4b29ac68b5b3e55daa04d70f20bc53812e14c4297ba62f8ec2dc21bf0952efc4

Sharing

Copy URL Twitter E-mail

General

Target

4b29ac68b5b3e55daa04d70f20bc53812e14c4297ba62f8ec2dc21bf0952efc4
Size

6.1MB
MD5

d239c0f4a0888063744252694efd4b2f
SHA1

2bf7c3bef7f586db4eb41697896c4f432df2f396
SHA256

4b29ac68b5b3e55daa04d70f20bc53812e14c4297ba62f8ec2dc21bf0952efc4
SHA512

412e6013d143c032752d5514654df8d7e4619d12f11a163ba4d6d933d1dcc85393acbc4d279bfaa5a2752c906847b5ebf5b6dad1065a85199e6d191b607ea929
SSDEEP

98304:PeCqHyXHgslO2WfnC3PY1nj2vyAcRm9JjUIO/9EHFoQ9:PtqHyXFO2esYrCBUImElZ9

Score

1^/10

Malware Config

Signatures

Files

4b29ac68b5b3e55daa04d70f20bc53812e14c4297ba62f8ec2dc21bf0952efc4
.exe windows:5 windows x86 arch:x86

edf1dc6089c8780b20f594b746abcc4d

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:96:d2:56:44:93:23:61:0b:79:65:20:54:21:f3:96
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/05/2021, 00:00

Not After

29/05/2024, 23:59

Subject

CN=天津六六游科技有限公司,O=天津六六游科技有限公司,ST=天津市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3f:93:13:8f:3f:7a:44:ba:72:dd:12:0d:ee:fd:a4:39:24:c7:22:38:f7:84:87:dd:11:aa:e4:50:f2:0a:c5:e7
Signer

Actual PE Digest

3f:93:13:8f:3f:7a:44:ba:72:dd:12:0d:ee:fd:a4:39:24:c7:22:38:f7:84:87:dd:11:aa:e4:50:f2:0a:c5:e7

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\.jenkins\workspace\gamemaster\Hall\Release\LDSGameHall.pdb

Imports

kernel32

SwitchToThread
OpenMutexW
GetSystemInfo
WideCharToMultiByte
GlobalHandle
GlobalFree
FindClose
lstrlenW
OpenEventW
LoadLibraryExW
GetStartupInfoW
OutputDebugStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempPathW
CreateDirectoryW
SetFileAttributesW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileExW
VirtualFreeEx
MoveFileW
PeekNamedPipe
GetSystemDirectoryW
DecodePointer
FreeResource
VirtualProtect
SetErrorMode
GetLocalTime
IsBadReadPtr
GetFileTime
WaitForSingleObjectEx
GetFullPathNameW
GetFileSize
lstrlenA
GlobalLock
GetVersion
DosDateTimeToFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
OpenProcess
HeapSetInformation
GetProcessHeaps
LocalFree
GlobalMemoryStatusEx
InterlockedCompareExchange
InterlockedExchange
RtlCaptureStackBackTrace
MultiByteToWideChar
GlobalFindAtomW
GlobalAddAtomW
ExpandEnvironmentStringsW
GetModuleHandleW
GetTickCount
Sleep
GetCurrentThreadId
GetCurrentProcess
DeleteFileW
CreateFileW
GetModuleFileNameW
LoadLibraryW
CreateEventW
lstrcpynW
GlobalAlloc
AttachConsole
AllocConsole
AssignProcessToJobObject
SetPriorityClass
CreateProcessW
CreatePipe
SetHandleInformation
GetStdHandle
ResumeThread
Process32NextW
Process32FirstW
SetInformationJobObject
GetVersionExW
QueryPerformanceFrequency
QueryPerformanceCounter
UnregisterWaitEx
RegisterWaitForSingleObject
GetDiskFreeSpaceExW
OutputDebugStringA
GetCommandLineW
GetModuleHandleExW
GetModuleHandleExA
GetModuleHandleA
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
CreateMutexW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
FindFirstFileExA
ReadConsoleW
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
SetConsoleCtrlHandler
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetModuleFileNameA
ExitThread
GetConsoleMode
GetConsoleCP
ExitProcess
GetFileAttributesExW
RtlUnwind
FindNextFileA
FindFirstFileA
WaitForMultipleObjectsEx
lstrcmpW
InterlockedFlushSList
ReleaseSemaphore
SetProcessAffinityMask
FreeLibraryAndExitThread
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
VirtualQuery
UnhandledExceptionFilter
OpenFileMappingW
GetSystemWindowsDirectoryW
CreateFileA
lstrcmpiA
lstrcmpA
DeviceIoControl
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetCPInfo
GetStringTypeW
GetLocaleInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FormatMessageA
FileTimeToSystemTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetNativeSystemInfo
GetSystemTimeAsFileTime
DuplicateHandle
SetFilePointer
WaitForMultipleObjects
WaitForSingleObject
ReleaseMutex
ResetEvent
TryEnterCriticalSection
IsDebuggerPresent
PostQueuedCompletionStatus
MulDiv
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
SetFilePointerEx
SetEndOfFile
FlushFileBuffers
ReadFile
WriteFile
GetFileSizeEx
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FreeLibrary
InterlockedDecrement
InterlockedIncrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
LockResource
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
lstrcmpiW
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetCurrentProcessId
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
LCMapStringW
CompareStringW
EncodePointer
FormatMessageW
GetACP
GetCurrentDirectoryW
SetCurrentDirectoryW
GetLongPathNameW
RemoveDirectoryW
GetDriveTypeW
GetPrivateProfileIntW
LocalFileTimeToFileTime
GetSystemTime
GetShortPathNameW
LocalAlloc
GetTempFileNameW
SuspendThread
GetExitCodeThread
TerminateThread
GetThreadTimes
GetThreadPriority
GetThreadPriorityBoost
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SetThreadPriority
GetProcessId
GetCurrentThread
CreateThread
SetUnhandledExceptionFilter
GetExitCodeProcess
QueryDepthSList
GlobalUnlock
GetEnvironmentStringsW
HeapAlloc
HeapDestroy
TerminateProcess
GetProcAddress

user32

SendMessageW
IsWindow
ShowWindow
GetWindowTextW
GetWindowThreadProcessId
SetWinEventHook
UnhookWinEvent
MoveWindow
BringWindowToTop
SetWindowLongW
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
WaitMessage
DefWindowProcW
PostQuitMessage
RegisterClassExW
CreateWindowExW
DestroyWindow
LoadCursorW
CallMsgFilterW
CharUpperW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
GetActiveWindow
RegisterWindowMessageW
CallWindowProcW
GetClassInfoExW
PtInRect
SetWindowPos
GetDlgItem
CharNextW
SetFocus
GetFocus
SetCapture
ReleaseCapture
CreateAcceleratorTableW
DestroyAcceleratorTable
GetDC
ReleaseDC
BeginPaint
EndPaint
UnregisterClassA
SetCaretPos
ShowCaret
HideCaret
CreateCaret
RemovePropW
AdjustWindowRectEx
GetPropW
SetPropW
GetMenu
RegisterClassW
wsprintfW
UnionRect
InflateRect
wvsprintfW
DrawIconEx
SetRect
UnregisterClassW
SetCursor
IsChild
CreatePopupMenu
GetCursorPos
ScreenToClient
CopyRect
DrawTextW
CharPrevW
CopyImage
GetUpdateRect
GetKeyState
GetMessageW
InvalidateRect
InvalidateRgn
RedrawWindow
SetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
ClientToScreen
MapWindowPoints
GetSysColor
FillRect
GetWindowLongW
GetDesktopWindow
GetParent
GetClassNameW
GetWindow
LoadIconW
LoadImageW
MonitorFromWindow
GetMonitorInfoW
EndDialog
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
WindowFromPoint
ShowWindowAsync
IsIconic
IsDialogMessageW
UpdateLayeredWindow
GetIconInfo
CreateIconIndirect
DestroyIcon
EnableWindow
FindWindowExW
WaitForInputIdle
SendMessageTimeoutW
SetLayeredWindowAttributes
SystemParametersInfoW
GetAncestor
GetWindowInfo
GetShellWindow
GetForegroundWindow
IsWindowVisible
MonitorFromPoint
MapDialogRect
FindWindowW
IsRectEmpty
OffsetRect
FrameRect
SetWindowContextHelpId
SetWindowRgn
GetWindowDC
SetForegroundWindow
TrackPopupMenu
AppendMenuW
DestroyMenu
IsZoomed
GetSystemMetrics
DialogBoxParamW
CreateDialogIndirectParamW
CreateDialogParamW
IntersectRect

gdi32

CreateRectRgn
CombineRgn
SetDIBColorTable
CreateDIBSection
GetDIBits
SetViewportOrgEx
ExtTextOutW
SetBkColor
CreateRoundRectRgn
CreateFontW
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetDIBitsToDevice
GetTextExtentPoint32W
ChoosePixelFormat
SetPixelFormat
CreateFontIndirectW
CreatePen
Rectangle
RestoreDC
SaveDC
GetTextMetricsW
SetWindowOrgEx
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW
GdiFlush
CreateDCW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

SetTokenInformation
RegOpenKeyExA
RegEnumKeyExA
GetUserNameW
RegCreateKeyW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
CloseServiceHandle
FreeSid
AllocateAndInitializeSid
EqualSid
OpenThreadToken
CreateProcessAsUserW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
TraceEvent
RegSetValueExW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptContextAddRef
AdjustTokenPrivileges
CreateWellKnownSid
GetLengthSid
LookupPrivilegeValueW
DuplicateTokenEx
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptSetKeyParam
CryptGenRandom
CryptImportKey
CryptEncrypt
CryptDecrypt
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW
ord680
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ord165
SHGetFolderPathA
SHCreateDirectoryExA
SHFileOperationW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
ord75
SHChangeNotify
CommandLineToArgvW
SHLoadInProc

ole32

CoInitializeSecurity
OleRun
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance
CoGetObject
CoSetProxyBlanket
StringFromGUID2
CoInitializeEx
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
OleLockRunning
StringFromCLSID
CreateStreamOnHGlobal
CoTaskMemRealloc
PropVariantClear

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SysAllocStringLen
DispCallFunc
GetActiveObject
VariantClear
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SafeArrayPutElement
SafeArrayCreate
VariantInit
SysStringLen
SafeArrayUnaccessData
SysStringByteLen
SysAllocString
SysFreeString

shlwapi

StrTrimA
SHSetValueA
PathRemoveFileSpecW
PathIsRelativeW
SHGetValueW
AssocQueryStringW
PathCompactPathW
PathIsRootW
PathRelativePathToW
wnsprintfA
StrToIntExW
PathIsURLW
PathStripToRootW
SHDeleteValueW
wnsprintfW
SHCreateStreamOnFileEx
PathFileExistsW
PathFindFileNameW
StrCmpIW
SHSetValueW
SHDeleteKeyW
PathFindExtensionW
PathFileExistsA
PathAppendA
ord154
wvnsprintfW
wvnsprintfA
StrToInt64ExW
StrToIntW
StrStrIW
StrStrIA
StrCmpNIW
PathAppendW
PathCombineW
SHGetValueA
StrCpyNW
PathIsDirectoryW

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

msimg32

AlphaBlend
GradientFill

opengl32

wglCreateContext
wglDeleteContext
wglMakeCurrent
glGetString

gdiplus

GdipDrawImageI
GdipSetInterpolationMode
GdipBitmapUnlockBits
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImagePointsI
GdipFillPath
GdipCloneBitmapAreaI
GdipSaveImageToFile
GdipCreateTexture
GdipAddPathArcI
GdipClosePathFigure
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipDrawImageRectRect
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipGraphicsClear
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipDrawEllipseI
GdipDrawPath
GdipDeletePen
GdipCreatePen1
ord1
GdipDeletePath
GdipCreatePath
GdipFillEllipseI
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDrawImagePointRectI
GdipBitmapSetPixel
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectRectI

winhttp

WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpSetCredentials
WinHttpSetTimeouts
WinHttpQueryHeaders
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpOpenRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpReceiveResponse

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wininet

InternetSetOptionW
GetUrlCacheEntryInfoW
InternetSetCookieW
InternetGetConnectedState

dbghelp

SymFromAddr
StackWalk64
SymInitialize
SymGetLineFromAddr64
SymSetOptions
SymFunctionTableAccess64
SymGetModuleBase64

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

EnumProcesses
GetModuleFileNameExW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

secur32

GetUserNameExW

iphlpapi

GetAdaptersInfo

crypt32

CryptStringToBinaryA
CryptBinaryToStringW
CryptBinaryToStringA
CertGetNameStringW
CryptStringToBinaryW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 805KB - Virtual size: 805KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 888KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf1dc6089c8780b20f594b746abcc4d

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

05:96:d2:56:44:93:23:61:0b:79:65:20:54:21:f3:96Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

3f:93:13:8f:3f:7a:44:ba:72:dd:12:0d:ee:fd:a4:39:24:c7:22:38:f7:84:87:dd:11:aa:e4:50:f2:0a:c5:e7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

opengl32

gdiplus

winhttp

winmm

userenv

wininet

dbghelp

version

psapi

urlmon

secur32

iphlpapi

crypt32

wintrust

Exports

Exports

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 805KB - Virtual size: 805KB

.data Size: 68KB - Virtual size: 108KB

.rsrc Size: 888KB - Virtual size: 887KB

.reloc Size: 197KB - Virtual size: 197KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

05:96:d2:56:44:93:23:61:0b:79:65:20:54:21:f3:96
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

3f:93:13:8f:3f:7a:44:ba:72:dd:12:0d:ee:fd:a4:39:24:c7:22:38:f7:84:87:dd:11:aa:e4:50:f2:0a:c5:e7
Signer

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 805KB - Virtual size: 805KB

.data
Size: 68KB - Virtual size: 108KB

.rsrc
Size: 888KB - Virtual size: 887KB

.reloc
Size: 197KB - Virtual size: 197KB