WmpDui[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WmpDui.dll
Size

166KB
MD5

2184e66487d06bfcfc68b894c7af8d53
SHA1

e585cb7e4c3d4e992c2f4597cebed272ca518320
SHA256

6ae4bde733261f4838f6e644d10cafb81a7fa0ba17a6a37d8e7ba789dd2a2b7a
SHA512

3f285c21e32ea5a936da890297cacbaa5fefcf3cd1eb6937ad1a504f1d2a1addc5d677cceb75d7c753c1f3886e849d304bd1ba97af212bd16c26f422ad791af8
SSDEEP

3072:l7J0u3yj+ZckPK+H+xI+B16q9qTO19Vy/WpmpkVEGIkbAjq3ByKQ9:FJ0n+ZckPK+H++Dqgey/WwpkVFFAjqUr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WmpDui.dll

Files

WmpDui.dll
.dll windows:6 windows x86 arch:x86

0ecc1ee00846e5faa106afc936d60a73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

WMPDUI.pdb

Imports

msvcrt

_beginthreadex
_CIcos
_CIsin
_CIpow
_wcsicmp
_resetstkoflw
_CIlog10
_ftol2_sse
_ftol2
memmove
qsort
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_initterm
free
malloc
_XcptFilter
memset
memcpy
_purecall

user32

GetKeyState
GetSystemMetrics
GetDoubleClickTime
PtInRect
GetWindowRect
SetFocus
GetFocus
ScreenToClient
GetCursorPos
ReleaseCapture
ChildWindowFromPointEx
GetCapture
ReleaseDC
GetWindowDC
SendMessageA
RegisterWindowMessageA
SetWindowLongA
GetWindowLongW
CallWindowProcA
InvalidateRect
SetCapture
OffsetRect
SendMessageW
GetParent
EndPaint
BeginPaint
GetKeyboardState
PostThreadMessageA
DispatchMessageA
TranslateMessage
DrawTextW
WindowFromDC
GetDC
IsRectEmpty
GetMessageTime
MsgWaitForMultipleObjectsEx
FillRect
ClientToScreen
GetClientRect
GetMessageA
GetMessageW
PeekMessageA
PeekMessageW
TrackMouseEvent
IntersectRect
DefWindowProcA
CallWindowProcW
SetWindowLongW
GetWindowLongA
WaitMessage
IsWindow

gdi32

GetDIBits
GetObjectType
GetPaletteEntries
GetSystemPaletteEntries
CreateDCA
CreateRectRgn
GetDeviceCaps
GetCurrentObject
GetBrushOrgEx
GetRandomRgn
GetViewportOrgEx
GetObjectA
OffsetRgn
BitBlt
CreateDIBSection
RestoreDC
SaveDC
ModifyWorldTransform
GetTextExtentExPointW
GetTextExtentPoint32W
CreateFontIndirectW
ExtTextOutW
TextOutW
GetClipBox
ExtSelectClipRgn
GetClipRgn
IntersectClipRect
DeleteObject
CreateSolidBrush
CreatePen
SetRectRgn
SetGraphicsMode
GetPixel
CreateCompatibleDC
SelectObject
PatBlt
CombineRgn
SetBrushOrgEx
CreatePolygonRgn
CreateCompatibleBitmap
GetWindowExtEx
GetViewportExtEx
RealizePalette
SelectPalette
GetWorldTransform
SetWorldTransform
DeleteDC

msimg32

AlphaBlend

advapi32

UnregisterTraceGuids
RegisterTraceGuidsA
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceEvent

kernel32

LoadLibraryExA
TlsGetValue
SetLastError
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
FindAtomW
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
SetEvent
QueryDepthSList
InitializeSListHead
InterlockedPushEntrySList
WaitForSingleObject
CreateEventA
CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedFlushSList
FlushInstructionCache
DeleteAtom
AddAtomW
GetAtomNameW
TlsFree
TlsAlloc
TlsSetValue
ResetEvent
GetExitCodeThread
WaitForMultipleObjects
LoadLibraryA
GetModuleFileNameA
FreeLibrary
GetLastError
DelayLoadFailureHook
DisableThreadLibraryCalls
GetVersionExA
GetModuleHandleW
GetProcAddress
MulDiv
VirtualFree
VirtualAlloc
InterlockedCompareExchange

Exports

Exports

AddGadgetMessageHandler
AttachWndProcA
AttachWndProcW
AutoTrace
BuildAnimation
BuildDropTarget
BuildInterpolation
CreateAction
CreateGadget
DUserBuildGadget
DUserCastClass
DUserCastDirect
DUserCastHandle
DUserDeleteGadget
DUserFindClass
DUserFlushDeferredMessages
DUserFlushMessages
DUserGetAlphaPRID
DUserGetGutsData
DUserGetRectPRID
DUserGetRotatePRID
DUserGetScalePRID
DUserInstanceOf
DUserPostEvent
DUserPostMethod
DUserRegisterGuts
DUserRegisterStub
DUserRegisterSuper
DUserSendEvent
DUserSendMethod
DUserStopAnimation
DeleteHandle
DetachWndProc
DisableContainerHwnd
DllMain
DrawGadgetTree
EnumGadgets
FindGadgetFromPoint
FindGadgetMessages
FindStdColor
FireGadgetMessages
ForwardGadgetMessage
GetActionTimeslice
GetDUserModule
GetDebug
GetGadget
GetGadgetAnimation
GetGadgetBufferInfo
GetGadgetCenterPoint
GetGadgetFocus
GetGadgetMessageFilter
GetGadgetProperty
GetGadgetRect
GetGadgetRgn
GetGadgetRootInfo
GetGadgetRotation
GetGadgetScale
GetGadgetSize
GetGadgetStyle
GetGadgetTicket
GetMessageExA
GetMessageExW
GetStdColorBrushF
GetStdColorBrushI
GetStdColorF
GetStdColorI
GetStdColorName
GetStdColorPenF
GetStdColorPenI
GetStdPalette
InitGadgetComponent
InitGadgets
InvalidateGadget
IsGadgetParentChainStyle
IsInsideContext
IsStartDelete
LookupGadgetTicket
MapGadgetPoints
PeekMessageExA
PeekMessageExW
RegisterGadgetMessage
RegisterGadgetMessageString
RegisterGadgetProperty
RemoveGadgetMessageHandler
RemoveGadgetProperty
SetActionTimeslice
SetGadgetBufferInfo
SetGadgetCenterPoint
SetGadgetFillF
SetGadgetFillI
SetGadgetFocus
SetGadgetFocusEx
SetGadgetMessageFilter
SetGadgetOrder
SetGadgetParent
SetGadgetProperty
SetGadgetRect
SetGadgetRootInfo
SetGadgetRotation
SetGadgetScale
SetGadgetStyle
UnregisterGadgetMessage
UnregisterGadgetMessageString
UnregisterGadgetProperty
UtilBuildFont
UtilDrawBlendRect
UtilDrawOutlineRect
UtilGetColor
UtilSetBackground
WaitMessageEx

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ecc1ee00846e5faa106afc936d60a73

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

gdi32

msimg32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 7KB - Virtual size: 11KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 7KB - Virtual size: 11KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 10KB - Virtual size: 10KB