» SpyShelterKb.sys
Overview
Analysis
File Details
Behaviors (1)

SpyShelterKb.sys

Datpol Janusz Siemienowicz

It runs as a Windows kernel mode device driver named “SpyshelterKb”.

File name:

SpyShelterKb.sys

Publisher:

SpyShelter (signed by Datpol Janusz Siemienowicz)

Product:

SpyShelter

Description:

SpyShelter Additional Driver

Version:

9.3.00.00 built by: WinDDK

MD5:

318fa3920f8048fa9b84ba36cca020ba

SHA-1:

9c91088a3c83453979783559c7bf40b182258cfd

SHA-256:

881a9627d24d73998c51ab56bfd3b1c1862eaaf18063e41f726fb5b9d160ae75

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/4/2024 5:16:50 PM UTC (today)

File size:

111.8 KB (114,528 bytes)

Product version:

9.3

Original file name:

SpyShelterKb.sys

File type:

Driver (Win32 SYS)

Language:

English (United States)

Common path:

C:\Program Files\spyshelter premium\spyshelterkb.sys

Digital Signature

Signed by:

Datpol Janusz Siemienowicz

Authority:

GlobalSign nv-sa

Valid from:

8/26/2014 1:14:04 PM

Valid to:

12/8/2014 5:09:30 PM

Subject:

E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121B2A7BEEB0FC74F69CC135D6161C7095F

File PE Metadata

Compilation timestamp:

10/2/2014 2:14:50 AM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Native (none required)

Linker version:

9.0

CTPH (ssdeep):

3072:K+xdu62I8cJpiDJ2oC1XovmnIaRfpQgM+I84:rxg698cj0J2oYXoURpRMQ4

Entry address:

0x3CA5E

Entry point:

60, E8, E6, 4B, 00, 00, 65, 05, 66, 06, 05, 9D, D5, 67, 65, 1E, B3, 4B, A5, 20, EA, 25, 65, D9, 69, A0, 26, DA, 7F, 06, 51, 9D, 15, 66, 9D, F0, 8D, 9A, 7E, B5, 08, 6A, DA, E3, 6C, B9, 26, 6E, 5C, DC, 35, C7, 09, 74, 28, 31, E6, 66, 4E, 7B, 83, 1F, E1, FD, 7A, 77, 6F, 4D, 46, A5, 80, 35, 26, 89, CB, 74, 21, 26, E8, 6D, 10, 3D, 37, 2E, 36, F0, AA, 25, 75, 46, 68, C5, 5D, 5E, EF, B2, 67, 0D, CD, 7D, FF, A2, 5F, 37, C5, 97, 08, 44, E8, 52, 43, 81, 74, 9E, 27, F4, 01, 05, 38, 4D, CD, 6C, 20, 95, 75, 71, 77, EE... 
[+]

Packer / compiler:

ASPack v1.08.04

Code size:

40.5 KB (41,472 bytes)

Driver

Display name:

SpyshelterKb

Type:

Kernel device driver (KernelDriver)

Depends on:

SpyShelter

Scan SpyShelterKb.sys - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.