home

SpyShelterKb.sys

Datpol Janusz Siemienowicz

It runs as a Windows 64-bit kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol Janusz Siemienowicz)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.1.0.0 built by: WinDDK

MD5:
dff6daf0afdcd9731a50dff75e4f5920

SHA-1:
a5c4660e853595da6e148e28290a51e29f9938b1

SHA-256:
7cd04a872c0b102a46bbf6696d1ac641c141e24ae3eca94f85307622c290e4b3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:53:50 AM UTC  (today)

File size:
163.4 KB (167,344 bytes)

Product version:
10.1

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win64 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter premium\spyshelterkb.sys

Digital Signature
Signed by:
Datpol Janusz Siemienowicz

Authority:
GlobalSign nv-sa

Valid from:
11/5/2014 1:08:03 PM

Valid to:
1/8/2016 11:09:30 AM

Subject:
E=biuro@datpol.com, CN=Datpol Janusz Siemienowicz, O=Datpol Janusz Siemienowicz, L=Olkusz, S=Malopolskie, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D2FCC60F24553FA9E8F529B814703D51

File PE Metadata
Compilation timestamp:
8/28/2015 7:32:34 AM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:DMWVVZ24tqHUHApCCCULPtO+34yEI55Dm7AKGP5uzlZ+wVYWDP/eufPI2+:DM+Z24001CxPE+QI55SEKGx+lZZLmER+

Entry address:
0x60BFD

Entry point:
E9, 91, F0, FE, FF, AA, E9, B4, 1B, 00, 00, F5, 0F, A3, DF, F6, C3, 02, 48, 01, C7, 0F, BA, E0, 1D, 80, FD, E4, 66, A9, E6, 99, F8, 0F, B7, 0C, 4F, D1, FF, 66, 0F, A4, E7, 04, 66, C1, EF, 0D, 8B, 7A, 1C, F8, E9, 28, F3, FF, FF, E8, 54, 20, 00, 00, E9, CB, EA, FE, FF, 0F, 85, F9, 63, 00, 00, 66, 89, DE, 48, 8D, 34, E5, 41, 40, BE, 2B, E9, 17, FE, FE, FF, 0F, BA, E3, 0F, F9, F2, AE, E9, B7, 63, 00, 00, 0F, 84, 76, 00, 00, 00, D2, F9, 66, C1, C9, 09, 20, E9, 50, F6, D9, 88, C5, 48, 89, D9, F5, F9, 48, 83, EC...
 
[+]

Entropy:
7.6752

Packer / compiler:
Xtreme-Protector v1.05

Code size:
57.5 KB (58,880 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.