home

spyshelter.sys

Datpol Janusz Siemienowicz

Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Driver

Version:
5.40.00.00 built by: Windows

MD5:
73c5e3c322b0f118155902f3da03a20e

SHA-1:
db8281074bd089b5758188ad491283d89c5d8f5a

SHA-256:
1007d4da2d996fe2a1fa285f89f9cf5283c435ae6d96e1275f4dbe726a37b987

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:28:13 AM UTC  (today)

File size:
162.5 KB (166,384 bytes)

Product version:
5.40

Original file name:
SpyShelterDrv.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
8/3/2010 10:15:25 AM

Valid to:
10/11/2011 11:28:58 AM

Subject:
CN=Datpol Janusz Siemienowicz, OU=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=malopolskie, C=PL

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012A38848FCA

File PE Metadata
Compilation timestamp:
8/11/2011 4:02:23 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:u9pBy78Ava/L+zsyLbpEfTO3ZNBP+O6QyoifCjY62bjPd3LtEEM2iNJHMLBz8nYj:A7y7raaAsoTsN5+JQyxfjPNt7MlgLBR

Entry address:
0x63D86

Entry point:
E8, 65, A2, FE, FF, 00, 00, 4B, 66, 52, 61, 69, 73, 65, 49, 72, 71, 6C, 00, 89, F9, 66, C1, E6, 0C, 29, D9, 66, D3, FE, 89, E6, 68, 6F, FC, E2, 67, 83, EF, 04, 68, 66, 0C, 62, 5A, 84, C7, FF, 37, 8F, 44, 24, 04, 9C, F9, E8, D3, F9, FF, FF, 8D, 64, 24, 2C, 0F, 87, E1, BB, FE, FF, 56, 69, D2, 0A, 00, 00, 00, 66, 0F, BA, E1, 01, 38, F3, 01, C2, FF, 34, 24, 9C, 60, 52, 8D, 64, 24, 30, E9, A5, D2, FE, FF, 00, 00, 5A, 77, 53, 65, 74, 53, 65, 63, 75, 72, 69, 74, 79, 4F, 62, 6A, 65, 63, 74, 00, 89, EC, E8, AD, DE...
 
[+]

Entropy:
7.8648  (probably packed)

Code size:
137.5 KB (140,800 bytes)

Scan spyshelter.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.