home

spyshelter.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “Spyshelter”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
10.8.4.0 built by: Windows

MD5:
8046e3a0bfc52468f6d9e0d0be266d7e

SHA-1:
b09ad0ab3a199fe71805275fe10670607e9a6d4d

SHA-256:
753a2e78dca57201aa2215408b68f9537d8cd64ae53a88d605b77f6d7bc1326e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:02:04 PM UTC  (today)

File size:
1.7 MB (1,828,392 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelter.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 9:37:53 AM

Valid to:
9/9/2016 9:37:53 AM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/5/2016 8:30:12 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
49152:WOTHrrakrvN0hV4C1bADYaaY/zXqMuvOB5JP6Q9:WO7rW664g+Yj4z3uvOB516Q9

Entry address:
0x2883B0

Entry point:
68, E9, 48, F2, 26, E8, A1, A2, 19, 00, 00, 00, 01, 06, 02, 00, 06, 92, 02, 50, 01, 1C, 0B, 00, 1C, 34, 31, 00, 1C, 01, 28, 00, 15, F0, 13, E0, 11, D0, 0F, C0, 0D, 70, 0C, 60, 0B, 50, 00, 00, 76, C0, 90, 1F, 03, 83, 3B, 6F, 00, 25, 50, 3B, 6F, 00, CB, 03, 3B, 6F, C0, 8F, 2F, 3B, 6F, 00, E9, 8D, 3B, 6F, 80, E7, 49, 3B, 6F, E0, 82, B6, 00, 6F, 40, 5A, 8F, 4D, 6F, 40, ED, DA, BA, 90, 5F, 6A, 14, BA, 90, 9F, 83, 3C, BA, 90, BF, EF, 9B, BA, 90, FF, 31, 40, BA, 90, FF, 9B, 93, BA, 90, 3F, 07, AF, BA, 90, FF, 19...
 
[+]

Entropy:
7.9592  (probably packed)

Code size:
189 KB (193,536 bytes)

Driver
Display name:
Spyshelter

Description:
Spyshelter driver

Type:
Kernel device driver (KernelDriver)

Group:
FSFilter Activity Monitor

Depends on:
FltMgr


Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.