autoplay[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

autoplay.dll
Size

173KB
MD5

ad0b5687c58be5f368ff6284188be047
SHA1

02da5561a5a5d406b3b7271d336fb3e8060e76b9
SHA256

5f38a13e2e27210dee1b391933849b3e5d0d386e011f035d3ff54bf2e061e274
SHA512

bff5d1ec4d4f39b7ef4ac1d72cc1e4d4996f5f6f82d9fd6938c9c4d7c729b1ffede9489a826c51740d3dc71c0f3ff06eafe475398f87077ae6240f37f5e43b6b
SSDEEP

3072:z5KBKOWgD21C9rvjvnkwLTipfL9xXVlTpWzoaoLZFEgf1MiHdd5pTjFqUwPY:zzHggC5nkyTiPXVl1wolMgzPPTkUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
autoplay.dll

Files

autoplay.dll
.dll windows:10 windows x86 arch:x86

a2a46e615c19a58e299193d5a1544332

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

autoplay.pdb

Imports

msvcrt

memcpy_s
_unlock
free
_onexit
_except_handler4_common
_initterm
malloc
_amsg_exit
__dllonexit
_XcptFilter
_lock
memcpy
memcmp
_vsnwprintf
_vsnprintf_s
memmove_s
memset

atl

ord30

shell32

ord155
ord18
ord25
SHBindToObject
ShellExecuteExW
SHParseDisplayName

shlwapi

ord437
SHGetValueW
ord256
ord199
ord219
ord544
ord158
ord514
ord24
ord156
ord204
ord174
ord176
SHStrDupW
ord618
SHDeleteValueW
ord538
SHSetValueW
StrCmpIW

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
FindResourceExW
LockResource
GetModuleHandleW
LoadResource
GetModuleFileNameW
DisableThreadLibraryCalls
LoadLibraryExW
LoadStringW
GetProcAddress
GetModuleHandleExW

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
CreateMutexExW
ReleaseSemaphore
OpenSemaphoreW
AcquireSRWLockExclusive
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
WaitForSingleObjectEx
ReleaseSRWLockShared
ReleaseSRWLockExclusive
DeleteCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockShared
CreateSemaphoreExW

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegSetValueExW
RegCloseKey

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventUnregister

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
CloseThreadpoolTimer

devobj

DevObjCreateDeviceInfoList
DevObjGetClassDevs
DevObjEnumDeviceInterfaces
DevObjDestroyDeviceInfoList

kernel32

DeactivateActCtx
ActivateActCtx
ReleaseActCtx
CreateActCtxW

ntdll

EtwEventRegister
EtwEventUnregister
EtwLogTraceEvent
WinSqmAddToStream
EtwEventSetInformation
EtwEventWriteTransfer

dui70

UnInitThread
UnInitProcessPriv
InitThread
InitProcessPriv
?CreateXBaby@XProvider@DirectUI@@UAEJPAVIXElementCP@2@PAUHWND__@@PAVElement@2@PAKPAPAUIXBaby@2@@Z
?SetButtonClassAcceptsEnterKey@XProvider@DirectUI@@UAGJ_N@Z
?GetAtom@Value@DirectUI@@QAEGXZ
?Init@NavReference@DirectUI@@QAEXPAVElement@2@PAUtagRECT@@@Z
?SetRegisteredDefaultButton@XProvider@DirectUI@@UAGJPAVElement@2@@Z
?ClickDefaultButton@XProvider@DirectUI@@UAGHXZ
?ForceThemeChange@XProvider@DirectUI@@UAGJIJ@Z
?GetHostedElementID@XProvider@DirectUI@@UAGJPAG@Z
?FindElementWithShortcutAndDoDefaultAction@XProvider@DirectUI@@UAGHGH@Z
?CanSetFocus@XProvider@DirectUI@@UAGJPA_N@Z
?Navigate@XProvider@DirectUI@@UAGJHPA_N@Z
?SetFocus@XProvider@DirectUI@@UAGJPAVElement@2@@Z
?IsDescendent@XProvider@DirectUI@@UAGJPAVElement@2@PA_N@Z
?GetDesiredSize@XProvider@DirectUI@@UAGJHHPAUtagSIZE@@@Z
?SetParameter@XProvider@DirectUI@@UAGJABU_GUID@@PAX@Z
?AddRef@XProvider@DirectUI@@UAGKXZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SGPAUIClassInfo@2@XZ
?SetDefaultButtonTracking@XProvider@DirectUI@@UAGJ_N@Z
?SetHandleEnterKey@XProvider@DirectUI@@IAEX_N@Z
?CreateDUI@XProvider@DirectUI@@UAGJPAVIXElementCP@2@PAPAUHWND__@@@Z
?GetRoot@XProvider@DirectUI@@IAEPAVElement@2@XZ
?Initialize@XProvider@DirectUI@@QAEJPAVElement@2@PAVIXProviderCP@2@@Z
?Create@XResourceProvider@DirectUI@@SGJPAUHINSTANCE__@@PBG11PAPAV12@@Z
?QueryInterface@XProvider@DirectUI@@UAGJABU_GUID@@PAPAX@Z
??1XProvider@DirectUI@@UAE@XZ
??0XProvider@DirectUI@@QAE@XZ
?GetID@Element@DirectUI@@QAEGXZ
?GetType@Value@DirectUI@@QBEHXZ
?GetBool@Value@DirectUI@@QAE_NXZ
?GetDisplayNode@Element@DirectUI@@QAEPAUHGADGET__@@XZ
?IsDestroyed@Element@DirectUI@@QAE_NXZ
?GetWidth@Element@DirectUI@@QAEHXZ
?GetHeight@Element@DirectUI@@QAEHXZ
?SetHeight@Element@DirectUI@@QAEJH@Z
?SetEnabled@Element@DirectUI@@QAEJ_N@Z
?GetHWND@HWNDHost@DirectUI@@UAEPAUHWND__@@XZ
?GetHWNDParent@HWNDHost@DirectUI@@QAEPAUHWND__@@XZ
?GetTransparent@HWNDHost@DirectUI@@QAE_NXZ
?EraseBkgnd@HWNDHost@DirectUI@@MAE_NPAUHDC__@@PAJ@Z
?SetWindowDirection@HWNDHost@DirectUI@@UAEXPAUHWND__@@@Z
?OnWindowStyleChanged@HWNDHost@DirectUI@@UAEXIPBUtagSTYLESTRUCT@@@Z
?OnCtrlThemeChanged@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnSinkThemeChanged@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?GetAccessibleImpl@HWNDHost@DirectUI@@UAEJPAPAUIAccessible@@@Z
?GetKeyFocused@HWNDHost@DirectUI@@UAE_NXZ
?OnUnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?MessageCallback@HWNDHost@DirectUI@@UAEIPAUtagGMSG@@@Z
?Paint@HWNDHost@DirectUI@@UAEXPAUHDC__@@PBUtagRECT@@1PAU4@2@Z
?OnEvent@HWNDHost@DirectUI@@UAEXPAUEvent@2@@Z
?OnDestroy@HWNDHost@DirectUI@@UAEXXZ
?Register@HWNDHost@DirectUI@@SGJXZ
?GetStringNull@Value@DirectUI@@SGPAV12@XZ
?CreateAccNameLabel@HWNDHost@DirectUI@@IAEPAUHWND__@@PAU3@@Z
?SyncRect@HWNDHost@DirectUI@@IAEXI_N@Z
?OnAdjustWindowSize@HWNDHost@DirectUI@@UAEHHHI@Z
?OnNotify@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?OnPropertyChanged@HWNDHost@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?FireEvent@Element@DirectUI@@QAEXPAUEvent@2@_N1@Z
?OnInput@HWNDHost@DirectUI@@UAEXPAUInputEvent@2@@Z
?GetBoolFalse@Value@DirectUI@@SGPAV12@XZ
??1HWNDHost@DirectUI@@UAE@XZ
??0HWNDHost@DirectUI@@QAE@XZ
?Initialize@HWNDHost@DirectUI@@QAEJIIPAVElement@2@PAK@Z
?GetClassInfoPtr@HWNDHost@DirectUI@@SGPAUIClassInfo@2@XZ
?GetValue@Element@DirectUI@@QAEPAVValue@2@P6GPBUPropertyInfo@2@XZHPAUUpdateCache@2@@Z
?HeightProp@Element@DirectUI@@SGPBUPropertyInfo@2@XZ
?GetInt@Value@DirectUI@@QAEHXZ
?GetString@Value@DirectUI@@QAEPBGXZ
?Release@Value@DirectUI@@QAEXXZ
??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QAE@XZ
?IsRTLReading@Element@DirectUI@@UAE_NXZ
?IsContentProtected@Element@DirectUI@@UAE_NXZ
?QueryInterface@Element@DirectUI@@UAGJABU_GUID@@PAPAX@Z
?UpdateTooltip@Element@DirectUI@@MAEXPAV12@@Z
?ActivateTooltip@Element@DirectUI@@MAEXPAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MAEXPAV12@@Z
?GetVisible@Element@DirectUI@@QAE_NXZ
?GetChildren@Element@DirectUI@@QAEPAV?$DynamicArray@PAVElement@DirectUI@@$0A@@2@PAPAVValue@2@@Z
?GetKeyFocused@Element@DirectUI@@UAE_NXZ
?GetSelected@Element@DirectUI@@QAE_NXZ
?SetLayoutPos@Element@DirectUI@@QAEJH@Z
?SetContentString@Element@DirectUI@@QAEJPBG@Z
?SetID@Element@DirectUI@@QAEJPBG@Z
?SetSelected@Element@DirectUI@@QAEJ_N@Z
?SetAccName@Element@DirectUI@@QAEJPBG@Z
?SetAccDesc@Element@DirectUI@@QAEJPBG@Z
??0Macro@DirectUI@@QAE@XZ
??1Macro@DirectUI@@UAE@XZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UBEXXZ
?GetChildren@ClassInfoBase@DirectUI@@UBEHXZ
?RemoveChild@ClassInfoBase@DirectUI@@UAEXXZ
?AddChild@ClassInfoBase@DirectUI@@UAEXXZ
?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ
?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ
?IsSubclassOf@ClassInfoBase@DirectUI@@UBE_NPAUIClassInfo@2@@Z
?IsValidProperty@ClassInfoBase@DirectUI@@UBE_NPBUPropertyInfo@2@@Z
?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ
?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ
?GetByClassIndex@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?Release@ClassInfoBase@DirectUI@@UAEHXZ
?AddRef@ClassInfoBase@DirectUI@@UAEXXZ
?BuildElement@Macro@DirectUI@@MAEJXZ
?Add@Macro@DirectUI@@UAEJPAPAVElement@2@I@Z
?OnPropertyChanged@Macro@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?GetUiaFocusDelegate@Element@DirectUI@@UAEPAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UAEXPAUEvent@2@@Z
?SetActive@Element@DirectUI@@QAEJH@Z
?GetUnset@Value@DirectUI@@SGPAV12@XZ
?GetAtomZero@Value@DirectUI@@SGPAV12@XZ
?SetKeyFocus@HWNDHost@DirectUI@@UAEXXZ
?Insert@Element@DirectUI@@UAEJPAPAV12@II@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UAEXXZ
?GetElementProviderImpl@Element@DirectUI@@UAEJPAVInvokeHelper@2@PAPAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UAEJABU_GUID@@PAPAX@Z
?DefaultAction@Element@DirectUI@@UAEJXZ
?GetAccessibleImpl@Element@DirectUI@@UAEJPAPAUIAccessible@@@Z
?OnUnHosted@Element@DirectUI@@MAEXPAV12@@Z
?OnHosted@Element@DirectUI@@MAEXPAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MAE?AUtagSIZE@@HHPAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MAEXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UAEXPAUtagRECT@@@Z
?MessageCallback@Element@DirectUI@@UAEIPAUtagGMSG@@@Z
?GetIntZero@Value@DirectUI@@SGPAV12@XZ
?SetValue@Element@DirectUI@@QAEJP6GPBUPropertyInfo@2@XZHPAVValue@2@@Z
?CreateInt@Value@DirectUI@@SGPAV12@HW4DynamicScaleValue@@@Z
?ContentProp@Element@DirectUI@@SGPBUPropertyInfo@2@XZ
?GetClassInfoPtr@Element@DirectUI@@SGPAUIClassInfo@2@XZ
?StartDefer@Element@DirectUI@@QAEXPAK@Z
?EndDefer@Element@DirectUI@@QAEXK@Z
?Initialize@Element@DirectUI@@QAEJIPAV12@PAK@Z
??0Element@DirectUI@@QAE@XZ
??1Element@DirectUI@@UAE@XZ
?GetClassInfoPtr@Macro@DirectUI@@SGPAUIClassInfo@2@XZ
?Initialize@Macro@DirectUI@@QAEJPAVElement@2@PAK@Z
?FindDescendent@Element@DirectUI@@QAEPAV12@G@Z
StrToID
?GetValue@Element@DirectUI@@QAEPAVValue@2@PBUPropertyInfo@2@HPAUUpdateCache@2@@Z
?SetValue@Element@DirectUI@@QAEJPBUPropertyInfo@2@HPAVValue@2@@Z
?CreateElement@DUIXmlParser@DirectUI@@QAEJPBGPAVElement@2@1PAKPAPAV32@@Z
?Destroy@DUIXmlParser@DirectUI@@QAEXXZ
?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QAEJIPAUHINSTANCE__@@0@Z
?Add@Element@DirectUI@@QAEJPAV12@@Z
?Destroy@Element@DirectUI@@QAEJ_N@Z
?Click@Button@DirectUI@@SG?AVUID@@XZ
?OnEvent@Element@DirectUI@@UAEXPAUEvent@2@@Z
?OnDestroy@Element@DirectUI@@UAEXXZ
?CreateGraphic@Value@DirectUI@@SGPAV12@PAUHICON__@@_N11@Z
?Register@Element@DirectUI@@SGJXZ
?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ
?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z
?Register@ClassInfoBase@DirectUI@@QAEJXZ
?Register@Macro@DirectUI@@SGJXZ
?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z
??0ClassInfoBase@DirectUI@@QAE@XZ
??1ClassInfoBase@DirectUI@@UAE@XZ
?GetContentStringAsDisplayed@Element@DirectUI@@UAEPBGPAPAVValue@2@@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@Element@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@Element@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnGroupChanged@Element@DirectUI@@UAEXH_N@Z
?OnInput@Element@DirectUI@@UAEXPAUInputEvent@2@@Z
?OnKeyFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnMouseFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?Paint@Element@DirectUI@@UAEXPAUHDC__@@PBUtagRECT@@1PAU4@2@Z
?GetContentSize@Element@DirectUI@@UAE?AUtagSIZE@@HHPAVSurface@2@@Z
?Add@Element@DirectUI@@UAEJPAPAV12@I@Z
?RemoveBehavior@Element@DirectUI@@UAEJPAUIDuiBehavior@@@Z
?Remove@Element@DirectUI@@UAEJPAPAV12@I@Z
?GetAdjacent@Element@DirectUI@@UAEPAV12@PAV12@HPBUNavReference@2@K@Z
?EnsureVisible@Element@DirectUI@@UAE_NHHHH@Z
?SetKeyFocus@Element@DirectUI@@UAEXXZ
?AddBehavior@Element@DirectUI@@UAEJPAUIDuiBehavior@@@Z

duser

ForwardGadgetMessage
AttachWndProcW

gdi32

SelectObject
GetTextExtentPoint32W
ExcludeClipRect

user32

GetDC
SetWindowPos
GetSystemMetrics
CallWindowProcW
SendMessageW
DestroyIcon
EnableWindow
CreateWindowExW
GetWindowLongW
GetComboBoxInfo
GetParent
MapWindowPoints
ReleaseDC
WindowFromDC
GetWindowRect
LoadCursorW
SetCursor
GetFocus

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2a46e615c19a58e299193d5a1544332

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

atl

shell32

shlwapi

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-threadpool-l1-2-0

devobj

kernel32

ntdll

dui70

duser

gdi32

user32

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 512B - Virtual size: 2KB

.idata Size: 16KB - Virtual size: 15KB

.didat Size: 512B - Virtual size: 8B

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 2KB

.idata
Size: 16KB - Virtual size: 15KB

.didat
Size: 512B - Virtual size: 8B

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 6KB - Virtual size: 5KB