sfl203asu[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

sfl203asu.dll
Size

444KB
MD5

dce7e4261833a3638a3ccda46e75427b
SHA1

e837f2730a716e9e5b11331b62ab34a1873f1b70
SHA256

1417a3f5ee75f3001122b42d44c2e65b3be8cad31e3bec1da1c05ae18e227a7f
SHA512

9c249d85d1c9e483d28d6f2b0a92e0c5c66a587bc7b3770631ec21474b751bb1db9a66368ffbf067a2784ed46579367ee3f7dd3cfb29bf20c3631bfe8acff96c
SSDEEP

6144:YIssEwzTSdpA+aIghaSrR1mBeERX6x1AOGH0dEqzJ:YIssN4A+axhagRQRKx1AOu0dN

Score

N/A

Malware Config

Signatures

Files

sfl203asu.dll
.dll windows x86

eeea26c6c096cfc1509a7231a12e36f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord3678
ord3417
ord4226
ord1899
ord5067
ord4255
ord587
ord6115
ord4347
ord2651
ord1274
ord1962
ord2362
ord3157
ord4094
ord2085
ord3238
ord1946
ord2361
ord1894
ord2077
ord2985
ord3158
ord572
ord605
ord5934
ord5636
ord5637
ord2254
ord2066
ord502
ord2255
ord4109
ord3395
ord4945
ord4882
ord2648
ord758
ord6061
ord567
ord5727
ord6140
ord3079
ord3946
ord3585
ord2010
ord333
ord3590
ord4119
ord5829
ord760
ord5210
ord709
ord501
ord4314
ord5609
ord1189
ord1908
ord313
ord384
ord3508
ord5337
ord1027
ord531
ord5433
ord1000
ord1920
ord6013
ord723
ord2829
ord3227
ord423
ord4057
ord5462
ord3290
ord862
ord1087
ord5441
ord2265
ord1079
ord371
ord1093
ord1105
ord663
ord3230
ord426
ord3013
ord5423
ord5426
ord5231
ord5229
ord2384
ord2394
ord2392
ord2390
ord2386
ord2409
ord2397
ord1647
ord1646
ord1590
ord1536
ord3755
ord577
ord870
ord2895
ord3756
ord293
ord4026
ord1156
ord1058
ord5416
ord1118
ord383
ord283
ord4179
ord6271
ord5148
ord4238
ord1393
ord3940
ord1608
ord1611
ord5911
ord6282
ord5316
ord6293
ord5327
ord5640
ord2057
ord4072
ord347
ord1183
ord2366
ord265
ord6058
ord5633
ord1270
ord3280
ord1271
ord3155
ord266
ord1176
ord3249
ord1925
ord3204
ord1957
ord602
ord3174
ord5715
ord2725
ord2531
ord5196
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2402
ord2407
ord2388
ord2404
ord931
ord927
ord929
ord925
ord920
ord5956
ord1591
ord4276
ord4716
ord660
ord3397
ord5917
ord5397
ord5410
ord5584
ord5519
ord5643
ord5638
ord5723
ord6033
ord5884
ord6053
ord4155
ord6050
ord5604
ord6056
ord5607
ord2521
ord762
ord3435
ord764

msvcr71

?terminate@@YAXXZ
__security_error_handler
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
memset
_expand
_msize
realloc
wcscpy
_wcsdup
_CxxThrowException
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
wcstombs
??0exception@@QAE@XZ
??1exception@@UAE@XZ
sin
floor
_wgetenv
strncpy
free
malloc
swprintf
wcslen
memmove
__CxxFrameHandler
_purecall

kernel32

GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GlobalSize
GlobalReAlloc
GetTempPathW
GetTempFileNameW
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FindResourceW
LoadResource
LockResource
MulDiv
GetVersion
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SetRectEmpty
PtInRect
ReleaseDC
ValidateRect
GetCursorPos
GetMessageW
MapWindowPoints
DispatchMessageW
TranslateMessage
SetCursor
GetClassLongW
LoadCursorW
ShowWindow
RedrawWindow
SetWindowPos
IsWindow
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
UnionRect
EqualRect
IsRectEmpty
GetSystemMetrics
GetDialogBaseUnits
GetKeyState
SetFocus
CallWindowProcW
WindowFromPoint
GetNextDlgTabItem
ScreenToClient
ClientToScreen
PostMessageW
PeekMessageW
GetDlgCtrlID
GetWindowLongW
GetParent
GetFocus
GetCapture
GetClientRect
GetWindowRect
DrawFocusRect
FrameRect
FillRect
WindowFromDC
InflateRect
SetRect
CopyRect
SendMessageW
SetClassLongW
GetSysColor
EnableWindow
ReleaseCapture
GetDC
SetCapture
InvalidateRect
GetUpdateRect
UpdateWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IntersectRect
OffsetRect
SetWindowLongW
RegisterWindowMessageW
MapDialogRect

gdi32

IntersectClipRect
GetMapMode
DeleteDC
CreateDCW
ExcludeClipRect
GetClipRgn
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
GetObjectW
CreateCompatibleDC
GetDeviceCaps
RealizePalette
GetViewportExtEx
GetWindowExtEx
DPtoLP
LPtoDP
PtVisible
RectVisible
BitBlt
TextOutW
ExtTextOutW
Escape
SelectPalette
CreateSolidBrush
CreateBitmap
SetPaletteEntries
Polygon
Rectangle
PatBlt
GetStockObject
CreateRectRgn
CreateRectRgnIndirect
SetRectRgn
SetBkColor
GetClipBox
SelectClipRgn
Polyline
CreatePatternBrush
CombineRgn
DeleteObject
CreatePen
SelectObject
GetViewportOrgEx
GetWindowOrgEx
StretchDIBits
CreateHalftonePalette
GetStretchBltMode
GetDIBits
MoveToEx
LineTo
SetViewportOrgEx

comdlg32

PrintDlgW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString

msvcp71

?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?clear@ios_base@std@@QAEXH_N@Z
?_Xran@_String_base@std@@QBEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?_Xlen@_String_base@std@@QBEXXZ
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

rwuxthemesu

RWCloseThemeData
RWDrawThemeBackground
RWDrawDCImage
RWDrawDCFullImageShadow
RWOpenThemeData
RWIsAppThemed
RWIsThemeActive

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeea26c6c096cfc1509a7231a12e36f0

Headers

File Characteristics

Imports

mfc71u

msvcr71

kernel32

user32

gdi32

comdlg32

winspool.drv

oleaut32

msvcp71

rwuxthemesu

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 28KB - Virtual size: 27KB