2024-07-06_323edde53933836c7e9d18761d4eae75_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-06_323edde53933836c7e9d18761d4eae75_mafia
Size

2.9MB
MD5

323edde53933836c7e9d18761d4eae75
SHA1

977f4f71c165f69eccffc630e37166ad7e7658f3
SHA256

955990f25f9aa062e02fc280e18cf969e1500a706197d45c3bce3ee022faa89b
SHA512

256dbc6551ffa27ebcef50a866f56e8aae9192ee7433d20d00b50e41b961911ca7b09a5124217d12bd8696e093d000e72fdd6b9958716b520f3a5e0d70c17908
SSDEEP

49152:O20+3Nv4qdV31gb3cdY+gwLIadCS9CVg06h3KIVNJBaeEJj4S1F/AblLBVAksjQn:M+3NJ3Kb3cC+g+pCS9CVgL3KILHaeEJe

Score

1^/10

Malware Config

Signatures

Files

2024-07-06_323edde53933836c7e9d18761d4eae75_mafia
.exe windows:5 windows x86 arch:x86

d7d6bd8d5c1d3f7089d9604279a36342

Code Sign

3b:e0:de:55:c0:e6:a1:c7:fe:17:ca:1d:2f:87:73:4b
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

29/02/2016, 00:00

Not After

02/08/2016, 23:59

Subject

CN=SAMSUNG SDS CO.\, LTD,O=SAMSUNG SDS CO.\, LTD,L=Seoul,ST=Gangnam-gu,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:16:c0:09:98:dc:c6:8f:a2:7d:25:c3:86:36:a8:83:bb
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:a4:3d:fa:37:42:09:29:96:12:8e:51:9d:2e:3a:a1:72:2f:c4:a9:44:f0:18:80:72:a4:49:3b:2d:7e:71:d8
Signer

Actual PE Digest

43:a4:3d:fa:37:42:09:29:96:12:8e:51:9d:2e:3a:a1:72:2f:c4:a9:44:f0:18:80:72:a4:49:3b:2d:7e:71:d8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\gil\ws\git\vdimanager\Release\VDIManager.pdb

Imports

rpcrt4

UuidToStringA

kernel32

HeapCreate
HeapDestroy
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeW
CompareStringW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
SetEnvironmentVariableA
CreateFileW
CreateFileA
ExitThread
VirtualQuery
VirtualAlloc
LCMapStringW
IsValidCodePage
IsProcessorFeaturePresent
GetLocaleInfoW
FindResourceW
FreeLibrary
LoadResource
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
WriteConsoleW
RtlUnwind
GetCurrentProcess
WideCharToMultiByte
SizeofResource
TerminateProcess
RaiseException
GetProcAddress
LoadLibraryA
LockResource
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
InterlockedDecrement
MultiByteToWideChar
Sleep
lstrlenA
GetSystemDefaultUILanguage
FindResourceExW
HeapAlloc
InterlockedIncrement
HeapFree
WaitForSingleObject
SetEvent
GetTickCount
GetProcessHeap
FormatMessageA
InitializeCriticalSection
GetPrivateProfileIntA
TerminateThread
LeaveCriticalSection
CreateProcessA
GetEnvironmentVariableA
GetLastError
EnterCriticalSection
GetPrivateProfileStringA
ResetEvent
OpenMutexA
LocalAlloc
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
DeleteCriticalSection
OutputDebugStringA
ReleaseMutex
LocalFree
DeleteFileA
CreateThread
lstrcpynA
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
IsDebuggerPresent
UnhandledExceptionFilter
SetConsoleCtrlHandler
EncodePointer
DecodePointer
GetUserDefaultLCID
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetNumberFormatA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
SetErrorMode
lstrcpyA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
WritePrivateProfileStringA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
GetFullPathNameA
QueryPerformanceCounter
SetLastError
QueryPerformanceFrequency
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
lstrcmpiA
GetThreadLocale
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
FreeResource
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
CompareStringA
lstrcmpA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
WaitForMultipleObjects
OpenEventA
CreateEventA
GetSystemWow64DirectoryA
GetWindowsDirectoryA
GetComputerNameA
CreateNamedPipeA
FlushFileBuffers
DisconnectNamedPipe
GetModuleFileNameW
ConnectNamedPipe
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
FindResourceA
GetSystemTime
GetTempPathA
DuplicateHandle
CreateToolhelp32Snapshot
GetCurrentDirectoryA
GetSystemInfo
GetExitCodeThread
Process32Next
GetStdHandle
CreateDirectoryA
lstrlenW
GetSystemDirectoryA
GetExitCodeProcess
GetFileAttributesA
GetSystemWindowsDirectoryA
OpenProcess
GetPriorityClass
CreateRemoteThread
GetSystemTimeAsFileTime
GetCurrentThread
Process32First
GetFileSize
ReadFile
WriteFile
ExitProcess

user32

FrameRect
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
DrawEdge
SetClassLongA
DestroyAcceleratorTable
SetParent
DrawIconEx
LoadImageA
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
GetNextDlgGroupItem
InvalidateRgn
SetRect
CopyAcceleratorTableA
CharNextA
GetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
SetCapture
SetWindowRgn
GetSystemMenu
DeleteMenu
OffsetRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
IntersectRect
UnregisterClassA
RealChildWindowFromPoint
DestroyIcon
GetSysColorBrush
WaitMessage
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetCursor
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
DrawStateA
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TranslateAcceleratorA
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
InsertMenuItemA
GetDesktopWindow
MessageBoxA
PostMessageA
EnableWindow
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetMenu
PtInRect
MapVirtualKeyA
GetKeyNameTextA
CopyRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
IsCharLowerA
MapVirtualKeyExA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
IsClipboardFormatAvailable
GetUpdateRect
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindowLongA
SetFocus
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetDoubleClickTime
DestroyCursor
GetWindowRgn
TabbedTextOutA
GetSystemMetrics
SetWindowPos
SendMessageA
GetWindowRect
ReleaseDC
GetDC
GetWindow
RegisterClassA
GetWindowThreadProcessId
LoadCursorA
IsWindowVisible
DispatchMessageA
ShowWindow
DefWindowProcA
CreateWindowExA
TranslateMessage
ExitWindowsEx
KillTimer
GetTopWindow
PostQuitMessage
SetTimer
GetMessageA
DestroyWindow
IsWindow
LoadIconW
InflateRect
GetClientRect
DrawIcon
IsIconic
BringWindowToTop
CallWindowProcA
SetWindowLongA
SetMenuDefaultItem
GetCursorPos
LoadMenuW
RegisterWindowMessageA
SetForegroundWindow
GetSubMenu
TrackPopupMenu
GetShellWindow
FindWindowA
SendMessageTimeoutA
PeekMessageA
EnumWindows
MsgWaitForMultipleObjects
PostThreadMessageA
GetClassNameA
InvalidateRect
SubtractRect
FillRect
EnumDisplayDevicesA
RemoveMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetParent
GetFocus

gdi32

OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetPaletteEntries
SetWindowOrgEx
BitBlt
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
SetViewportExtEx
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceA
GetNearestPaletteIndex
ScaleViewportExtEx
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
GetTextExtentPoint32A
GetObjectA
GetTextExtentPointA
GetCurrentObject
CreateFontIndirectA
CreateSolidBrush
CopyMetaFileA
CreateDCA
CreateBitmap
CreateRectRgnIndirect
PatBlt
SetTextColor
SetBkColor
SaveDC
RestoreDC
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
PtInRegion
GetPixel
SetPolyFillMode
SetBkMode
RealizePalette
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyExW
RegSetValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetUserNameA
GetSecurityDescriptorSacl
RegEnumValueA
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteValueA
DuplicateTokenEx
LookupPrivilegeValueW
GetSidSubAuthorityCount
GetSidSubAuthority
RegCloseKey
AdjustTokenPrivileges
RegEnumKeyA
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
RegQueryValueExA
EqualSid
RegSetValueExA
GetTokenInformation
OpenProcessToken

shell32

ExtractIconA
SHGetSpecialFolderPathA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA
Shell_NotifyIconA
DragQueryFileA
DragFinish
SHAppBarMessage
ShellExecuteA
ord680
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoA

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFileExistsA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW

ole32

ReleaseStgMedium
OleDuplicateData
CoRegisterClassObject
CoRevokeClassObject
CoDisconnectObject
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject
CoInitializeSecurity
StringFromGUID2
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
CLSIDFromString
StringFromCLSID
CreateStreamOnHGlobal
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CreateBindCtx
CoUninitialize
OleRun
CoGetObject
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance

oleaut32

VariantClear
SysStringLen
VariantCopy
VariantChangeType
VariantInit
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysStringByteLen
SafeArrayPutElement
SafeArrayGetElement
SysAllocStringLen
SafeArrayCreate
SafeArrayDestroy
SysAllocString
SysAllocStringByteLen

oledlg

ord8

urlmon

RegisterBindStatusCallback
CoGetClassObjectFromURL

gdiplus

GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

ws2_32

WSASetLastError
ioctlsocket
connect
WSAGetLastError
socket
__WSAFDIsSet
WSAStartup
WSACleanup
gethostbyaddr
recvfrom
inet_addr
select
htons
sendto
bind
closesocket
WSASocketA
gethostname
inet_ntoa
gethostbyname
setsockopt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

msi

ord204

iphlpapi

SendARP
GetNetworkParams
GetAdaptersAddresses
GetIpAddrTable
GetAdaptersInfo
GetIfEntry

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
HttpOpenRequestA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7d6bd8d5c1d3f7089d9604279a36342

Code Sign

3b:e0:de:55:c0:e6:a1:c7:fe:17:ca:1d:2f:87:73:4bCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

11:21:16:c0:09:98:dc:c6:8f:a2:7d:25:c3:86:36:a8:83:bbCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

43:a4:3d:fa:37:42:09:29:96:12:8e:51:9d:2e:3a:a1:72:2f:c4:a9:44:f0:18:80:72:a4:49:3b:2d:7e:71:d8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

gdiplus

ws2_32

version

msi

iphlpapi

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 494KB - Virtual size: 494KB

.data Size: 38KB - Virtual size: 77KB

.rsrc Size: 212KB - Virtual size: 212KB

.reloc Size: 278KB - Virtual size: 277KB

3b:e0:de:55:c0:e6:a1:c7:fe:17:ca:1d:2f:87:73:4b
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

11:21:16:c0:09:98:dc:c6:8f:a2:7d:25:c3:86:36:a8:83:bb
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

43:a4:3d:fa:37:42:09:29:96:12:8e:51:9d:2e:3a:a1:72:2f:c4:a9:44:f0:18:80:72:a4:49:3b:2d:7e:71:d8
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 494KB - Virtual size: 494KB

.data
Size: 38KB - Virtual size: 77KB

.rsrc
Size: 212KB - Virtual size: 212KB

.reloc
Size: 278KB - Virtual size: 277KB