home

SpyShelterWFP.sys

Datpol

It runs as a Windows kernel mode device driver named “SpyshelterFw”.
Publisher:
SpyShelter  (signed by Datpol)

Product:
SpyShelter

Description:
SpyShelter Firewall Driver

Version:
10.8.4.0 built by: WinDDK

MD5:
819b9f0bbafffd92a4553b73dd6f6af9

SHA-1:
368ec0f5b8ceda8e11074ade8cf155891e246491

SHA-256:
785899467ef9d0c7c6945822731f35414e078a9b21a135d07433b71af50e1ccf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/25/2025 12:48:53 AM UTC  (today)

File size:
64.7 KB (66,232 bytes)

Product version:
10.8.4

Copyright:
(C) Datpol. All rights reserved.

Original file name:
SpyShelterWFP.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\spyshelter firewall\spyshelterwfp.sys

Digital Signature
Signed by:
Datpol

Authority:
GlobalSign nv-sa

Valid from:
9/9/2015 4:37:53 PM

Valid to:
9/9/2016 4:37:53 PM

Subject:
CN=Datpol, O=Datpol, L=Olkusz, C=PL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C3B40F5627D2C5927A0D3740680419CC

File PE Metadata
Compilation timestamp:
8/21/2016 1:34:07 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
768:dT+kyfl70i7UoW3n5J19DZy/ni6skgTFnZFBd/LsNjNieTqVXNln23+zj4l0u3ni:h+kyrUom5JjtXLloj0s2KXi

Entry address:
0xC03E

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 44, 57, FF, FF, CC, CC, 6C, C1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CE, C6, 00, 00, A4, 70, 00, 00, C8, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 68, C7, 00, 00, 00, 70, 00, 00, E0, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C4, C7, 00, 00, 18, 70, 00, 00, 08, C1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6C, CA, 00, 00, 40, 70, 00, 00, F0, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, CD, 00, 00, 28, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.9167

Code size:
30.5 KB (31,232 bytes)

Driver
Display name:
SpyshelterFw

Type:
Kernel device driver (KernelDriver)


Scan SpyShelterWFP.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.