× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4418c0d5529dc0c6a788cfb4cb72d27b5eb9b8cbf9617ebe9e316886304b77a1
File name: Microsoft.PowerShell.SDK.dll
Detection ratio: 0 / 65
Analysis date: 2018-12-18 06:41:34 UTC ( 3 months ago )
Antivirus Result Update
Ad-Aware 20181218
AegisLab 20181218
AhnLab-V3 20181217
Alibaba 20180921
ALYac 20181218
Antiy-AVL 20181217
Arcabit 20181218
Avast 20181218
Avast-Mobile 20181217
AVG 20181218
Avira (no cloud) 20181217
Babable 20180918
Baidu 20181207
BitDefender 20181218
Bkav 20181217
CAT-QuickHeal 20181217
ClamAV 20181218
CMC 20181217
Comodo 20181218
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181218
Cyren 20181218
DrWeb 20181218
Emsisoft 20181218
Endgame 20181108
ESET-NOD32 20181218
F-Prot 20181218
F-Secure 20181218
Fortinet 20181218
GData 20181218
Sophos ML 20181128
Jiangmin 20181218
K7AntiVirus 20181217
K7GW 20181218
Kaspersky 20181218
Kingsoft 20181218
Malwarebytes 20181218
MAX 20181218
McAfee 20181218
McAfee-GW-Edition 20181218
Microsoft 20181217
eScan 20181218
NANO-Antivirus 20181218
Palo Alto Networks (Known Signatures) 20181218
Panda 20181217
Qihoo-360 20181218
Rising 20181218
SentinelOne (Static ML) 20181011
Sophos AV 20181218
SUPERAntiSpyware 20181212
Symantec 20181218
Symantec Mobile Insight 20181215
TACHYON 20181217
Tencent 20181218
TheHacker 20181216
TotalDefense 20181218
Trapmine 20181205
TrendMicro 20181218
TrendMicro-HouseCall 20181218
VBA32 20181217
ViRobot 20181218
Webroot 20181218
Yandex 20181218
Zillya 20181217
ZoneAlarm by Check Point 20181218
Zoner 20181218
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
(c) Microsoft Corporation. All rights reserved.

Product PowerShell Core
Original name Microsoft.PowerShell.SDK.dll
Internal name Microsoft.PowerShell.SDK.dll
File version 6.1.1.0
Description Microsoft.PowerShell.SDK
Comments PowerShell SDK metapackage
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2104-10-12 12:58:20
Entry Point 0x00002972
Number of sections 3
.NET details
Module Version ID de909295-f3aa-42a3-9670-0e543a63ee1c
PE sections
PE imports
_CorDllMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
PowerShell SDK metapackage

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.1.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Microsoft.PowerShell.SDK

ImageFileCharacteristics
Executable, Large address aware, DLL

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0x2972

OriginalFileName
Microsoft.PowerShell.SDK.dll

MIMEType
application/octet-stream

LegalCopyright
(c) Microsoft Corporation. All rights reserved.

FileVersion
6.1.1.0

TimeStamp
2104:10:12 13:58:20+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Microsoft.PowerShell.SDK.dll

ProductVersion
6.1.1 SHA: da5d8e707df55f9d252b96f800d6be94a991a10c

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
2560

ProductName
PowerShell Core

ProductVersionNumber
6.1.1.0

FileTypeExtension
dll

ObjectFileType
Dynamic link library

AssemblyVersion
6.1.1.0

File identification
MD5 73248405d4b6df52bd669af90271e7d7
SHA1 012a18b5f08773ee3f7c01a0d45364e12a3e5e3b
SHA256 4418c0d5529dc0c6a788cfb4cb72d27b5eb9b8cbf9617ebe9e316886304b77a1
ssdeep
48:6U+lqSWIHFsOHvJejcMAPTGYTPhOYeWOPNDmDp0leTXJf8ZWHH5lVqpi5LGDMo:mgIHFfheUpTp4W4DmDGleTxoWn5/qgG

authentihash 2a00ee7234e87ef169f28056163652efc86d66bf053efab233c7fd0e7ec9f2f2
imphash dae02f32a21e03ce65412f6e56942daa
File size 5.0 KB ( 5120 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
assembly pedll

VirusTotal metadata
First submission 2018-12-18 06:41:34 UTC ( 3 months ago )
Last submission 2018-12-18 06:41:34 UTC ( 3 months ago )
File names Microsoft.PowerShell.SDK.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!