1f0a6c92...919f | Files
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Trojan, Worm

1f0a6c92c237cbf344dedc841259f1da6b2d8742fcafb6926f746a48bbe0919f (SHA256)

%APPDATA%roamingmicrosoftwindowsstart menuprogramsstartup8gfg.exe

Windows Exe (x86-32)

Created at 2019-01-04 14:38:00

...

Notifications (2/2)

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

The operating system was rebooted during the analysis.

Remarks

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\%APPDATA%roamingmicrosoftwindowsstart menuprogramsstartup8gfg.exe Sample File Binary
Malicious
...
»
Also Known As C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YFeKw5dmGYVjgc.exe (Created File)
Mime Type application/x-dosexec
File Size 18.00 KB
MD5 5a054e4b94c144afdf259c0ba19d0693 Copy to Clipboard
SHA1 42449f01ac3e9b0676a75d6053ec3a566d6f14a3 Copy to Clipboard
SHA256 1f0a6c92c237cbf344dedc841259f1da6b2d8742fcafb6926f746a48bbe0919f Copy to Clipboard
SSDeep 384:95/Gu5S5C2js70eOeF5eawczDyhoZhKrbr:9BGX42jsNzNXzDyhoZUrb Copy to Clipboard
ImpHash 8935612d70f873bd2ed516cc8adc8dae Copy to Clipboard
File Reputation Information
»
Severity
Blacklisted
First Seen 2018-12-30 02:05 (UTC+1)
Last Seen 2019-01-02 08:32 (UTC+1)
Names Win32.Trojan.Higuniel
Families Higuniel
Classification Trojan
PE Information
»
Image Base 0x400000
Entry Point 0x4023f9
Size Of Code 0x1600
Size Of Initialized Data 0x2e00
File Type executable
Subsystem windows_gui
Machine Type i386
Compile Timestamp 2018-12-26 00:13:27+00:00
Sections (5)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x401000 0x14b8 0x1600 0x400 cnt_code, mem_execute, mem_read 6.15
.rdata 0x403000 0x12b2 0x1400 0x1a00 cnt_initialized_data, mem_read 4.2
.data 0x405000 0x177c 0x1200 0x2e00 cnt_initialized_data, mem_read, mem_write 5.26
.rsrc 0x407000 0x234 0x400 0x4000 cnt_initialized_data, mem_read 5.02
.reloc 0x408000 0x334 0x400 0x4400 cnt_initialized_data, mem_discardable, mem_read 4.56
Imports (5)
»
SHLWAPI.dll (6)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
wnsprintfA 0x0 0x4030f4 0x3e14 0x2814 0x16d
StrCmpNW 0x0 0x4030f8 0x3e18 0x2818 0x122
StrStrIW 0x0 0x4030fc 0x3e1c 0x281c 0x145
PathAddBackslashW 0x0 0x403100 0x3e20 0x2820 0x30
PathRemoveFileSpecW 0x0 0x403104 0x3e24 0x2824 0x8b
wnsprintfW 0x0 0x403108 0x3e28 0x2828 0x16e
MPR.dll (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
WNetEnumResourceW 0x0 0x4030d8 0x3df8 0x27f8 0x1c
WNetOpenEnumW 0x0 0x4030dc 0x3dfc 0x27fc 0x3d
WNetCloseEnum 0x0 0x4030e0 0x3e00 0x2800 0x10
KERNEL32.dll (37)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SizeofResource 0x0 0x403040 0x3d60 0x2760 0x4b1
GetModuleHandleA 0x0 0x403044 0x3d64 0x2764 0x215
WideCharToMultiByte 0x0 0x403048 0x3d68 0x2768 0x511
ExitProcess 0x0 0x40304c 0x3d6c 0x276c 0x119
GetTempFileNameW 0x0 0x403050 0x3d70 0x2770 0x283
FindFirstFileW 0x0 0x403054 0x3d74 0x2774 0x139
GetDriveTypeW 0x0 0x403058 0x3d78 0x2778 0x1d3
CreateProcessW 0x0 0x40305c 0x3d7c 0x277c 0xa8
LoadResource 0x0 0x403060 0x3d80 0x2780 0x341
GetLogicalDrives 0x0 0x403064 0x3d84 0x2784 0x209
WriteFile 0x0 0x403068 0x3d88 0x2788 0x525
GetUserDefaultLangID 0x0 0x40306c 0x3d8c 0x278c 0x29c
OpenProcess 0x0 0x403070 0x3d90 0x2790 0x380
CopyFileW 0x0 0x403074 0x3d94 0x2794 0x75
TerminateProcess 0x0 0x403078 0x3d98 0x2798 0x4c0
ReadFile 0x0 0x40307c 0x3d9c 0x279c 0x3c0
FindResourceW 0x0 0x403080 0x3da0 0x27a0 0x14e
CreateFileW 0x0 0x403084 0x3da4 0x27a4 0x8f
GetLastError 0x0 0x403088 0x3da8 0x27a8 0x202
MoveFileW 0x0 0x40308c 0x3dac 0x27ac 0x363
FindClose 0x0 0x403090 0x3db0 0x27b0 0x12e
WaitForMultipleObjects 0x0 0x403094 0x3db4 0x27b4 0x4f7
GetModuleFileNameA 0x0 0x403098 0x3db8 0x27b8 0x213
Process32NextW 0x0 0x40309c 0x3dbc 0x27bc 0x398
lstrcmpiW 0x0 0x4030a0 0x3dc0 0x27c0 0x545
lstrcatW 0x0 0x4030a4 0x3dc4 0x27c4 0x53f
FindNextFileW 0x0 0x4030a8 0x3dc8 0x27c8 0x145
CreateToolhelp32Snapshot 0x0 0x4030ac 0x3dcc 0x27cc 0xbe
CloseHandle 0x0 0x4030b0 0x3dd0 0x27d0 0x52
lstrcpyW 0x0 0x4030b4 0x3dd4 0x27d4 0x548
CreateThread 0x0 0x4030b8 0x3dd8 0x27d8 0xb5
ExpandEnvironmentStringsW 0x0 0x4030bc 0x3ddc 0x27dc 0x11d
GetProcessHeap 0x0 0x4030c0 0x3de0 0x27e0 0x24a
HeapFree 0x0 0x4030c4 0x3de4 0x27e4 0x2cf
HeapAlloc 0x0 0x4030c8 0x3de8 0x27e8 0x2cb
SetFilePointerEx 0x0 0x4030cc 0x3dec 0x27ec 0x467
GetModuleFileNameW 0x0 0x4030d0 0x3df0 0x27f0 0x214
ADVAPI32.dll (15)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CryptDestroyKey 0x0 0x403000 0x3d20 0x2720 0xb7
CryptEncrypt 0x0 0x403004 0x3d24 0x2724 0xba
CryptImportKey 0x0 0x403008 0x3d28 0x2728 0xca
RegSetValueExW 0x0 0x40300c 0x3d2c 0x272c 0x27e
RegCloseKey 0x0 0x403010 0x3d30 0x2730 0x230
ControlService 0x0 0x403014 0x3d34 0x2734 0x5c
CryptGenRandom 0x0 0x403018 0x3d38 0x2738 0xc1
RegOpenKeyW 0x0 0x40301c 0x3d3c 0x273c 0x264
CryptReleaseContext 0x0 0x403020 0x3d40 0x2740 0xcb
GetTokenInformation 0x0 0x403024 0x3d44 0x2744 0x15a
OpenProcessToken 0x0 0x403028 0x3d48 0x2748 0x1f7
CloseServiceHandle 0x0 0x40302c 0x3d4c 0x274c 0x57
CryptAcquireContextW 0x0 0x403030 0x3d50 0x2750 0xb1
OpenServiceW 0x0 0x403034 0x3d54 0x2754 0x1fb
OpenSCManagerW 0x0 0x403038 0x3d58 0x2758 0x1f9
SHELL32.dll (2)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ShellExecuteW 0x0 0x4030e8 0x3e08 0x2808 0x122
SHGetFolderPathW 0x0 0x4030ec 0x3e0c 0x280c 0xc3
YARA Matches
»
Rule Name Rule Description Classification Severity Actions
OlympicDestroyer_Gen1 Olympic Destroyer destructive malware Worm
5/5
...
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YFeKw5dmGYVjgc.exe Created File Unknown
Whitelisted
...
»
Also Known As C:\Users\5P5NRG~1\AppData\Local\Temp\1296.tmp (Created File)
Mime Type application/x-empty
File Size 0.00 KB
MD5 d41d8cd98f00b204e9800998ecf8427e Copy to Clipboard
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 Copy to Clipboard
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Copy to Clipboard
SSDeep 3:: Copy to Clipboard
File Reputation Information
»
Severity
Whitelisted
First Seen 2011-05-27 11:27 (UTC+2)
Last Seen 2017-04-19 12:47 (UTC+2)
\\?\C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PptLR.cab Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 f9a8a5aeaa1312e63b4ee59a8d53f748 Copy to Clipboard
SHA1 877e3e73c306afef2bfd8e89ea30ed6de648e710 Copy to Clipboard
SHA256 b270b3b867f9fd7ce1dcedd10847f34b06cef027f88790bb56eea61cad0e9db3 Copy to Clipboard
SSDeep 196608:uBT+FUVOwJ4WerdbzDDPMX81eg3hPol9y8mjlnzl7Z7yPpWfQbXa4Fxt5M:V66WuFz/w81nhsFmx5NyxbXDc Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml Modified File Stream
Unknown
...
»
Also Known As \\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 2.49 KB
MD5 aa24cf4316545a6d76559617d9de4e81 Copy to Clipboard
SHA1 84a8f9ddd37b0b64589418122e3c5af4dc664d33 Copy to Clipboard
SHA256 0b92f62ee86a7acad8e983dfce98bff8297daec0405efdf1942993fe0df0fbd6 Copy to Clipboard
SSDeep 48:uILJqxjAXXwT/n3+rK5ZB7Xr3lGoNBiliZqzKPCsFtV2tM7m:LLwRrXBN73iliUzKZteM6 Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi Modified File Stream
Unknown
...
»
Also Known As \\?\C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 2.39 MB
MD5 86c67c9ce448a0a992cdcd8fd37a227a Copy to Clipboard
SHA1 34da7b9e555263fabdef2e7388855e6a43d4ef04 Copy to Clipboard
SHA256 674e94ed7e8e1f6381843dd39157b93eab518615362aaf89668caeabbee69d60 Copy to Clipboard
SSDeep 49152:LNIDxihRZ2dfi18m90hzj3ixoUKgjs5oz8+YnFqKyxghZf2rXy9SB44qXcmH:2xihRZ2dfJmOhzDixJLjs5oz8PExAf2U Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml Modified File Stream
Unknown
...
»
Also Known As \\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 1.78 KB
MD5 221c89a6864b87a80374fa2750031774 Copy to Clipboard
SHA1 8bd11313381e0f6d79fe640c4cf80f2b7c6dd48b Copy to Clipboard
SHA256 737192827b0ccfcc11cbebe88972f10e3263ef68e360cb7d34ce894634945102 Copy to Clipboard
SSDeep 24:gXQB0Be6MwjtbToCFMt3/Us0mwnkcPWOes5RcU5LZz9ETnyewUgamQJSx6ixRty/:mM6Rjtb0C21HTwnkWRFlhejy+LU6Es Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi Modified File Stream
Unknown
...
»
Also Known As \\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 2.39 MB
MD5 dfa631eca19d2049def0813c67795367 Copy to Clipboard
SHA1 8d42b115432d3c9d631cb292651b8b94648a5c7f Copy to Clipboard
SHA256 d914b03d007d082875ca7a6c79dace819a099d8785666cb07f122a3a895cf50c Copy to Clipboard
SSDeep 49152:vNIDxihRZ2dfi18m90hzj3ixoUKgjs5oz8+YnFqKyxghZf2rXy9SB44qXc/Ks/gA:KxihRZ2dfJmOhzDixJLjs5oz8PExAf2X Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml Modified File Stream
Unknown
...
»
Also Known As \\?\C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 1.67 KB
MD5 33aba5bec1006aaa6e9aa1bee448c5bd Copy to Clipboard
SHA1 a8aa8df1a51297cdabeefb808b9d40501d7cb7ab Copy to Clipboard
SHA256 11e3ae780ea27b71c9c24130bfbf17718f541e02a7e3245bfbfb03143281fac3 Copy to Clipboard
SSDeep 48:lVF2xoYUc/hZA+Dqssv50zDY8VuHm7Eoa:XAqYUi7U5OY8VuHm4x Copy to Clipboard
\\?\C:\Boot\BCD.LOG1 Modified File Stream
Unknown
...
»
Also Known As \\?\C:\Boot\BCD.LOG1_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
\\?\C:\Boot\BCD.LOG2 (Modified File)
\\?\C:\Boot\BCD.LOG2_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 0.25 KB
MD5 03f18ffb87691417b20dd7ed3c8ff321 Copy to Clipboard
SHA1 2e092399add9b15462b36281860c84f621d9fd16 Copy to Clipboard
SHA256 0fd66a6aa358db1fbc1f659e62fc64ea19ca3e3b5b2983b85cf6c208b9f23c45 Copy to Clipboard
SSDeep 6:xv7ShRLN3HQ7GT6Q+Tfpz+SaXJAMApPCNtFdzGcW+l:xkNAy21LpQ6sN3d6cll Copy to Clipboard
\\?\C:\Boot\BOOTSTAT.DAT Modified File Stream
Unknown
...
»
Also Known As \\?\C:\Boot\BOOTSTAT.DAT_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP (Created File)
Mime Type application/octet-stream
File Size 64.25 KB
MD5 f80b8d8edf9ab436b266c3d91821c102 Copy to Clipboard
SHA1 70075093913574e5ddcaa5671d3a46e85d90013b Copy to Clipboard
SHA256 49f0fd5d8691008879a85ca4e86d70fe367ece1ce65140eb4e9e552b6c116fe2 Copy to Clipboard
SSDeep 1536:cUhPOcd7UhPOcd7UhPOcd7UhPOcd7UhPOcd7UhPOcd7UhI:cUhPOcFUhPOcFUhPOcFUhPOcFUhPOcF+ Copy to Clipboard
debug.log Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 7.76 KB
MD5 a67db75a1f2f813da54317a661354887 Copy to Clipboard
SHA1 b37f2701fc414201a0af34820e6b896c27ef9a75 Copy to Clipboard
SHA256 cc4a7f6af53cea59dffde21082d2c7cc3f20c29f98228b43f8c9a4aa1e929355 Copy to Clipboard
SSDeep 96:bGsQaziuw6fc6dZeDmhZKv/MyJ20XUKCr70zZgp7A21aII:1hzLfBvgf Copy to Clipboard
\\?\C:\Boot\cs-CZ\$%%! NOTE ABOUT FILES -=!-.html Created File Text
Unknown
...
»
Also Known As \\?\C:\Boot\da-DK\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\de-DE\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\el-GR\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\en-US\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\es-ES\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\fi-FI\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\Fonts\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\fr-FR\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\hu-HU\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\it-IT\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\ja-JP\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\ko-KR\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\nb-NO\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\nl-NL\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\pl-PL\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\pt-BR\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\pt-PT\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\ru-RU\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\sv-SE\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\tr-TR\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\zh-CN\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\zh-HK\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\zh-TW\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Boot\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\Config.Msi\$%%! NOTE ABOUT FILES -=!-.html (Created File)
\\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\$%%! NOTE ABOUT FILES -=!-.html (Created File)
Mime Type text/html
File Size 3.80 KB
MD5 2de785d1c95cbccdfa87db48edcb7cae Copy to Clipboard
SHA1 72b977a464cc16fbe2a2be391b276752353cf009 Copy to Clipboard
SHA256 4f3ace85ad315ccae5a828098d493b65e2ab0b0f9c13d0b0746f1056e7358be1 Copy to Clipboard
SSDeep 48:CF5bDvFKFkDGAyORAeUcnyvUFkUMUW8feeyWe9fZhi3Lhhxmyk4r+yf6HD3MQC:qxDtxyK1Uc/MUW8feiYfZhehG4Jfga Copy to Clipboard
C:\Users\5P5NRG~1\AppData\Local\Temp\1296.tmp.bat Created File Text
Unknown
...
»
Mime Type text/x-msdos-batch
File Size 0.30 KB
MD5 2e83fd14e6b70b3b3b3a7b1c47b2fc1f Copy to Clipboard
SHA1 a60113e1e6be64da73695c5ec56ba9fef1409392 Copy to Clipboard
SHA256 244fe82fa86db3766b8df452f52ecd1c3daf7db51ff8c12315d5477a35aa1a56 Copy to Clipboard
SSDeep 6:hHUTk4FA8y40MhiXoKKWOrIvMD2UUTk4FA8y40MhiXoKKWOrY0/Hm1gfbci23fSD:eT6x40MkXXNOqT6x40MkXXNOM0/Hm+zn Copy to Clipboard
\\?\C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelLR.cab_9c4rmT6TdKfuH9Ft_{alexbanan@tuta.io}.CORP Created File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 10.00 MB
MD5 15a0fef8a1ade304c039f05a7912fe24 Copy to Clipboard
SHA1 5c75410864654578995e6403198e337ce1eb47fc Copy to Clipboard
SHA256 cf531fd661768bb410cc89b2600c42873ee27fcac66c9e29c717eefd69788299 Copy to Clipboard
SSDeep 196608:kkI0ShKgPbqrX+O+TtdjBU8PMIXiIJ5towFXg2j95eCp:knTK4WrtgBUwUq5mwFg2H7 Copy to Clipboard
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image