42ef5900e5ab606483cbda01b4632dac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42ef5900e5ab606483cbda01b4632dac_JaffaCakes118
Size

1.7MB
MD5

42ef5900e5ab606483cbda01b4632dac
SHA1

fa1e4c2d3f79f23ce94d222ff080ec5730cffa8c
SHA256

1e2f2fdc62556d878962d57aa2ca8d702c5bdd9e948eb3f1bfd15bdc68450e80
SHA512

62871a5021f3ac95d4bb5d879e39ba29e3a2fed66f391b042012e23cd32c06216f5d58411ca8bd91e0fdf562dc23654497169155c355257be0eb1f8926b10cb6
SSDEEP

24576:U4WP0ZPK5a0KWVURxRXF4JgHcWYZx8lSIOtU3ZSKfvr764X6AV2UIpOLe/+sNATv:UoNecSKH64LsMv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42ef5900e5ab606483cbda01b4632dac_JaffaCakes118

Files

42ef5900e5ab606483cbda01b4632dac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5009e7a40b046c251e087a62d4ee300

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wufocomp

??1CImgNode@@UAE@XZ
?IsLock@CImgNode@@QAEHXZ
?IsShow@CImgNode@@QAEHXZ
?SetLock@CImgNode@@QAEXH@Z
?SetShowHide@CImgNode@@QAEXH@Z
??0CImgNode@@QAE@XZ
?IsTextObj@CImgNode@@QAEHXZ
ucExportToUFOEx
ucCreateComponent
ucReadUFOToComp
ucDeleteComponent

veui32

Veui32Unregister
Veui32Register

u32plug

u32PiLinkAPSPi
u32PiGetItems
u32PiAction
u32PiGetInfo

u32cfg

ord5
ord4
ord7
ord17
?InitAboutDlgInfo@@YAHPAUHINSTANCE__@@AAUABOUTINFO@@@Z
ord2
?DestoryAboutDlgInfo@@YAXAAUABOUTINFO@@@Z

u32fido

ufdRegister

u32sn

snGetPushURL

uwupdate

uwCheck
uwAbortCheck
uwInit
uwFini

winmm

mmioOpenA
mmioWrite
mmioClose
timeGetTime
mmioAscend
mmioCreateChunk

mpr

WNetAddConnectionA

usscvt

cvt32GetDefOptions
cvtGRBToI8
cvt32BufType
cvt32DIBToBuf
cvt32DDBToBuf
cvt32BufToDIB
cvt32CreatePalette
WebSnap
cvt32ToI8GlobalPal
cvt32DIBPtrToBuf
cvt32EndGlobalPal
cvt32BeginGlobalPal

u32base

mem32_555To888
mem32_565To888
mem32ByteInvert
i32ColorspaceConvert
mem32Exchange
buf32GetInfo
buf32MergeBuf
buf32GetMem
buf32GetWHU
vcResample
i32MergeEx
u32BufferResampleEx
mem32Fill
d32AddQueue
disp32ShowEnd
buf32FillOneColor
disp32ShowData
buf32Alloc
buf32GetBuf
mem32GetMem
d32IsInQueue
mem32Resample
mem32Enlarge
disp32ShowInit
disp32GetDevInfo
buf32MergeMem
disp32PalDuplicate
buf32Line
buf32Free
d32DeleteQueue
i32Merge
buf32DupBuf
buf32Unlock
buf32Lock
mem32Reduce

ussgifsa

ChunkAction
AniGifAction

ussjpgen

_JpegSave@12
JpegReadFile

ushadow

uCreateShadow

u32sel

sel32EllipseMakeMaskEx
sel32Init
sel32LassoMakeMaskEx
sel32CalcSelectBound
sel32CombineMask
sel32CreateMarquee
sel32DrawMarquee
sel32SetMarqueeColor
sel32MagicWandMakeMaskEx
sel32FreeMarquee
sel32RectMakeMaskEx

upictrl

?Init@CFontCombo@@QAEXH@Z
?OnMenuSelect@CCoolMenuManager@@MAEXIIPAUHMENU__@@@Z
??1CFontCombo@@UAE@XZ
??0CFontCombo@@QAE@XZ
?OnMeasureItem@CCoolMenuManager@@MAEHPAUtagMEASUREITEMSTRUCT@@@Z
?OnMenuChar@CCoolMenuManager@@MAEJIIPAVCMenu@@@Z
?OnDrawItem@CCoolMenuManager@@MAEHPAUtagDRAWITEMSTRUCT@@@Z
?Destroy@CCoolMenuManager@@UAEXXZ
?OnInitMenuPopup@CCoolMenuManager@@MAEXPAVCMenu@@IH@Z
?Refresh@CCoolMenuManager@@UAEXXZ
?GetCurFont@CFontCombo@@QAEHPAUtagLOGFONTA@@@Z
?GetButtonSize@CCoolMenuManager@@UAE?AVCSize@@XZ
?GetBitmapInfo@CCoolMenuManager@@UAEHIAAPAUHINSTANCE__@@AAIAAVCRect@@@Z
?MeasureItem@CPicGroupCombo@@MAEXPAUtagMEASUREITEMSTRUCT@@@Z
?Install@CCoolMenuManager@@QAEXPAVCFrameWnd@@@Z
?FixListHeight@CPicGroupCombo@@MAEXXZ
?PreCreateWindow@CFontCombo@@MAEHAAUtagCREATESTRUCTA@@@Z
?DrawItem@CPicGroupCombo@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?OnChildNotify@CPicGroupCombo@@MAEHIIJPAJ@Z
?messageMap@CFontCombo@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CFontCombo@@MAEXXZ
?GetRuntimeClass@CPicGroupCombo@@UBEPAUCRuntimeClass@@XZ
??0CCoolMenuManager@@QAE@XZ
?WindowProc@CCoolMenuManager@@MAEJIIJ@Z
?ExtractBmp@@YAHAAPAUHBITMAP__@@PAUHINSTANCE__@@HAAVCPoint@@AAVCSize@@H@Z
??1CCoolMenuManager@@UAE@XZ
?GetRuntimeClass@CCoolMenuManager@@UBEPAUCRuntimeClass@@XZ

urender

urSetRenderTarget
urclDelete
urSetColor
urclSetValue
urclGetValue
ur3dFastGetSetting
ur3dFastSetSetting
urGetDeformData
urIsSameColorValue
urSetTextStyle
urGetTextStyle
urGetRichEditInfo
urDeleteRichEditInfo
urMovePathTo
urSplitText
urGetColor
urSetAntiAlias
urSetRichEditInfo
urGetTransformData
urGetPathULPoint
urIsAntiAlias
urCreateTextObjectWithString
urGetFontSize2
urIsSameRichEditInfo
urCopyTextAttribute
urGetFontSize
urGetFont
urGetAlign
urSetFont
urSetAlign
urSetVerticalText
urIsVerticalText
urDelDeformData
urSetDeformData
urSetFontSize
urGetRenderTarget
urCreateTextObject
urGetColorValue
urSetShadowAttr
urEnableShadow
urDuplicateTextObj
urDuplicatePathObj
urGetPathFitRect
urSetColorValue
urDeleteTextPathObject
urDelTransformData
urGetRSRHandle
urRenderObject
urCreatePathObject
urFlattenObject
urUnFlattenObject
urSetTransformData
urGetShadowAttr
urGetBorderType
urHasShadow
urGetPathRect

maskop

MaskOp

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ucsrwufo

wcsSetStream
wcsGetStream
wcsHasStream

u32path

FixToDb
DbToFix

managead

_AdAvailable@0
_AdAddItem@16

pngfio

Png_Write

uaboutbox

?ShowAboutBox2@@YAHPAVCWnd@@PAUABOUTINFO@@@Z

mfc42

ord6241
ord2582
ord4402
ord768
ord489
ord4259
ord4715
ord4349
ord5260
ord2087
ord2626
ord2117
ord6000
ord2627
ord2494
ord366
ord6491
ord1576
ord813
ord4436
ord1665
ord4427
ord4892
ord5472
ord674
ord5012
ord3350
ord975
ord4467
ord5103
ord996
ord3790
ord5850
ord818
ord3742
ord3763
ord364
ord4241
ord1841
ord5791
ord2393
ord2243
ord3986
ord2767
ord6458
ord2714
ord2569
ord5153
ord5606
ord4454
ord4230
ord3701
ord6086
ord6857
ord6807
ord2867
ord2119
ord804
ord2091
ord3729
ord3394
ord4406
ord2587
ord4202
ord3097
ord3921
ord3294
ord2108
ord6385
ord5442
ord1943
ord5063
ord1870
ord4115
ord4443
ord4676
ord4995
ord5282
ord4590
ord4413
ord4499
ord3403
ord4724
ord5066
ord5252
ord5732
ord4146
ord6209
ord4457
ord5265
ord4376
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord324
ord825
ord641
ord4234
ord800
ord3874
ord6199
ord4160
ord3092
ord540
ord4710
ord6283
ord6282
ord2642
ord5981
ord4853
ord2652
ord1669
ord1168
ord3095
ord6374
ord609
ord809
ord1175
ord2575
ord6055
ord1776
ord4396
ord5290
ord3402
ord4424
ord3574
ord1008
ord556
ord567
ord2302
ord6357
ord1087
ord2122
ord2864
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord3663
ord3089
ord2817
ord6453
ord2881
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord1709
ord5234
ord6369
ord5279
ord5248
ord2444
ord298
ord620
ord823
ord6571
ord5460
ord4083
ord2233
ord6141
ord5821
ord3662
ord414
ord1265
ord5440
ord6383
ord860
ord858
ord703
ord603
ord404
ord2454
ord3318
ord1969
ord273
ord403
ord1817
ord4235
ord5082
ord1712
ord6053
ord327
ord642
ord6197
ord3797
ord4700
ord3495
ord3058
ord3065
ord6336
ord2510
ord5243
ord5740
ord5577
ord3172
ord4420
ord4953
ord4387
ord3454
ord3198
ord6175
ord4623
ord4426
ord713
ord4823
ord5862
ord6144
ord4858
ord812
ord559
ord801
ord541
ord1945
ord1567
ord268
ord6080
ord5852
ord1187
ord2884
ord4696
ord616
ord793
ord656
ord922
ord924
ord941
ord4129
ord5683
ord5572
ord2915
ord535
ord939
ord537
ord5710
ord3499
ord2515
ord355
ord1160
ord5651
ord3127
ord3616
ord6404
ord350
ord5610
ord3103
ord5583
ord2784
ord2062
ord5859
ord6883
ord2818
ord5604
ord5450
ord6394
ord3692
ord3626
ord1641
ord2414
ord2614
ord665
ord1979
ord5186
ord354
ord2919
ord1264
ord1140
ord5510
ord4042
ord1652
ord429
ord3174
ord786
ord2461
ord519
ord1746
ord2399
ord1835
ord1789
ord1944
ord1871
ord3721
ord795
ord4275
ord2379
ord3706
ord3573
ord755
ord5875
ord2567
ord6189
ord6194
ord6021
ord470
ord2634
ord5799
ord3754
ord6129
ord5768
ord3753
ord6130
ord6128
ord613
ord289
ord4589
ord4899
ord4341
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord4432
ord2535
ord4723
ord2860
ord3571
ord5785
ord1640
ord323
ord2859
ord6400
ord879
ord882
ord3984
ord2740
ord2801
ord4588
ord4370
ord5100
ord4303
ord5237
ord2649
ord560
ord4273
ord2086
ord4464
ord2381
ord6597
ord6800
ord6650
ord6591
ord3059
ord3698
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord6808
ord6835
ord5076
ord4340
ord4347
ord4889
ord4963
ord4960
ord6054
ord1725
ord6691
ord6478
ord6514
ord1233
ord6614
ord4720
ord6805
ord6797
ord4456
ord5281
ord6854
ord1908
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord771
ord496
ord4077
ord4151
ord2066
ord6069
ord2882
ord3803
ord6215
ord6195
ord3870
ord640
ord4287
ord4284
ord2109
ord5849
ord3475
ord4299
ord6880
ord2754
ord5787
ord3220
ord1938
ord4268
ord3295
ord4366
ord5086
ord1710
ord1715
ord5064
ord807
ord384
ord554
ord686
ord2862
ord1920
ord4262
ord784
ord439
ord517
ord736
ord3693
ord4133
ord4297
ord2380
ord6119
ord5788
ord5781
ord6131
ord6216
ord3755
ord5495
ord3216
ord5037
ord5608
ord2542
ord5653
ord652
ord338
ord1825

msvcrt

_XcptFilter
?terminate@@YAXXZ
_strdup
_exit
_stricmp
exit
_unlink
_setmbcp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strtoul
_except_handler3
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
atol
atoi
__CxxFrameHandler
fwrite
fopen
fclose
_CIacos
wcslen
wcscpy
wcscat
_CIpow
_mbsstr
_itoa
__p___argc
__p___argv
_mbctype
strtod
_mbsnbcmp
realloc
rand
strchr
_CxxThrowException
malloc
isdigit
_mbstok
_ltoa
_mbsicmp
_ftol
ceil
floor
_mbsrchr
_purecall
free
_mbscmp
_mbsinc
_mbslwr
strtol
_makepath
_splitpath
_mbschr
strncpy
qsort
memmove

kernel32

ReadFile
GetStartupInfoA
GetWindowsDirectoryA
GetPrivateProfileIntA
GetFileTime
MultiByteToWideChar
IsDBCSLeadByteEx
GetACP
GetFileSize
MulDiv
CreateDirectoryA
GetTempPathA
GetTempFileNameA
WritePrivateProfileStringA
LocalAlloc
LocalLock
SetErrorMode
LocalUnlock
LocalFree
GetModuleHandleA
GetCurrentProcessId
GetVersionExA
CompareFileTime
GlobalHandle
SetFilePointer
IsValidCodePage
WriteFile
CreateFileA
CopyFileA
CloseHandle
GetLastError
lstrcmpiA
lstrcpynA
LoadLibraryExA
LoadLibraryA
GetProcAddress
FreeLibrary
EnumResourceNamesA
lstrlenA
lstrcatA
lstrcpyA
FindFirstFileA
FindNextFileA
FindClose
GlobalAlloc
GetTickCount
GetShortPathNameA
GetCurrentDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteFileA
MoveFileA
SetCurrentDirectoryA
GetModuleFileNameA
WinExec
GlobalLock
GlobalUnlock
GlobalFree
GetSystemDirectoryA

user32

DrawEdge
CharUpperA
CharLowerA
CreateWindowExA
CharNextExA
MessageBoxA
RedrawWindow
GetClassLongA
BeginDeferWindowPos
wvsprintfA
GetDCEx
ShowCursor
MoveWindow
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
SubtractRect
GetDlgCtrlID
EndDeferWindowPos
SystemParametersInfoA
GetSysColorBrush
WindowFromPoint
IsZoomed
SetParent
DdeInitializeA
SetWindowTextA
GetDlgItemInt
GetDlgItemTextA
KillTimer
SetTimer
LookupIconIdFromDirectory
CreateIconFromResource
SetDlgItemInt
LoadStringA
CharNextA
GetWindow
PostQuitMessage
PeekMessageA
CharPrevA
GetKeyState
DispatchMessageA
GetWindowRect
DefWindowProcA
ClientToScreen
DrawTextA
EqualRect
FillRect
GetSysColor
ScreenToClient
InflateRect
UpdateWindow
SetWindowLongA
EnumChildWindows
DrawFrameControl
GetMenu
InsertMenuA
SetMessageQueue
RegisterWindowMessageA
DrawMenuBar
LoadIconA
GetMenuItemCount
WinHelpA
GetNextDlgTabItem
GetMenuItemID
GetMenuStringA
DeleteMenu
CreatePopupMenu
DestroyWindow
GetSystemMenu
wsprintfA
GetSystemMetrics
SetCursor
EnableMenuItem
GetDesktopWindow
GetWindowDC
DrawTextExA
CheckMenuItem
SetWindowPos
BringWindowToTop
SetActiveWindow
SetForegroundWindow
GetClassNameA
TranslateAcceleratorA
GetActiveWindow
GetCapture
TranslateMessage
LoadBitmapA
DrawIconEx
DestroyIcon
DialogBoxParamA
ShowWindow
EndDialog
GetAsyncKeyState
ReleaseCapture
SetCapture
LoadCursorA
GetClientRect
EmptyClipboard
IsChild
GetDC
ReleaseDC
GetWindowTextA
SetFocus
SetDlgItemTextA
SetClipboardData
SetRectEmpty
SendMessageA
EnableWindow
IsRectEmpty
IntersectRect
GetFocus
InvalidateRect
GetSubMenu
LoadMenuA
GetCursorPos
GetWindowLongA
IsWindow
PostMessageA
OffsetRect
PtInRect
UnionRect
AppendMenuA
GetParent
SendDlgItemMessageA
GetDlgItem
CheckRadioButton
MessageBeep
IsWindowVisible
CopyRect
RegisterClipboardFormatA
CloseClipboard
GetClipboardData
OpenClipboard
EnumClipboardFormats
IsIconic
SetRect

gdi32

GetObjectA
CreateHatchBrush
EqualRgn
Polyline
CreatePolyPolygonRgn
RectInRegion
CreateEllipticRgnIndirect
Ellipse
CreateFontA
GetTextMetricsA
GetTextCharsetInfo
CreateICA
RealizePalette
SetPixel
GetDeviceCaps
PolyPolygon
PtInRegion
GetObjectType
Rectangle
TranslateCharsetInfo
EnumFontFamiliesExA
LineDDA
DeleteDC
GetPixel
CreateBitmap
ExtFloodFill
GetTextColor
GetBkColor
CreatePen
PatBlt
StretchBlt
CreateFontIndirectA
SelectObject
GetTextFaceA
GetTextCharset
GetNearestPaletteIndex
SetPaletteEntries
GetClipBox
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A
GetStockObject
CreateSolidBrush
CreateRectRgnIndirect
CombineRgn
FillRgn
CreatePalette
GetPaletteEntries
DeleteObject

comdlg32

CommDlgExtendedError

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA
DragQueryPoint
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo

oleaut32

SysAllocStringByteLen
SysFreeString

u32comm

u32IsEscPressed
ufdSplitPathname
LoadSysColorBitmap
DrawIconButton
ufdRemoveBlanks
u32GetOsVersion
c32ShowMb
c32GetString
c32GetDLLErrorInfo
ufdDelSlash
u32GetUleadTempDir
c32SetDLLErrInfo
u32MoveWindow
ufdAddSlash
c32ResetDLLErrInfo

u32file

ufFileGetFileData
ufFileGetFileFmtNum
u32FileGetSaveFileName
u32FileFreeFileData
u32FileGetOpenFileName
u32FileShowOpenDlg
ufFileRead
ufFileGetFormatInfo
ufFileWriteFrame
ufIsFileExist
ufFileWrite
ufFileReadFrame

u32video

uVideoGetSaveFileName
uVideoFileOpenHookProc
uVideoShowDurationDB
uVideoSaveVideo
uVideoExit
uVideoInit
uVideoGetFileFmtNum
uVideoFreeSaveFileInfo
uVideoGetOpenFileName
uVideoGetFileInfo
uVideoReadVideoBegin
uVideoFreeFileInfo
uVideoReadVideo
uVideoReadVideoEnd
uVideoFileSaveHookProc

msvcp60

??1_Lockit@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Xlen@std@@YAXXZ

u32tx

u32TxBufResize
u32TxAction

Sections

.text
Size: 964KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5009e7a40b046c251e087a62d4ee300

Headers

File Characteristics

Imports

wufocomp

veui32

u32plug

u32cfg

u32fido

u32sn

uwupdate

winmm

mpr

usscvt

u32base

ussgifsa

ussjpgen

ushadow

u32sel

upictrl

urender

maskop

version

ucsrwufo

u32path

managead

pngfio

uaboutbox

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

oleaut32

u32comm

u32file

u32video

msvcp60

u32tx

Sections

.text Size: 964KB - Virtual size: 960KB

.rdata Size: 188KB - Virtual size: 184KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 452KB - Virtual size: 452KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 964KB - Virtual size: 960KB

.rdata
Size: 188KB - Virtual size: 184KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 452KB - Virtual size: 452KB

.UPX0
Size: 104KB - Virtual size: 252KB