home

SpyShelterKb.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.0.0.0 built by: WinDDK

MD5:
3a1a39581f5ded5115989ea619b1ab9c

SHA-1:
3ecde82c2f9bb6cdb4ea8daedd304a28ae5805e0

SHA-256:
4d43356662f1cc856dbc9fe1cb2fa51a62eaf7feece869f7dbc5999eed1ce914

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 11:11:30 AM UTC  (today)

File size:
177.3 KB (181,512 bytes)

Product version:
10.0

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Program Files\spyshelter premium\spyshelterkb.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 11:08:03 PM

Valid to:
1/8/2016 9:09:30 PM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
7/29/2015 2:11:07 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:n746xpFlx66E1OZa+w87ncv+9OBWMKoySQvO+aAgE+cJicYNSjWDqmlSQT:Xlx6187ABWnSQt+cLYNOWOmlSk

Entry address:
0x3D1AF

Entry point:
60, E9, 68, FF, 01, 00, 66, 0F, BA, E6, 08, 69, D2, 0A, 00, 00, 00, 66, 85, C4, 01, C2, 60, 9C, 60, 66, 89, 5C, 24, 04, 8D, 64, 24, 44, E9, 1E, B7, 01, 00, 4D, E3, 62, 0C, 73, 47, 51, F9, 62, B7, 62, 8D, 7C, CC, A7, A7, 8F, 3E, 29, A2, 5F, 16, BB, 24, DD, 85, 26, EB, 77, 9F, CC, 97, A3, FA, 8D, 26, 6F, 0D, 84, B6, FA, A4, 6F, A7, 03, 0F, 3A, 82, 4E, DE, 50, D9, 37, 02, E5, 65, 00, 93, 4B, 4F, 75, DD, B6, 9E, A3, 14, 95, 6B, 21, 83, FC, BE, D2, 1A, AB, FD, 4A, 1E, 34, 4E, DC, 67, D6, FD, 4A, F9, 3D, 56, 7E...
 
[+]

Packer / compiler:
ASProtect v1.1, 0xBRS

Code size:
42.5 KB (43,520 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.