» spyshelter.sys
Overview
Analysis
File Details

spyshelter.sys

Datpol Janusz Siemienowicz

File name:

spyshelter.sys

Publisher:

SpyShelter (signed by Datpol Janusz Siemienowicz)

Product:

SpyShelter

Description:

SpyShelter Driver

Version:

6.01.00.00 built by: Windows

MD5:

a5fb8e54040224b05596c4e20ef281e4

SHA-1:

8947bb572272a09dfd0786da4acbda9b378aa5a8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 10:37:48 AM UTC (today)

File size:

163.3 KB (167,224 bytes)

Product version:

6.01

Original file name:

SpyShelterDrv.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Program Files\pc tools\pc tools security\bootfixarchive\spyshelter.sys

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

10/7/2011 12:09:31 PM

Valid to:

10/7/2012 12:09:31 PM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, OU=Datpol, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121ECF13B8CE637B81F878ED4D17A65C14B

File PE Metadata

Compilation timestamp:

2/17/2012 4:19:42 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:u8JLuqq7ZkOwhmdqz9np8TJdkji12ETYhkpBnzIDy2GWARyIn/C5Qfmk6SyyUK:JJLuq4dImdqz9WgZDy2vsgAwK

Entry address:

0x47018

Entry point:

60, E8, 9E, F2, FF, FF, 00, 00, 50, 73, 52, 65, 76, 65, 72, 74, 54, 68, 72, 65, 61, 64, 54, 6F, 53, 65, 6C, 66, 00, 00, 00, 46, 6C, 74, 47, 65, 74, 44, 65, 73, 74, 69, 6E, 61, 74, 69, 6F, 6E, 46, 69, 6C, 65, 4E, 61, 6D, 65, 49, 6E, 66, 6F, 72, 6D, 61, 74, 69, 6F, 6E, 00, 0B, 56, E8, AB, B1, 00, 93, F1, 31, 64, 24, FD, D6, 00, C9, 43, 8D, 57, F9, C3, E4, 7D, A1, 52, 10, C6, 74, 48, 89, 3B, 46, 25, 10, F6, DE, 08, F1, 63, AF, 55, D7, E2, 18, C9, 3E, 88, E8, DE, 49, C2, 0B, 4D, 89, D3, BD, 83, 96, 44, 79, 55... 
[+]

Entropy:

7.8792

Packer / compiler:

ASPack v1.08.04

Code size:

148 KB (151,552 bytes)

Scan spyshelter.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.