2459b043...7114 | Files
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: -
Threat Names:
Gen:Variant.Ransom.Ouroboros.29

H599vWMi0EnZIsXh.exe

Windows Exe (x86-32)

Created at 2020-03-22T01:18:00

...
Master Boot Record Changes
»
Sector Number Sector Size Actions
2063 512 Bytes
...


Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\H599vWMi0EnZIsXh.exe Sample File Binary
Malicious
...
»
Mime Type application/vnd.microsoft.portable-executable
File Size 512.50 KB
MD5 ba32e4efcf7daee7d8adaa2e62ee013b Copy to Clipboard
SHA1 19e13a32db46bb1d6d1834d9daa0ef7e182e55a4 Copy to Clipboard
SHA256 2459b0437f28b5a0d98e10342e80b56fbb6f10c848fe942bb695bdc36f9c7114 Copy to Clipboard
SSDeep 12288:kzjgHA5qJrmzvTNKoL5jTUaJmerePsON6nCiDgww7bvxC5QLoV9DjH+n5:SgQqJ4vDTMoePZt4mIDjHw Copy to Clipboard
ImpHash 85561b2e917de65a78f9c5ee23713b1b Copy to Clipboard
PE Information
»
Image Base 0x400000
Entry Point 0x560530
Size Of Code 0x80000
Size Of Initialized Data 0x1000
Size Of Uninitialized Data 0xe0000
File Type FileType.executable
Subsystem Subsystem.windows_cui
Machine Type MachineType.i386
Compile Timestamp 2020-03-21 10:23:24+00:00
Sections (3)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
UPX0 0x401000 0xe0000 0x0 0x400 IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 0.0
UPX1 0x4e1000 0x80000 0x7f800 0x400 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 7.93
.rsrc 0x561000 0x1000 0x600 0x7fc00 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 3.89
Imports (9)
»
ADVAPI32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RegCloseKey 0x0 0x5612a4 0x1612a4 0x7fea4 0x0
IPHLPAPI.DLL (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
GetAdaptersInfo 0x0 0x5612ac 0x1612ac 0x7feac 0x0
KERNEL32.DLL (4)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
LoadLibraryA 0x0 0x5612b4 0x1612b4 0x7feb4 0x0
ExitProcess 0x0 0x5612b8 0x1612b8 0x7feb8 0x0
GetProcAddress 0x0 0x5612bc 0x1612bc 0x7febc 0x0
VirtualProtect 0x0 0x5612c0 0x1612c0 0x7fec0 0x0
NETAPI32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
NetShareEnum 0x0 0x5612c8 0x1612c8 0x7fec8 0x0
ntdll.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
NtQueryObject 0x0 0x5612d0 0x1612d0 0x7fed0 0x0
PSAPI.DLL (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
EnumProcesses 0x0 0x5612d8 0x1612d8 0x7fed8 0x0
RstrtMgr.DLL (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RmGetList 0x0 0x5612e0 0x1612e0 0x7fee0 0x0
USER32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ShowWindow 0x0 0x5612e8 0x1612e8 0x7fee8 0x0
WS2_32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
select 0x12 0x5612f0 0x1612f0 0x7fef0 -
Memory Dumps (63)
»
Name Process ID Start VA End VA Dump Reason PE Rebuild Bitness Entry Point AV YARA Actions
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF First Execution True 32-bit 0x00560530 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0043FDFC False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B704D False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0049A970 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004019F0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B385B False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00485DDB False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00422330 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00457210 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004039B0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00402980 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004A4028 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00402615 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0049A3F0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004A8605 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00410790 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0044C270 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004BE8E0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B7316 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0040C230 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004A5CCE False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00472F70 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0042F310 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004578D0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004410C0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0040EB30 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0043C850 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004392F0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00437F80 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B7295 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0043E241 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B0B66 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00424C60 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00414000 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00411424 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00426DD0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00418BF0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00408120 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0040EEC7 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0040F000 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0040D011 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0041903F False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00443120 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00409FC0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00474690 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00415B20 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0046ABE0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004A9595 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B7295 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0049BF0A False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00483210 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004074A0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00415B20 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00443120 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004587A0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0045EC60 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B7295 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00483210 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004B7295 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x004587A0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x0046ABE0 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Content Changed True 32-bit 0x00417B60 False False
...
h599vwmi0enzisxh.exe 1 0x00400000 0x00561FFF Final Dump True 32-bit 0x00442D00 False False
...
Local AV Matches (1)
»
Threat Name Severity
Gen:Variant.Ransom.Ouroboros.29
Malicious
\\?\c:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 72.06 MB
MD5 e6661c6cb6f499960bea3c4a7007b5f2 Copy to Clipboard
SHA1 1922491bb812b828c108d939596b73212f2072ec Copy to Clipboard
SHA256 9dd6b6956d3d6cf0893670aeba34cf3d15f2a08cbe39de714f01a43b6f9869a2 Copy to Clipboard
SSDeep 196608:INoaO3G2br43FFipdkhnyOA18EgoIyoYkVAVVgKQYblBz2r91OCN3+F:T3G2brkFFiwyfWyoYkWVVDblBy4F Copy to Clipboard
ImpHash -
\\?\c:\Program Files (x86)\Java\jre7\lib\rt.jar Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 49.14 MB
MD5 84e1e98d69d246541c1b0b52251dcd7a Copy to Clipboard
SHA1 6043007b66fb5df1cae9b506a513a3e4836dddb5 Copy to Clipboard
SHA256 126204ca67c311a21d4f81030ec326bd949587b7580cf7761981913b03c6d717 Copy to Clipboard
SSDeep 196608:Ec7LTMS23VDIBufgkRRicv8ZPLinpM/0eoziCNW7rSW7EtRwqDBvxCf+3g9GOsZM:EgLYPNIBuTLiaM/0eout6dtHxeCTo Copy to Clipboard
ImpHash -
\\?\c:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPrWW.cab Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 169.49 MB
MD5 ce5b45eb124fce3de3ab6555fe50736d Copy to Clipboard
SHA1 4cdb57579b9efe16b83091702b4a3c52a5090f8e Copy to Clipboard
SHA256 ea9eb839c03cbc00cadd31d2b11fe9ecdcd0e79fe8ce8a892f8dec63164ee483 Copy to Clipboard
SSDeep 196608:yvk6EfTADNpg6E2fDr32lxLhC1JSX6xQVGVunMENCJ29BuDI6:mSADNpgcfP3qXC/SKxQQ4nMENCJCIDT Copy to Clipboard
ImpHash -
\\?\c:\Program Files (x86)\Adobe\Reader 10.0\Setup Files\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\Data1.cab Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 122.25 MB
MD5 f68833a90d9c4a3c21d27bb38f268e85 Copy to Clipboard
SHA1 f01ebbd97f7f2391846cb57b742741eb88a984be Copy to Clipboard
SHA256 70fb6648a938276200a0d7b6608351a1e9d658dc7b0a8b39497c7195bca5a3a8 Copy to Clipboard
SSDeep 196608:t6G4TLQx3upT4QZbw9Npt2R3RiGGnA64zO3m/HqhkFYoKmDHu8fX7xE1:t6N+3gT4QhcNnGGnAry3YHqhwYTmDO80 Copy to Clipboard
ImpHash -
\\?\c:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPrWW2.cab Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 212.62 MB
MD5 eee8e8e43a995c2dc7aa422635ed1079 Copy to Clipboard
SHA1 c1204afb2b991aada581ae94622afc171b733909 Copy to Clipboard
SHA256 2af8de3b4d732305502b1d4d0e8b49a786e5412995a90a322bdd2eff1caddf12 Copy to Clipboard
SSDeep 196608:3EbPw7/YU37WhJgHZX93qP9bTxc44M2QaRKqbRnrRBuLQhCCha:3iwrp36h258Vb154tQOKqN9Bu5Ca Copy to Clipboard
ImpHash -
\\?\c:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.cab Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 185.98 MB
MD5 f96404c5e72288ddaae9eb0da62709bb Copy to Clipboard
SHA1 aa0e505bd55aeec481051a7abc8862585fabc1c0 Copy to Clipboard
SHA256 8601b340797c5daef0cb89f283444f8bd9fad25ad1def5aa82184006943e8d22 Copy to Clipboard
SSDeep 196608:0zkd+2ob+KBV4M5Zle9wallMiQ6xh2w8fkpBt21QilW40aEZHeVdbFLuguHa:hcVJBje9Zl3Zgw8sjuWeENib5T7 Copy to Clipboard
ImpHash -
\\?\c:\Recovery\e9e23962-4a25-11e7-88e8-91fb2ec43f0b\Winre.wim Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 161.38 MB
MD5 06188f80ce6a996ebd987b3e99dfd9e0 Copy to Clipboard
SHA1 815edd37a6565668254dc0a51d13dba604383c52 Copy to Clipboard
SHA256 7e4ad592ea0aed8d4005a1df607002f38a84ddb15fcc132dd57868b973983087 Copy to Clipboard
SSDeep 196608:/TvqQWJ18hdEkWaC9xKUiNFmygkxy3QV4URehfNPFDZOCwWzQ+ho:/Tyhidmx+FVguy3U4YAVB040wo Copy to Clipboard
ImpHash -
\\?\c:\Program Files\Microsoft Office\Templates\1033\FiveRules.potx Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 31.65 MB
MD5 25dfcbcab84022fe81d6027d5aa8e4f6 Copy to Clipboard
SHA1 f84a33dc246a53b9a2eba6535e41988e70ff9f96 Copy to Clipboard
SHA256 19b36c9d9e507f6f5f2130bdce57e85932e97aa836a602e4e50dec1c25c46166 Copy to Clipboard
SSDeep 196608:tumRgGd3ikcunVGa1kex0MkqdL74OSnC1rXayll3MTerYNQttMur+XL:c6XcCVv0MkExSnC1rBl6Kt7re Copy to Clipboard
ImpHash -
\\?\c:\ProgramData\datakeys\tempkey.teslarvngkeys Dropped File Stream
Unknown
...
»
Also Known As \\?\c:\teslarvng\tempkey.teslarvngkeys (Dropped File)
Mime Type application/octet-stream
File Size 514 Bytes
MD5 e45f06027013fa0e2b8f0f24e2272768 Copy to Clipboard
SHA1 26d1ba394ad2d1cbd8e29e6bc59b6e566f2aced4 Copy to Clipboard
SHA256 4832fe427b257d30d321e0a65cad92bd1125ebc0692c0d4df1102b5fb8894a18 Copy to Clipboard
SSDeep 12:i0c4eDdpcOAsYtkJdG084zmw85kei9Le2RxQB1UvsI:i0c4r4ZJI0RYXide2nQBjI Copy to Clipboard
ImpHash -
\\?\c:\ProgramData\datakeys\pos.txt Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 6 Bytes
MD5 7493d8cbb0315336e669479de9481bf9 Copy to Clipboard
SHA1 4e552ad713849f7588b307a2f1bce31b31b7c568 Copy to Clipboard
SHA256 045467a8279abdf2244f3e8cbba37b7c7e1eca18aab2b830ff45c0987c7bebfc Copy to Clipboard
SSDeep 3:un:un Copy to Clipboard
ImpHash -
\\?\c:\teslarvng\How To Recover.txt Dropped File Text
Unknown
...
»
Mime Type text/plain
File Size 1.70 KB
MD5 03fe97abaefcc3fb9de2afce5dc5b91d Copy to Clipboard
SHA1 0c2284c98cdcda2b6f5073fffd5f87aa224ad2c6 Copy to Clipboard
SHA256 41344f6750cd4290302071ef67261268e67a6ca1cbb9a2b92371d9d068c08a91 Copy to Clipboard
SSDeep 24:3VYI7xRyLzw6dChxP+FRKg3+Em3yn+NnMf/muiADEgb8rgKKVtNfBi7Vibcl2qfp:3VdILbsDhahm3yi17gb8MKXv0I9rkw Copy to Clipboard
ImpHash -
\\?\c:\ProgramData\Adobe\Extension Manager CC\Logs\c.txt Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 2.45 KB
MD5 bce8b5ee705fbceb8aef6909dfd0839b Copy to Clipboard
SHA1 4000bbf0b3240a8bfda0bcc0dec0e9390e481132 Copy to Clipboard
SHA256 7932490fdd388c9b09e69b5ea03dc76d295af3ebcfd722a5f2f13106012739ab Copy to Clipboard
SSDeep 24:q0oFVoFoj+Aa2AQcA3oF0tFMqMddEVKdZlVaL3jGKfjENdRZN2sl5dNlFG:Awc+uut0F2dzdCGGENd/B5dNlY Copy to Clipboard
ImpHash -
\\?\c:\ProgramData\Adobe\Extension Manager CC\Logs\fails.txt Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 4.34 KB
MD5 b8b83a64cdb90b50505482ba5349e383 Copy to Clipboard
SHA1 4e5b51bf29a2b7901192d74d7c5cd308c46a2619 Copy to Clipboard
SHA256 78fe5bfa33ebcc4da73baa257932f3a08a6091d0d047c166226c02ff25ef0a88 Copy to Clipboard
SSDeep 48:joTA7CT9TZMTDhwyTrbXTD4wyTDciwyTtcrgTDlvwyTfbXTD2wyTDQvwyTtcg7TS:1AuVZnra4qLN4Umx6rdwc8 Copy to Clipboard
ImpHash -
41 Dropped File Unknown
Not Queried
...
»
Mime Type -
File Size 0 Bytes
MD5 d41d8cd98f00b204e9800998ecf8427e Copy to Clipboard
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 Copy to Clipboard
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Copy to Clipboard
SSDeep 3:: Copy to Clipboard
ImpHash -
VMRay - Analyzer - www.vmray.com
Legal Note
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image