, 86, ED, FF, FF, D9, 50, 49, F3, 11, 0A...
 
[+]

Entropy:
7.9621  (probably packed)

Code size:
1.3 MB (1,335,296 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.