spyshelter.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.4.0 built by: Windows

MD5:
c4cbe6666b7ddf9cc58b36f3a6af8ab7

SHA-1:
2cdb3ac9f671c30db1d7eda6c488a76fb8032c55

SHA-256:
2c86e78921a7f951f11925a2cbc2bd2be4671d1ea08aa0c6c677c420ff82c83c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:05:10 PM UTC  (today)

File size:
1.2 MB (1,254,440 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelter.sys

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 5:37:53 PM

Valid to:
9/9/2016 5:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/5/2016 4:03:52 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
24576:7mOyocrxztFP8dUbX0GiLNoiVGIRocQTJTpmYV6N6j9RJGvhv:6N7lztFP8d/2iVGIiciJ1XV99ipv

Entry address:
0x2C2630

Entry point:
68, 99, 90, C6, F0, E8, 65, BC, 01, 00, 82, 26, C5, 4D, 3F, 9B, 93, 36, 0A, 6D, BA, DA, E8, B5, 7A, 6B, 4E, D6, 58, AC, 07, 58, EE, B0, B7, 61, 7D, C3, 07, 86, 22, 0C, 1A, 18, AE, 30, CA, 61, 58, C3, 46, 86, D7, 0C, 30, 19, DE, 32, 1E, 65, 04, CA, D0, 94, 71, 29, E5, 52, 98, A4, B0, 49, EB, 93, 82, 26, A8, 4D, 1E, 9B, F3, 36, EC, 6D, 86, DA, 8C, B5, 47, 6B, 28, D6, 3C, AC, AB, 58, 83, B0, DD, 61, 5D, C3, 32, 86, 0D, 0C, F0, 18, DB, 30, E3, 61, 3F, C3, 86, 86, 21, 0D, 04, 00, 0D, 74, 00, 00, 05, 64, 02, 00...
 
[+]

Code size:
142.5 KB (145,920 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security