5c3e131684ce6d8874844c322f485e7c470a39691a51f6c07ad6d43c8229e650

Sharing

Copy URL Twitter E-mail

General

Target

5c3e131684ce6d8874844c322f485e7c470a39691a51f6c07ad6d43c8229e650
Size

6.7MB
MD5

1aeaed90fe1b150f13791bcab5c5a222
SHA1

1fa97603be2e1c491719e32a4137584c32fee1cb
SHA256

5c3e131684ce6d8874844c322f485e7c470a39691a51f6c07ad6d43c8229e650
SHA512

477125aa1ab3c44d4c3ca3fbcb4caaf9527675bdc15d61a8166743de5296d682d815dbfe3907b5a63fbee82b99e1d0088175f7466f14a298320ce5a8a9c41cfe
SSDEEP

98304:qscP0JkzXivEaNvs4DF2058DI96I927MlPtZbNbBJ/OGg:q70Jk+vE+6I3l7VX/OGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c3e131684ce6d8874844c322f485e7c470a39691a51f6c07ad6d43c8229e650

Files

5c3e131684ce6d8874844c322f485e7c470a39691a51f6c07ad6d43c8229e650
.exe windows:4 windows x86

44b8a765fe2397f0bf2fe1b8104373a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
TerminateThread
lstrcpynA
VirtualAlloc
lstrcatA
VirtualFree
Thread32Next
GetProcAddress
GetModuleHandleA
CreateFileA
ResumeThread
SuspendThread
OpenThread
Module32Next
Module32First
EnterCriticalSection
GetLongPathNameA
HeapFree
HeapAlloc
GetProcessHeap
RtlFillMemory
GetCurrentProcessId
CreateThread
GetDiskFreeSpaceExA
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
GetACP
HeapSize
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
FlushFileBuffers
GetProcessVersion
FindResourceA
LoadResource
LockResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
SetLastError
GlobalFlags
MulDiv
DeviceIoControl
lstrcpyA
VirtualProtectEx
VirtualQueryEx
TerminateProcess
_lclose
LocalFree
Thread32First
LeaveCriticalSection
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
FreeLibrary
GetCommandLineA
GetEnvironmentVariableA
CreateDirectoryA
GetDriveTypeA
FindFirstFileA
FindClose
FindNextFileA
DebugActiveProcess
GetPrivateProfileStringA
VirtualFreeEx
GlobalAlloc
GlobalLock
GlobalUnlock
SetHandleCount
GlobalSize
GlobalFree
Sleep
IsDBCSLeadByteEx
InterlockedIncrement
GetPrivateProfileIntA
GetPrivateProfileSectionA
LoadLibraryA
DeleteFileA
WriteFile
GetLastError
SetEndOfFile
LocalAlloc
GetWindowsDirectoryA
MoveFileA
GetPrivateProfileSectionNamesA
GetTimeFormatA
GetDateFormatA
InterlockedDecrement
WritePrivateProfileSectionA
GetCurrentThread
MapViewOfFile
FileTimeToSystemTime
GetTempPathA
WritePrivateProfileStringA
SetProcessWorkingSetSize
VirtualAllocEx
GetNativeSystemInfo
GlobalReAlloc
RtlZeroMemory
LCMapStringA
VirtualProtect
RemoveDirectoryA
CopyFileA
GetStartupInfoA
GetCurrentThreadId
lstrlenA
GetCurrentProcess
SetFilePointer
QueryDosDeviceA
ReadProcessMemory
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
OpenProcess
WriteProcessMemory
lstrcpyn
Process32Next
Process32First
CreateToolhelp32Snapshot
RtlMoveMemory
CloseHandle
SetWaitableTimer
CreateWaitableTimerA
GetExitCodeProcess
ReadFile
PeekNamedPipe
CreateProcessA
CreatePipe
WideCharToMultiByte
GetLocalTime
UnmapViewOfFile
MultiByteToWideChar
SetFileAttributesA
IsDebuggerPresent
GetTickCount
GetFileSize
GetVersionExA
FormatMessageA
OpenEventA
GetUserDefaultLCID
CreateEventA
DeleteCriticalSection
IsBadReadPtr
HeapReAlloc
InitializeCriticalSection
ExitProcess
GetQueuedCompletionStatus
GetVersion
ReadDirectoryChangesW
GetModuleFileNameA
CreateIoCompletionPort
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
TerminateProcess
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
GetTimeZoneInformation
SetLastError
CreateMutexA
ReleaseMutex
TerminateThread
SuspendThread
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
HeapCreate
WritePrivateProfileStringA

ole32

CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CLSIDFromString
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize
OleUninitialize
CLSIDFromString
CoCreateInstance
OleRun
CLSIDFromProgID
CreateStreamOnHGlobal
GetHGlobalFromStream
OleRun
CoCreateInstance
CLSIDFromProgID
CoInitialize
OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
OleUninitialize
CoUninitialize

user32

GetAsyncKeyState
ReleaseCapture
LoadCursorA
GetSysColorBrush
LoadStringA
PostThreadMessageA
CreateDialogIndirectParamA
EndDialog
OpenClipboard
GetClipboardData
CloseClipboard
GetCursorPos
GetSystemMetrics
GetMessageA
wsprintfA
GetClientRect
IsWindowEnabled
GetPropA
CreateWindowExA
SetPropA
RegisterWindowMessageA
FindWindowExA
SetMenuItemBitmaps
CreatePopupMenu
AppendMenuA
RemoveMenu
DrawMenuBar
DestroyMenu
LockWorkStation
IsIconic
IsZoomed
GetDlgCtrlID
DestroyWindow
SetWindowTextA
GetKeyboardState
AttachThreadInput
GetDesktopWindow
SetWindowRgn
SetActiveWindow
ReleaseDC
EnableWindow
OpenIcon
RegisterHotKey
GetWindow
GetParent
ShowWindow
IsWow64Message
keybd_event
SwapMouseButton
GetFocus
SetClassLongA
LoadCursorFromFileA
mouse_event
CallNextHookEx
BlockInput
ClipCursor
ModifyMenuA
GetMenuItemID
GetClassNameA
GetWindowTextA
EnumWindows
GetWindowInfo
SetFocus
GetWindowThreadProcessId
ExitWindowsEx
CallWindowProcA
SetWindowLongA
RedrawWindow
GetWindowRect
EnableMenuItem
SetCursorPos
ClientToScreen
MsgWaitForMultipleObjects
DispatchMessageA
SendMessageTimeoutA
EnumDisplaySettingsA
ChangeDisplaySettingsA
EmptyClipboard
TranslateMessage
SetClipboardData
PostQuitMessage
SetCursor
GetLastActivePopup
ValidateRect
GetActiveWindow
GetNextDlgTabItem
CheckMenuItem
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
UnregisterClassA
PtInRect
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
SendDlgItemMessageA
IsDialogMessageA
SystemParametersInfoA
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
GetClassLongA
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
SetTimer
CharLowerA
GetDlgItem
GetWindowLongA
SetLayeredWindowAttributes
GetWindowPlacement
ScreenToClient
SendMessageA
GetKeyState
IsWindow
GetMenuStringA
SetForegroundWindow
ShowCursor
IsWindowVisible
ShowScrollBar
UnhookWindowsHookEx
MessageBoxA
KillTimer
AdjustWindowRectEx
GetSysColor
CopyRect
SetWindowPos
EnumChildWindows
PostMessageA
GetMenu
FindWindowA
PeekMessageA
GetMenuItemCount
MoveWindow
SetWindowsHookExA
SetCapture
GetSubMenu
UnregisterHotKey
CharUpperA
MapWindowPoints
UpdateWindow
MessageBoxTimeoutA
LoadIconA
SetParent
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
DefWindowProcA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
UnregisterClassA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
LoadStringA
GetSysColorBrush
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
SetWindowTextA
SendMessageA

shell32

SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHEmptyRecycleBinA
SHGetFileInfoA
ShellExecuteEx
DragQueryFileA
Shell_NotifyIconA
ShellExecuteA

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

advapi32

RegQueryValueExA
SetSecurityInfo
InitializeAcl
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
GetUserNameA
RegOpenKeyExA
RegCloseKey
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptGetHashParam
CryptDestroyHash
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetFileTitleA
ChooseColorA
GetSaveFileNameA

shlwapi

PathRenameExtensionA
PathFindExtensionA
PathFindFileNameA
StrFormatByteSize64A
PathRemoveBlanksA
StrTrimA
PathIsDirectoryEmptyA
PathMakeSystemFolderA
PathUnmakeSystemFolderA
PathIsSystemFolderA
StrToInt64ExA
SHAutoComplete
PathIsDirectoryA
PathFileExistsA

ws2_32

select
WSAStartup
gethostbyname
accept
sendto
recvfrom
gethostname
__WSAFDIsSet
WSACleanup
inet_addr
socket
htons
bind
closesocket
recv
getpeername
ntohs
send
inet_ntoa
getsockname
setsockopt
connect
listen
WSAGetLastError
ioctlsocket
ntohl
accept
getpeername
recv
ioctlsocket
recvfrom
inet_ntoa
WSAStartup
WSACleanup
select
send
closesocket
WSAAsyncSelect

psapi

GetModuleFileNameExA
GetProcessMemoryInfo
GetProcessImageFileNameA
EnumProcesses

winspool.drv

ord201
OpenPrinterA
ord202
DocumentPropertiesA
ClosePrinter
ClosePrinter
DocumentPropertiesA
OpenPrinterA

dbghelp

MakeSureDirectoryPathExists

wininet

FtpOpenFileA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetGetCookieA
InternetGetCookieExA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
FtpGetFileSize
InternetTimeToSystemTime
InternetTimeFromSystemTime
InternetSetCookieA
InternetCloseHandle

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
VariantClear
LHashValOfNameSys
VarR8FromBool
VarR8FromCy
SafeArrayCreate
VariantCopy
SysFreeString
SysAllocString
SafeArrayDestroyDescriptor
SafeArrayGetElemsize
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
RegisterTypeLi
SafeArrayAllocDescriptor
VariantInit
VariantChangeType
SafeArrayAllocData
LoadTypeLi
VariantCopy
VariantClear
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElement
VariantCopyInd
VariantInit
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
RegisterTypeLi
UnRegisterTypeLi
LHashValOfNameSys

iphlpapi

IcmpCreateFile
GetNetworkParams
IcmpCloseHandle

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
CM_Request_Device_EjectW
SetupDiGetDeviceInterfaceDetailA

winhttp

WinHttpTimeToSystemTime
WinHttpTimeFromSystemTime

gdiplus

GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipDisposeImage
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipCreateHBITMAPFromBitmap
GdiplusStartup

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

mciSendStringA
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
waveOutRestart
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamOpen

gdi32

SetMapMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
DeleteObject
ScaleWindowExtEx
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
SetViewportOrgEx
DeleteDC
CreateRoundRectRgn
GetObjectA
CreateCompatibleDC
OffsetViewportOrgEx
SetViewportExtEx
GetClipBox
ScaleViewportExtEx
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
SetWindowExtEx
GetStockObject
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
CreateDCA
CreateBitmap
SelectObject
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
SetPolyFillMode
SetBkColor
EndPage

powrprof

SetSuspendState

oleacc

ObjectFromLresult

comctl32

ord17
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_GetIcon
ord17
ImageList_Destroy
ImageList_Read
ImageList_Duplicate

oledlg

ord8

rasapi32

RasHangUpA
RasGetConnectStatusA
RasEnumConnectionsA

wldap32

ord29

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44b8a765fe2397f0bf2fe1b8104373a1

Headers

File Characteristics

Imports

kernel32

ole32

user32

shell32

wtsapi32

advapi32

comdlg32

shlwapi

ws2_32

psapi

winspool.drv

dbghelp

wininet

crypt32

oleaut32

iphlpapi

setupapi

winhttp

gdiplus

version

winmm

gdi32

powrprof

oleacc

comctl32

oledlg

rasapi32

wldap32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 2.1MB - Virtual size: 2.3MB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 2.1MB - Virtual size: 2.3MB

.rsrc
Size: 24KB - Virtual size: 22KB