WsmAgent.dll

File Path: C:\Windows\SysWOW64\WsmAgent.dll
Description: WinRM Agent

Hashes

Type	Hash
MD5	`28692C5343EB47A999BA1D64DA128F94`
SHA1	`3CE654FE87E940B683AC21B1C5608C86F94F7275`
SHA256	`A05F56E1017A33B42623C2214EEEB073556BD1822F7D31707322B7118F2E913D`
SHA384	`27E1D24F58492807528ACEE779595495D938C60833A897D8A649758AB1B2824724256B574D15E5D577E0F907DC91A696`
SHA512	`8B056E81E778EA2BD1B0459587D467AE7A01EAFE6D15F7BADEC96F505721F641CFFFB35D0DA78EBBAB54EFE2F7C023D80E0F7F5BB7ECA43F8AEDFEEFA2063ECF`
SSDEEP	`384:b25yxSh7SrcIvtLLLa8CS9iGOPXNRfSzXS+1j0vay4+HmwY0RZlWshWIYVrDT:IMSMEHT0TalHmwTZlYP`
IMP	`875E00A10B8C627255E0C4D5BFCBA9DF`
PESHA1	`C64F5795BD50660CA82813AC84B4514D1B0F23A0`
PE256	`33B4CCE3DFEAD6B1F0B7E44D79ABA5FFD150DD8E9618F407EEA3DAA7358D42B6`

DLL Exports:

Function Name	Ordinal	Type
`MI_Main`	9	Exported Function
`GetProviderClassID`	8	Exported Function
`CWSManCriticalSection::GetInitError`	2	Exported Function
`public: __thiscall CWSManCriticalSectionWithConditionVar::~CWSManCriticalSectionWithConditionVar(void)`	1	Exported Function
`DllUnregisterServer`	7	Exported Function
`DllGetClassObject`	4	Exported Function
`DllCanUnloadNow`	3	Exported Function
`DllRegisterServer`	6	Exported Function
`DllMain`	5	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: WsmAgent.dll
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.488 (WinBuild.160101.0800)
Product Version: 10.0.19041.488
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/70
VirusTotal Link: https://www.virustotal.com/gui/file/a05f56e1017a33b42623c2214eeeb073556bd1822f7d31707322b7118f2e913d/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\SysWOW64\PSModuleDiscoveryProvider.dll	30

MIT License. Copyright (c) 2020-2021 Strontic.