pspluginwkr.dll

  • File Path: C:\Windows\system32\WindowsPowerShell\v1.0\pspluginwkr.dll
  • Description: pspluginwkr.dll

Hashes

Type Hash
MD5 0BB0F55D6F3B11404EA88755CAA92AC7
SHA1 DC1ECC10D10364569FA2C598204E5572DD2FF890
SHA256 DA11E51B6867E233C9DAB60CF0EDD93410EC6C382ACF853D0B79005D3735B03A
SHA384 6178735F6A8229FD6F571D1E55364D248625390C05D3EF44110D000B49636C6453A263E4690AFA02C4D362DFFDA1B79D
SHA512 7AB43683CF67911417705DA60A31A7F0CC255D1840CE9AB640D6CA86CE2AFD0287FD9580F0BD139292B61B41AF2C415B5DBFE0CB0451FDA1E10540963D0EAF9F
SSDEEP 3072:tQCVcDd5iviyNXMmrBi38GIXIH47dlDtXLfk+0FWvGO5l+z44tGjRKGavOBpDd/b:tQlB5iviyNXMmrBi38GIXIH47dlDtXLB
IMP 36F7CA9A5CAAB24901FB951DFDDEE8FC
PESHA1 372611495D9D73F26EEE9480F4260E6DEA53A3A4
PE256 430B627285E57494F4AA4E9440F734A2D2946D6C2108C844D05828DA027ABD8B

DLL Exports:

Function Name Ordinal Type
WSManPluginSend 6 Exported Function
WSManPluginReleaseShellContext 5 Exported Function
WSManPluginSignal 8 Exported Function
WSManPluginShell 7 Exported Function
WSManPluginCommand 2 Exported Function
InitPlugin 1 Exported Function
WSManPluginReleaseCommandContext 4 Exported Function
WSManPluginReceive 3 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: pspluginwkr.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
  • Product Version: 6.1.7600.16385
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/da11e51b6867e233c9dab60cf0edd93410ec6c382acf853d0b79005d3735b03a/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pspluginwkr.dll 54

MIT License. Copyright (c) 2020-2021 Strontic.