home

SpyShelterKb.sys

Datpol

It runs as a Windows kernel mode device driver named “SpyshelterKb”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Additional Driver

Version:
10.8.4.0 built by: WinDDK

MD5:
e3e55970a632f5e297e3ae28cefc3c87

SHA-1:
e5589438d03b865a3b39acc9484cf9e1c7a663a2

SHA-256:
83c6137c16f342cd1382eb1f59fb8765619cf87ff208ce96feca80e7e77aeb63

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:01:41 PM UTC  (today)

File size:
672.7 KB (688,824 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterKb.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter free anti-keylogger\spyshelterkb.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 11:37:53 AM

Valid to:
9/9/2016 11:37:53 AM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/7/2016 5:02:34 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
12288:7EcaOa+6Vzen0etQZPhP/2uks8DjeY0NjZRw9Phb5yhXWqfX4L9VlkHPSugXKSwJ:taXzw0eYPOVs8DCn9LwtHMRQL93kHlg8

Entry address:
0x168D45

Entry point:
68, 40, 0A, 59, CE, E8, DA, 58, F8, FF, 55, 8B, EC, E9, B4, EE, 00, 00, 00, 00, 69, A1, 39, 59, E4, A3, 48, DC, C9, DA, 19, 98, 5C, DA, 38, 90, 4B, F4, 33, 41, B1, B3, EA, 67, 19, 75, 1D, D3, 59, 8D, 8F, 16, 48, EC, AE, 53, 07, DD, 89, 4F, B1, B2, 49, 38, E7, 50, 09, E8, 6F, EF, 2E, 12, C2, 32, 81, BC, AE, 0E, 9D, 48, 59, 8B, 1A, 88, F4, BB, 61, 83, 9E, C0, F7, 87, 62, 73, D3, 79, D1, 21, F0, C1, A4, 82, F2, 4F, DC, A7, A0, 78, 5F, E7, B8, A2, D0, 09, 1D, 4A, E7, B0, D6, 7D, EF, CF, 41, A2, 42, 23, AC, 13...
 
[+]

Entropy:
7.9131  (probably packed)

Code size:
48 KB (49,152 bytes)

Driver
Display name:
SpyshelterKb

Type:
Kernel device driver (KernelDriver)

Depends on:
SpyShelter


Scan SpyShelterKb.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.