home

SpyShelterWFP.sys

Datpol

It runs as a Windows 64-bit kernel mode device driver named “SpyshelterFw”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Firewall Driver

Version:
10.6.0.0 built by: WinDDK

MD5:
96f8bec0537997071193d8d96a4d5898

SHA-1:
351bea9a8b64d5b295e0472a03aa52a81c61c659

SHA-256:
a62ff54ea493623c71d92b520b05af602cc91f8998edab08ebc7d897605edb7e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:32:22 AM UTC  (today)

File size:
117.9 KB (120,712 bytes)

Product version:
10.6

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterWFP.sys

File type:
Driver (Win64 SYS)

Language:
Anglu (Amerikas Savienotas Valstis)

Common path:
C:\Program Files\spyshelter firewall\spyshelterwfp.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
12/17/2015 2:54:53 PM

Valid to:
9/9/2016 6:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B855E0C0CC521D24E52FEBEB543ED512

File PE Metadata
Compilation timestamp:
12/17/2015 3:02:07 PM

OS version:
6.1

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
3072:jeu/2ZJVlxFRS7rAxsmTCp31nCoTlLjOfFzag9/j+BeV:jeu/8H07wscQCWPY59/dV

Entry address:
0x2BA22

Entry point:
E9, 80, ED, FE, FF, E9, BC, F5, FF, FF, E9, DA, E9, FE, FF, E9, 1C, 29, FF, FF, 00, 00, 52, 74, 6C, 47, 65, 74, 44, 61, 63, 6C, 53, 65, 63, 75, 72, 69, 74, 79, 44, 65, 73, 63, 72, 69, 70, 74, 6F, 72, 00, 48, 83, C6, 01, 84, E5, 48, 83, C7, 01, E9, DC, 26, FF, FF, E9, 66, ED, FE, FF, F2, AE, E9, 4B, 3C, FF, FF, 00, 00, 50, 73, 50, 72, 6F, 63, 65, 73, 73, 54, 79, 70, 65, 00, E9, 34, C5, FF, FF, E9, 8B, 1D, FF, FF, 0F, 82, 41, E1, FE, FF, 66, 0F, A3, FA, F9, 48, 3B, 45, F0, E9, E1, F5, FE, FF, 10, D2, C3, F5...
 
[+]

Entropy:
7.3886

Packer / compiler:
Xtreme-Protector v1.05

Code size:
36.5 KB (37,376 bytes)

Driver
Display name:
SpyshelterFw

Type:
Kernel device driver (KernelDriver)


Scan SpyShelterWFP.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.