54303e5a...fd2e | Environment
Logo
Try VMRay Analyzer
VTI SCORE: 95/100
Dynamic Analysis Report
Classification: -

54303e5aa05db2becbef0978baa60775858899b17a5d372365ba3c5b1220fd2e (SHA256)

DOC2410201810718458.xls

Excel Document

Created at 2018-10-24 06:15:00

...

Notifications (1/1)

Due to a WHOIS service error, no query could be made to get WHOIS data of any contacted domain.

Virtual Machine Information

Name win7_64_sp1-mso2016
Description -
Architecture x86 64-bit
Operating System Windows 7
Kernel Version 6.1.7601.17514 (3844dbb9-2017-4967-be7a-a4a2c20430fa)

System Information

Computer Name YKYD69Q
User Domain YKYD69Q
User Name aETAdzjz
User Profile C:\Users\aETAdzjz
Temp Directory C:\Users\aETAdzjz\AppData\Local\Temp
System Root C:\Windows
Sample Directory C:\Users\aETAdzjz\Desktop

Software Information

Adobe Acrobat Reader Version 10.0.0
Microsoft Office 2016
Microsoft Office Version 16.0.8431.2079
Internet Explorer Version 8.0.7601.17514
Chrome Version 59.0.3071.115
Firefox Version 25.0
Flash Version 11.2.202.233
Java Version 7.0.710.14
Microsoft Project Version 16.0.8431.2079
Microsoft Visio Version 16.0.8431.2079

Randomly Created Artifacts

This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.

Processes (17)
»
Filename PID GUI
C:\Program Files (x86)\MSBuild\banks_tall_knives.exe #300 False
C:\Program Files (x86)\Microsoft Office\birmingham.exe #452 False
C:\Program Files (x86)\Microsoft OneDrive\authorities.exe #528 False
C:\Program Files (x86)\Reference Assemblies\metres.exe #1324 False
C:\Program Files (x86)\Windows Defender\partnerships destroy contributing.exe #1328 False
C:\Program Files (x86)\Windows NT\clinical.exe #1532 False
C:\Program Files\Common Files\staffing.exe #324 True
C:\Program Files\DVD Maker\beautifully.exe #1648 False
C:\Program Files\Microsoft Office 15\showing.exe #848 False
C:\Program Files\Windows Defender\dispatched.exe #1068 False
C:\Program Files\Windows Defender\operates.exe #1656 False
C:\Program Files\Windows Defender\translator.exe #1284 False
C:\Program Files\Windows Journal\forestry.exe #1428 False
C:\Program Files\Windows Journal\notified.exe #792 False
C:\Program Files\Windows Mail\span.exe #2060 True
C:\Program Files\Windows Portable Devices\henceallanbiographies.exe #1200 False
C:\Program Files\Windows Portable Devices\pleasure_sleeping.exe #544 False
Files (260)
»
Filename
C:\Users\aETAdzjz\AppData\Local\Temp\0JOYAxe.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\15BvVx3w.flv
C:\Users\aETAdzjz\AppData\Local\Temp\1xS mZzFmyvtq-SVym.png
C:\Users\aETAdzjz\AppData\Local\Temp\2FD1Q1HYPZHvzdjcuH.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\4 Uav80WxqVCyMyB-_v.ods
C:\Users\aETAdzjz\AppData\Local\Temp\4Sm8fc vTjUkONq7cu.xlsx
C:\Users\aETAdzjz\AppData\Local\Temp\AahC793.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\CfBkpAAc9n.ppt
C:\Users\aETAdzjz\AppData\Local\Temp\DdbygU3JiWuhCjQ.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\G_u49.jpg
C:\Users\aETAdzjz\AppData\Local\Temp\I_CwU.odt
C:\Users\aETAdzjz\AppData\Local\Temp\I_swiKdvc.ppt
C:\Users\aETAdzjz\AppData\Local\Temp\K X9.png
C:\Users\aETAdzjz\AppData\Local\Temp\K3dnbrp.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\LrHkw4oCATUj93rpy.mp4
C:\Users\aETAdzjz\AppData\Local\Temp\N-oYumYQq.m4a
C:\Users\aETAdzjz\AppData\Local\Temp\OKeHV.m4a
C:\Users\aETAdzjz\AppData\Local\Temp\OychNK7kl.avi
C:\Users\aETAdzjz\AppData\Local\Temp\PWt HUXSGuI.swf
C:\Users\aETAdzjz\AppData\Local\Temp\Q0AFm-lgaTLGU.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\QE7M91cmfd4RQLoM.mkv
C:\Users\aETAdzjz\AppData\Local\Temp\XY5h-.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\Xty5XN6ZMes6G.m4a
C:\Users\aETAdzjz\AppData\Local\Temp\Z5L2yWUGrKlxk5Kf.jpg
C:\Users\aETAdzjz\AppData\Local\Temp\_-AFq-IeNeOzy.pps
C:\Users\aETAdzjz\AppData\Local\Temp\bm iEYbR.mp4
C:\Users\aETAdzjz\AppData\Local\Temp\fOdSUf8B WTuwEyaDAz.m4a
C:\Users\aETAdzjz\AppData\Local\Temp\ixJARUP KZBYPWwZRqtY.flv
C:\Users\aETAdzjz\AppData\Local\Temp\jC8Zx.m4a
C:\Users\aETAdzjz\AppData\Local\Temp\kKPK.jpg
C:\Users\aETAdzjz\AppData\Local\Temp\kndgmLz7j.flv
C:\Users\aETAdzjz\AppData\Local\Temp\mCe-wZKGrGSPDo67uL.jpg
C:\Users\aETAdzjz\AppData\Local\Temp\px-4NRW18P67 WxbnFPY.png
C:\Users\aETAdzjz\AppData\Local\Temp\rsP9me XC U2cm.avi
C:\Users\aETAdzjz\AppData\Local\Temp\v7ZRRDm9DoMWww7VzF.pptx
C:\Users\aETAdzjz\AppData\Local\Temp\vG93YBFKwMyL-JsO.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\vI1Xi43xZm6dNkU.swf
C:\Users\aETAdzjz\AppData\Local\Temp\wLV BIrt.mp3
C:\Users\aETAdzjz\AppData\Local\Temp\yjNI-qvSN_nyGB.bmp
C:\Users\aETAdzjz\AppData\Roaming\1w1bQwhhNO7luJa3zvE.bmp
C:\Users\aETAdzjz\AppData\Roaming\3IZ9gnZcA2jyIBYznD_B.mkv
C:\Users\aETAdzjz\AppData\Roaming\4DZiQw6btlIr.swf
C:\Users\aETAdzjz\AppData\Roaming\4Es7j98.jpg
C:\Users\aETAdzjz\AppData\Roaming\5Xtak_4-9AL.png
C:\Users\aETAdzjz\AppData\Roaming\93iQ-xJm.flv
C:\Users\aETAdzjz\AppData\Roaming\9iXrGQ 14liiBvwz0mg.flv
C:\Users\aETAdzjz\AppData\Roaming\AN7hWj7fwOmm0-O.gif
C:\Users\aETAdzjz\AppData\Roaming\C5FQ_sa9uGwRhTvfEtW.pps
C:\Users\aETAdzjz\AppData\Roaming\DolYRQzKF5D5K.mp4
C:\Users\aETAdzjz\AppData\Roaming\Em1Zi2O-Z6NyV8d.odt
C:\Users\aETAdzjz\AppData\Roaming\HMCpXS6tq.pdf
C:\Users\aETAdzjz\AppData\Roaming\IOat5oNPHWoN.pps
C:\Users\aETAdzjz\AppData\Roaming\JKF41oc6gn98_gog.ots
C:\Users\aETAdzjz\AppData\Roaming\JfpXHXug.mp3
C:\Users\aETAdzjz\AppData\Roaming\JvAFEVhos.pptx
C:\Users\aETAdzjz\AppData\Roaming\KxlO01.swf
C:\Users\aETAdzjz\AppData\Roaming\LoK7lIHJ.mkv
C:\Users\aETAdzjz\AppData\Roaming\PLz1bkzV6TBNb-tRYU.m4a
C:\Users\aETAdzjz\AppData\Roaming\Q9MNKS2Mv-.mp3
C:\Users\aETAdzjz\AppData\Roaming\QTlV.avi
C:\Users\aETAdzjz\AppData\Roaming\RbyazqQE8rl2N0zk5W2.doc
C:\Users\aETAdzjz\AppData\Roaming\RmdB7VJ-ou9.avi
C:\Users\aETAdzjz\AppData\Roaming\Vjgk9BQ_pz6iV.mp3
C:\Users\aETAdzjz\AppData\Roaming\W7mv3SYbk DjQrr1x_.png
C:\Users\aETAdzjz\AppData\Roaming\X_RMETh8C.m4a
C:\Users\aETAdzjz\AppData\Roaming\Y-KDahOGmHJ.mp4
C:\Users\aETAdzjz\AppData\Roaming\YBdHIwC.bmp
C:\Users\aETAdzjz\AppData\Roaming\ahaalNjOCc.jpg
C:\Users\aETAdzjz\AppData\Roaming\bb Gwz.ods
C:\Users\aETAdzjz\AppData\Roaming\dvIzkbDonBr.mp4
C:\Users\aETAdzjz\AppData\Roaming\hGsU6QippJ_H.gif
C:\Users\aETAdzjz\AppData\Roaming\kv0c.mp4
C:\Users\aETAdzjz\AppData\Roaming\lKTFF6LQXXn9r2i4Cn.wav
C:\Users\aETAdzjz\AppData\Roaming\mBg2IzHVlpgnh-k9_.bmp
C:\Users\aETAdzjz\AppData\Roaming\pmg_ pr.wav
C:\Users\aETAdzjz\AppData\Roaming\tKjQ-p.mkv
C:\Users\aETAdzjz\AppData\Roaming\wkB2S9rQ14FGD5_.wav
C:\Users\aETAdzjz\AppData\Roaming\xM9AYY3sb.pdf
C:\Users\aETAdzjz\AppData\Roaming\zAzVHwqsVbHxfQl-.mkv
C:\Users\aETAdzjz\Desktop\17Wb5JQ
C:\Users\aETAdzjz\Desktop\17Wb5JQ\6Zkl.png
C:\Users\aETAdzjz\Desktop\17Wb5JQ\9BWma.png
C:\Users\aETAdzjz\Desktop\17Wb5JQ\DQAS32MB.pps
C:\Users\aETAdzjz\Desktop\17Wb5JQ\EhqXF2jmEtde7JBtdg1S.mkv
C:\Users\aETAdzjz\Desktop\17Wb5JQ\F7NjWT3_Mp.mkv
C:\Users\aETAdzjz\Desktop\17Wb5JQ\Hx6TzUmhFfSYSHJvav.ppt
C:\Users\aETAdzjz\Desktop\17Wb5JQ\mvcW.avi
C:\Users\aETAdzjz\Desktop\2H-WzbSjSU0-rl.jpg
C:\Users\aETAdzjz\Desktop\4ETtWBtGhGiES56K.mp3
C:\Users\aETAdzjz\Desktop\5JB0-Q.m4a
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\-CxWZmp086NolQe_.flv
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\B9_6fR8ScnUyQjW9lO5.mp4
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\Kpwe4R_qJUm1JA1.xlsx
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\gjtqKtW.docx
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\hv9gvMZay-TGe.mp3
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\neq30_nnumkVq0.jpg
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\tT3vwOtenMPh_u.jpg
C:\Users\aETAdzjz\Desktop\66MM_2pPuy4ymDeE8\zgq5tPw.png
C:\Users\aETAdzjz\Desktop\6LDXltgY4EsrdW_J-zbD.mkv
C:\Users\aETAdzjz\Desktop\7rQ-fIZIQ4vT-O6wRdcJ.mkv
C:\Users\aETAdzjz\Desktop\80DbvmcmMWhTi.bmp
C:\Users\aETAdzjz\Desktop\BqbZNLucn.mp3
C:\Users\aETAdzjz\Desktop\EN_OAwlx9b2OrqwSN.png
C:\Users\aETAdzjz\Desktop\ExFYSUyFm7X__f_.pdf
C:\Users\aETAdzjz\Desktop\F-ITcNAr S7kqwMUv.mp4
C:\Users\aETAdzjz\Desktop\HX0eA8o.flv
C:\Users\aETAdzjz\Desktop\K_8_uznDuibjtM1.pptx
C:\Users\aETAdzjz\Desktop\NovUO_-iKk6y5.mp3
C:\Users\aETAdzjz\Desktop\Po5C4lc8V0NnjkU-m Jv.xlsx
C:\Users\aETAdzjz\Desktop\SaPjYhgF_HgM3pP.flv
C:\Users\aETAdzjz\Desktop\T4bTeqp-XT.m4a
C:\Users\aETAdzjz\Desktop\VwD8lSVkYMWD3K72.bmp
C:\Users\aETAdzjz\Desktop\_x2J3wT4L-D7tcZKdQ.pdf
C:\Users\aETAdzjz\Desktop\fhr OBXL-wIP tN.gif
C:\Users\aETAdzjz\Desktop\gCG5CTiblH3.jpg
C:\Users\aETAdzjz\Desktop\kyKh2.bmp
C:\Users\aETAdzjz\Desktop\oiqjAhPPk.avi
C:\Users\aETAdzjz\Desktop\qGGGh.bmp
C:\Users\aETAdzjz\Desktop\s9Rp_vdurthJcCJ3V.pdf
C:\Users\aETAdzjz\Desktop\uHK-AAiGpJqY3HgMK.mp4
C:\Users\aETAdzjz\Documents\3uJ9.ots
C:\Users\aETAdzjz\Documents\802U-EQrVQGkduUlH.docx
C:\Users\aETAdzjz\Documents\Arl3GCj.xlsx
C:\Users\aETAdzjz\Documents\By8t.docx
C:\Users\aETAdzjz\Documents\CFYjz.pptx
C:\Users\aETAdzjz\Documents\FFREj1L3B6JPhLWZEt.xlsx
C:\Users\aETAdzjz\Documents\GbGM4Ch.xlsx
C:\Users\aETAdzjz\Documents\Rge6wAgPyTjHj8AU.odp
C:\Users\aETAdzjz\Documents\S5smxO3vuT8l3iAHkk8s.pptx
C:\Users\aETAdzjz\Documents\UYMk.xlsx
C:\Users\aETAdzjz\Documents\Udy5VDj9 vpLZxOm.pptx
C:\Users\aETAdzjz\Documents\VauzlVdCDWdpfr12.xlsx
C:\Users\aETAdzjz\Documents\eXzxP.pptx
C:\Users\aETAdzjz\Documents\hywCJCtNsBRqwDG.docx
C:\Users\aETAdzjz\Documents\j-NRtiZ2nT5n_5vM.docx
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\5Fn-5v5ZyGpl8aUO.pdf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\AW_f2ppG.rtf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\FWlDfnvEOQPk6Rb.odt
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\U-c4jUVcbqFJ9PZ.doc
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\Z5xg9vsW1Wf03s.xls
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\DQl_mLUH\tIGCSe9zXU-jLran.xlsx
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\QkGnNP6B
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\QkGnNP6B\qXVQ0ilZv.odt
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\QkGnNP6B\xicwEVEaKnQYXaPS3Pyc.rtf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\V8pM0jrhtHbfnuTOL.pdf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\-k9KSt2AshQ0Tw7N_uia.docx
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\GRWZDRELUFffHNqCl.ppt
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\IF1fA1Ta2yAHMcLdLg7x.ots
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\PkXZQt.xls
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\YKM1T.rtf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\mezL1s.odp
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\rj8orcCHCKf.ots
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\_NvUDa wB_wPoTp\uxaoCz.ots
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\g6zQ-yF67Cs_.pdf
C:\Users\aETAdzjz\Documents\jUZmhdNYHrfyyzeZ\i5y D HUA9A9c3HaE8Eu.odt
C:\Users\aETAdzjz\Documents\pMNBll5Rqlohu86x.docx
C:\Users\aETAdzjz\Documents\q7bUNEgl.pptx
C:\Users\aETAdzjz\Documents\tlfkjUgprlfzoz-G7W.docx
C:\Users\aETAdzjz\Documents\xk_RVvHjXTZ
C:\Users\aETAdzjz\Documents\xk_RVvHjXTZ\3_Uv63tCEWJa_ bpJ.ods
C:\Users\aETAdzjz\Documents\xk_RVvHjXTZ\MlP8f O.pps
C:\Users\aETAdzjz\Documents\xk_RVvHjXTZ\f66D3ZE396ESS.ppt
C:\Users\aETAdzjz\Documents\xk_RVvHjXTZ\rD0PyKmyVIADkUgwxV.pptx
C:\Users\aETAdzjz\Music\0VtdLBxPp.wav
C:\Users\aETAdzjz\Music\1DO-kyXkj bKTPsL9.wav
C:\Users\aETAdzjz\Music\1_KsLE8eVWbU-JB.wav
C:\Users\aETAdzjz\Music\60T7D9E9xGUpcDZCU.m4a
C:\Users\aETAdzjz\Music\A46sxR1.mp3
C:\Users\aETAdzjz\Music\CWIOU.mp3
C:\Users\aETAdzjz\Music\CudXXU5aZ.mp3
C:\Users\aETAdzjz\Music\E ONadbG6vSYE.mp3
C:\Users\aETAdzjz\Music\E90Lf202DnrP9FpoRoNI.mp3
C:\Users\aETAdzjz\Music\EbAok.mp3
C:\Users\aETAdzjz\Music\IQWX2Wm_.m4a
C:\Users\aETAdzjz\Music\JfH-DuyHBy6qu FW7p.m4a
C:\Users\aETAdzjz\Music\Wek5OpKuC74PKEi3adbH.m4a
C:\Users\aETAdzjz\Music\XYdyDQWztm.m4a
C:\Users\aETAdzjz\Music\clbsdlKYz8Cuwj.m4a
C:\Users\aETAdzjz\Music\dbTm-2-DCBNcrC1.wav
C:\Users\aETAdzjz\Music\gElxS9aIg-9LH4ci j.mp3
C:\Users\aETAdzjz\Music\hNUWEPKzb_J9QL.mp3
C:\Users\aETAdzjz\Music\ib-RgAXuoH3.wav
C:\Users\aETAdzjz\Music\j42z6C.m4a
C:\Users\aETAdzjz\Music\jSegErTBbt_46i.wav
C:\Users\aETAdzjz\Music\p8i7t3SBvKZ.m4a
C:\Users\aETAdzjz\Music\qR77l4W.wav
C:\Users\aETAdzjz\Music\rA1E.wav
C:\Users\aETAdzjz\Music\x7sNUF2.m4a
C:\Users\aETAdzjz\Pictures\0EeEz5f1KsvPbjsA1h.jpg
C:\Users\aETAdzjz\Pictures\1o7yMrFosLL.png
C:\Users\aETAdzjz\Pictures\4itR6G9QDIyT.bmp
C:\Users\aETAdzjz\Pictures\CpQIr5LyEwr.png
C:\Users\aETAdzjz\Pictures\G8WGWv760OHbpg8wF.gif
C:\Users\aETAdzjz\Pictures\HQRujqaDZrRKNbC91j T.gif
C:\Users\aETAdzjz\Pictures\IRfHPT7.png
C:\Users\aETAdzjz\Pictures\JkifWbXCZuuU.gif
C:\Users\aETAdzjz\Pictures\JnFsi1k9.png
C:\Users\aETAdzjz\Pictures\QmIfhScRqf9.jpg
C:\Users\aETAdzjz\Pictures\RpN6cqrTWNGT2vZUwH.png
C:\Users\aETAdzjz\Pictures\XD2hR_q.png
C:\Users\aETAdzjz\Pictures\YfZZteM31SMgKYy.png
C:\Users\aETAdzjz\Pictures\bpGZwNf6.bmp
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\1 nk.jpg
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\6r34_39B-SlUG.bmp
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\BQsv957bDyTG.bmp
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\LiXhZ-Mr34.jpg
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\LtJg8C.gif
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\Lyq8er Ap6nOhqIGnhi.gif
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\MO8YPOgQEyNX jvB.jpg
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\Z HSNkrMdwKvomHHI.gif
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\bYctdxf5r9F.png
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\eyRkB.bmp
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\kcSMcpvds7h28m7D.png
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\oz4wis4659f.gif
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\rJqbP2JWPzztk.jpg
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\sLdhOUdgBdF.jpg
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\syEq.gif
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\xOym.png
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\ytDcd.bmp
C:\Users\aETAdzjz\Pictures\ejCPqI2r3P_wQ\zLqIfecmGegkoJP1tdA.png
C:\Users\aETAdzjz\Pictures\th-9.png
C:\Users\aETAdzjz\Pictures\uQAY91U.png
C:\Users\aETAdzjz\Videos\Q3CnG
C:\Users\aETAdzjz\Videos\Q3CnG\lHynRup.swf
C:\Users\aETAdzjz\Videos\VR-YBzTr.flv
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\ICxLdrvSahJf.mp4
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\dzWeMuHhTEQ9RgG
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\dzWeMuHhTEQ9RgG\-K4vcJQzZMrRVhe QU.flv
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\dzWeMuHhTEQ9RgG\SUIz4X.avi
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\dzWeMuHhTEQ9RgG\hzNK.avi
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\aA6rQ4b\dzWeMuHhTEQ9RgG\uXUtCV8B.avi
C:\Users\aETAdzjz\Videos\YjhXedAlcvRB4VwQx6\jgXuiCxyn-PAm.avi
C:\Users\aETAdzjz\Videos\dcgaTY6N
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi\1fG6ULc.mp4
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi\5JO IixyI.avi
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi\gepq5fX5dC.flv
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi\sGgC2V.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\CFtWx_t Qqdi\yJqNvER FjDxkz.avi
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\FOC_8zA9tuwyP.swf
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\WW9TjlE.mp4
C:\Users\aETAdzjz\Videos\dcgaTY6N\60mijM\ZgSl6cTVuxNP4.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\97C 4LGb.avi
C:\Users\aETAdzjz\Videos\dcgaTY6N\GSx265ktqQpgri7zO8
C:\Users\aETAdzjz\Videos\dcgaTY6N\GSx265ktqQpgri7zO8\Gnpv.mp4
C:\Users\aETAdzjz\Videos\dcgaTY6N\GSx265ktqQpgri7zO8\NJnx8a fe6GJRU5l1.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\GSx265ktqQpgri7zO8\f1pkmFX1.swf
C:\Users\aETAdzjz\Videos\dcgaTY6N\GSx265ktqQpgri7zO8\iZj_Y6K7zaTjc.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\P4Cgs3aHwSI.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\QZEDn jquO8T9g.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\dQV41PBNZpkiSDw.mkv
C:\Users\aETAdzjz\Videos\dcgaTY6N\lFWnMg3L-H0eIxv5d1N.mp4
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image