wincredui.dll

  • File Path: C:\Windows\SysWOW64\wincredui.dll
  • Description: Credential Manager User Internal Interface

Hashes

Type Hash
MD5 EEB36E6F18D3E7BFBE299289C2D0416D
SHA1 4D1ABE79022C7C9F47722414AF28CA12B5460F59
SHA256 D12F069B9280D8B4A9F24E1711757627ADBA94EF2500FCDE9EFF58CB89FFCD12
SHA384 C242FB1F3C6EF6CBB843B186864B4DE1F862CCA56D16D2FD691C7F4B0C82220F4A476EF54EC68CD3100AD495CD005778
SHA512 D3CCC5B41AEE1F6405BEEDFBC3022E9BCB46B902234B8254C73F8AD84FE50055452C4FDAF9E9D0917D98F68CD755D4F6EF51DDC72EF414B00957ED7E5BBE8334
SSDEEP 3072:sJQ0M4EG/6pPiBXHF8xr8zewUnKI5JSma3TSbzz:O06D8xrj7ndJS33TSbn
IMP 592FB435E16B30EADBE9B3784D703088
PESHA1 907ED09D7BB72E72222FE118C0D541A76E17A6C4
PE256 5364113226D9E7CC231C50D4BF0D113429751488BA389774749D0BD623F44B46

DLL Exports:

Function Name Ordinal Type
CredUIInternalPromptForWindowsCredentialsWorker 10 Exported Function
CredUIInternalPromptForWindowsCredentialsW 9 Exported Function
CredUIInternalPromptForWindowsCredentialsA 8 Exported Function
DllCanUnloadNow 11 Exported Function
DllUnregisterServer 14 Exported Function
DllRegisterServer 13 Exported Function
DllGetClassObject 12 Exported Function
CredUIInternalConfirmCredentialsA 3 Exported Function
CredUIInternalCmdLinePromptForCredentialsW 2 Exported Function
CredUIInternalCmdLinePromptForCredentialsA 1 Exported Function
CredUIInternalConfirmCredentialsW 4 Exported Function
CredUIInternalPromptForCredentialsW 7 Exported Function
CredUIInternalPromptForCredentialsA 6 Exported Function
CredUIInternalInitControls 5 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: wincredui.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/d12f069b9280d8b4a9f24e1711757627adba94ef2500fcde9eff58cb89ffcd12/detection/

Possible Misuse

The following table contains possible examples of wincredui.dll being misused. While wincredui.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_uipromptforcreds_dlls.yml - '\wincredui.dll' DRL 1.0
sigma image_load_uipromptforcreds_dlls.yml - 'wincredui.dll' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.