Trickbot 2019-05-16 | Files
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Keylogger, Spyware, Backdoor, Trojan

radiance.png.exe

Windows Exe (x86-32)

Created at 2019-05-16T17:08:00

...

Remarks (2/3)

(0x2000008): One or more processes crashed during the analysis. Analysis results may be incomplete.

(0x200000e): The overall sleep time of all monitored processes was truncated from "21 hours, 36 minutes, 10 seconds" to "1 minute, 34 seconds" to reveal dormant functionality.

(0x200003a): A task was rescheduled ahead of time to reveal dormant functionality.

Remarks

(0x200000c): The maximum memory dump size was exceeded. Some dumps may be missing in the report.

Filters:
Filename Category Type Severity Actions
C:\Users\2XC7u663GxWc\Desktop\radiance.png.exe Sample File Binary
Malicious
...
»
Also Known As C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\tadiapce.exe (Dropped File)
Mime Type application/vnd.microsoft.portable-executable
File Size 250.00 KB
MD5 5c163d92cb7b0b913b1e9fce3e179477 Copy to Clipboard
SHA1 574aa8b8d8bc98cda8038f8a5084d36367e4ce82 Copy to Clipboard
SHA256 c8781c38c7a9b921049963a276513cf6057d85766e7517ff5eb6e4bc4d0c397b Copy to Clipboard
SSDeep 6144:Kz0qq/ZdqMwdoXqTHBgVkVWp0UhmMNYWZ:vXqTHBguVdKmMCW Copy to Clipboard
ImpHash 5de86c2a43198e0d4a76a1795f5e3c45 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
File Reputation Information
»
Severity
Blacklisted
First Seen 2019-05-14 17:30 (UTC+2)
Last Seen 2019-05-16 10:07 (UTC+2)
Names Win32.Trojan.Trickbot
Families Trickbot
Classification Trojan
PE Information
»
Image Base 0x400000
Entry Point 0x401000
Size Of Code 0xd000
Size Of Initialized Data 0x35000
File Type FileType.executable
Subsystem Subsystem.windows_gui
Machine Type MachineType.i386
Compile Timestamp 2019-05-14 12:17:04+00:00
Sections (8)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x401000 0xd000 0xc600 0x600 IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ 6.51
.data 0x40e000 0x35000 0x2fa00 0xcc00 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 7.92
.tls 0x443000 0x1000 0x200 0x3c600 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 0.0
.rdata 0x444000 0x1000 0x200 0x3c800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ 0.21
.idata 0x445000 0x1000 0xa00 0x3ca00 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 4.41
.edata 0x446000 0x1000 0x200 0x3d400 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 1.26
.rsrc 0x447000 0x1000 0x200 0x3d600 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 0.93
.reloc 0x448000 0x1000 0x1000 0x3d800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ 6.66
Imports (4)
»
KERNEL32.DLL (43)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CloseHandle 0x0 0x445114 0x45064 0x3ca64 0x0
CreateFileA 0x0 0x445118 0x45068 0x3ca68 0x0
ExitProcess 0x0 0x44511c 0x4506c 0x3ca6c 0x0
GetACP 0x0 0x445120 0x45070 0x3ca70 0x0
GetCPInfo 0x0 0x445124 0x45074 0x3ca74 0x0
GetCommandLineA 0x0 0x445128 0x45078 0x3ca78 0x0
GetCurrentThreadId 0x0 0x44512c 0x4507c 0x3ca7c 0x0
GetEnvironmentStrings 0x0 0x445130 0x45080 0x3ca80 0x0
GetFileType 0x0 0x445134 0x45084 0x3ca84 0x0
GetLastError 0x0 0x445138 0x45088 0x3ca88 0x0
GetLocalTime 0x0 0x44513c 0x4508c 0x3ca8c 0x0
GetModuleFileNameA 0x0 0x445140 0x45090 0x3ca90 0x0
GetModuleHandleA 0x0 0x445144 0x45094 0x3ca94 0x0
GetOEMCP 0x0 0x445148 0x45098 0x3ca98 0x0
GetProcAddress 0x0 0x44514c 0x4509c 0x3ca9c 0x0
GetProcessHeap 0x0 0x445150 0x450a0 0x3caa0 0x0
GetStartupInfoA 0x0 0x445154 0x450a4 0x3caa4 0x0
GetStdHandle 0x0 0x445158 0x450a8 0x3caa8 0x0
GetStringTypeW 0x0 0x44515c 0x450ac 0x3caac 0x0
GetTickCount 0x0 0x445160 0x450b0 0x3cab0 0x0
GetVersion 0x0 0x445164 0x450b4 0x3cab4 0x0
GetVersionExA 0x0 0x445168 0x450b8 0x3cab8 0x0
GlobalMemoryStatus 0x0 0x44516c 0x450bc 0x3cabc 0x0
HeapAlloc 0x0 0x445170 0x450c0 0x3cac0 0x0
HeapFree 0x0 0x445174 0x450c4 0x3cac4 0x0
LoadLibraryA 0x0 0x445178 0x450c8 0x3cac8 0x0
LoadLibraryW 0x0 0x44517c 0x450cc 0x3cacc 0x0
MultiByteToWideChar 0x0 0x445180 0x450d0 0x3cad0 0x0
RaiseException 0x0 0x445184 0x450d4 0x3cad4 0x0
RtlUnwind 0x0 0x445188 0x450d8 0x3cad8 0x0
SetConsoleCtrlHandler 0x0 0x44518c 0x450dc 0x3cadc 0x0
SetFilePointer 0x0 0x445190 0x450e0 0x3cae0 0x0
SetHandleCount 0x0 0x445194 0x450e4 0x3cae4 0x0
Sleep 0x0 0x445198 0x450e8 0x3cae8 0x0
TlsAlloc 0x0 0x44519c 0x450ec 0x3caec 0x0
TlsFree 0x0 0x4451a0 0x450f0 0x3caf0 0x0
TlsGetValue 0x0 0x4451a4 0x450f4 0x3caf4 0x0
TlsSetValue 0x0 0x4451a8 0x450f8 0x3caf8 0x0
UnhandledExceptionFilter 0x0 0x4451ac 0x450fc 0x3cafc 0x0
VirtualAlloc 0x0 0x4451b0 0x45100 0x3cb00 0x0
VirtualFree 0x0 0x4451b4 0x45104 0x3cb04 0x0
WideCharToMultiByte 0x0 0x4451b8 0x45108 0x3cb08 0x0
WriteFile 0x0 0x4451bc 0x4510c 0x3cb0c 0x0
GDI32.DLL (10)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
BitBlt 0x0 0x4451f0 0x451c4 0x3cbc4 0x0
CreateCompatibleBitmap 0x0 0x4451f4 0x451c8 0x3cbc8 0x0
CreateCompatibleDC 0x0 0x4451f8 0x451cc 0x3cbcc 0x0
CreateFontA 0x0 0x4451fc 0x451d0 0x3cbd0 0x0
DeleteDC 0x0 0x445200 0x451d4 0x3cbd4 0x0
DeleteObject 0x0 0x445204 0x451d8 0x3cbd8 0x0
GetStockObject 0x0 0x445208 0x451dc 0x3cbdc 0x0
SelectObject 0x0 0x44520c 0x451e0 0x3cbe0 0x0
SetBkMode 0x0 0x445210 0x451e4 0x3cbe4 0x0
SetTextColor 0x0 0x445214 0x451e8 0x3cbe8 0x0
USER32.DLL (31)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
AdjustWindowRect 0x0 0x44529c 0x4521c 0x3cc1c 0x0
BeginPaint 0x0 0x4452a0 0x45220 0x3cc20 0x0
CreateWindowExA 0x0 0x4452a4 0x45224 0x3cc24 0x0
DefWindowProcA 0x0 0x4452a8 0x45228 0x3cc28 0x0
DestroyWindow 0x0 0x4452ac 0x4522c 0x3cc2c 0x0
DialogBoxParamA 0x0 0x4452b0 0x45230 0x3cc30 0x0
DispatchMessageA 0x0 0x4452b4 0x45234 0x3cc34 0x0
DrawTextA 0x0 0x4452b8 0x45238 0x3cc38 0x0
EndDialog 0x0 0x4452bc 0x4523c 0x3cc3c 0x0
EndPaint 0x0 0x4452c0 0x45240 0x3cc40 0x0
EnumThreadWindows 0x0 0x4452c4 0x45244 0x3cc44 0x0
FillRect 0x0 0x4452c8 0x45248 0x3cc48 0x0
GetAsyncKeyState 0x0 0x4452cc 0x4524c 0x3cc4c 0x0
GetClientRect 0x0 0x4452d0 0x45250 0x3cc50 0x0
GetDC 0x0 0x4452d4 0x45254 0x3cc54 0x0
GetKeyState 0x0 0x4452d8 0x45258 0x3cc58 0x0
GetMessageA 0x0 0x4452dc 0x4525c 0x3cc5c 0x0
InvalidateRect 0x0 0x4452e0 0x45260 0x3cc60 0x0
KillTimer 0x0 0x4452e4 0x45264 0x3cc64 0x0
LoadBitmapA 0x0 0x4452e8 0x45268 0x3cc68 0x0
LoadCursorA 0x0 0x4452ec 0x4526c 0x3cc6c 0x0
LoadIconA 0x0 0x4452f0 0x45270 0x3cc70 0x0
MessageBoxA 0x0 0x4452f4 0x45274 0x3cc74 0x0
PostQuitMessage 0x0 0x4452f8 0x45278 0x3cc78 0x0
RegisterClassA 0x0 0x4452fc 0x4527c 0x3cc7c 0x0
ReleaseDC 0x0 0x445300 0x45280 0x3cc80 0x0
SetTimer 0x0 0x445304 0x45284 0x3cc84 0x0
ShowWindow 0x0 0x445308 0x45288 0x3cc88 0x0
TranslateMessage 0x0 0x44530c 0x4528c 0x3cc8c 0x0
UpdateWindow 0x0 0x445310 0x45290 0x3cc90 0x0
wsprintfA 0x0 0x445314 0x45294 0x3cc94 0x0
WINMM.DLL (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
timeGetTime 0x0 0x445324 0x4531c 0x3cd1c 0x0
Exports (2)
»
Api name EAT Address Ordinal
__GetExceptDLLinfo 0x1059 0x1
___CPPdebugHook 0xe13c 0x2
Memory Dumps (5)
»
Name Process ID Start VA End VA Dump Reason PE Rebuilds Bitness Entry Points AV YARA Actions
radiance.png.exe 1 0x00400000 0x00448FFF Relevant Image - 32-bit - False False
...
buffer 1 0x00150000 0x00151FFF First Execution - 32-bit 0x00151140, 0x001512D0, ... False False
...
buffer 1 0x003C0000 0x003C0FFF First Execution - 32-bit 0x003C0000 False False
...
buffer 1 0x00450000 0x00450FFF First Execution - 32-bit 0x00450000 False False
...
buffer 1 0x01A60000 0x01A8AFFF First Execution - 32-bit 0x01A77D1F, 0x01A78A78, ... False False
...
Local AV Matches (1)
»
Threat Name Severity
Trojan.GenericKD.41286982
Malicious
C:\Users\2XC7u663GxWc\AppData\Local\Google\Chrome\User Data\Default\Login Data.bak Dropped File Sqlite
Whitelisted
...
»
Mime Type application/x-sqlite3
File Size 18.00 KB
MD5 89d7b9ad36ca7345933c7e369ba0a5f4 Copy to Clipboard
SHA1 78f072d00227314570b0e0f721690856b4e2fb4f Copy to Clipboard
SHA256 2ade5f90626dbc3bc778a35ce4b28b0dcb28f2852fbf7dcc15506e0501642f1a Copy to Clipboard
SSDeep 24:LLilH0KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6UwcpYMQW:kz+JH3yJUheCVE9V8MX0PFlNU1uW Copy to Clipboard
File Reputation Information
»
Severity
Whitelisted
First Seen 2017-07-29 17:52 (UTC+2)
Last Seen 2018-11-23 06:54 (UTC+1)
C:\Users\2XC7u663GxWc\AppData\Local\Google\Chrome\User Data\Default\Web Data.bak Dropped File Sqlite
Whitelisted
...
»
Mime Type application/x-sqlite3
File Size 64.00 KB
MD5 e3a002935a782f75c8ac7f3f0505d7f2 Copy to Clipboard
SHA1 5ec603207a726efa249b6ef575b2d03c64e928fd Copy to Clipboard
SHA256 912c041f1f45b8b817f94c84c15433a40463a8a56d6978cf08b7ed28996050a7 Copy to Clipboard
SSDeep 96:Ze3Zht6YnMvqI738Hsa/NTIdEFaEdUDSuKn8Y/qBOnxjyWTJereWb3Ds4Blr:ZkZLHMEhTJMb3D Copy to Clipboard
File Reputation Information
»
Severity
Whitelisted
First Seen 2017-07-29 17:52 (UTC+2)
Last Seen 2019-04-05 00:58 (UTC+2)
c:\users\2xc7u663gxwc\appdata\roaming\microsoft\crypto\rsa\s-1-5-21-3727408139-63090477-3136880571-1000\a7ad97fe866c7f48db63edede97b2b9b_3912d7c0-2df4-4798-9de9-c60c58f001d5 Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.03 KB
MD5 6a60611fe15b070e3e11b53bc3d9dc87 Copy to Clipboard
SHA1 784e344f476e13ff693271bc985c40049afc1b9a Copy to Clipboard
SHA256 f7ccc163182308202c4c59dc5c6443be6df032ed5ec80f248ca0b4b61825898a Copy to Clipboard
SSDeep 24:e0Kf5b6UwZYeKrPH4I4slxMm/rCnZwp5MVsJHjZ9:Wb6UwZhKrT4AxMM2Zwp2VsBjD Copy to Clipboard
c:\users\2xc7u663gxwc\appdata\roaming\microsoft\crypto\rsa\s-1-5-21-3727408139-63090477-3136880571-1000\a7ad97fe866c7f48db63edede97b2b9b_3912d7c0-2df4-4798-9de9-c60c58f001d5 Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.03 KB
MD5 87a4844794b4d8228031077194c5f62d Copy to Clipboard
SHA1 eb5b65b9fa18579b870d91d0b7b340b939b42946 Copy to Clipboard
SHA256 714e64be4710d49ecc8995a532b080cd9af9ab9bc677d42b5ca22a003abf89de Copy to Clipboard
SSDeep 24:e0Kf5b6UwfxF1wX6U2VMf0kYknnfvzkM9SSwZ+rciXMParI13owlmTbV6jE:Wb6UwfxEX6U2VMUknnDkLhZLi8PSI14b Copy to Clipboard
c:\programdata\microsoft\crypto\rsa\s-1-5-18\6d14e4b1d8ca773bab785d1be032546e_3912d7c0-2df4-4798-9de9-c60c58f001d5 Modified File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.02 KB
MD5 25182eaddd35243f1c663c9eef9bbbe6 Copy to Clipboard
SHA1 6b011af171e9fc33e315660538cec3c34195e71e Copy to Clipboard
SHA256 af3275ba9dfd94740241eadb93eb66f282da7543e61ab2544d46d6c68e38ed3b Copy to Clipboard
SSDeep 24:rKf5b6UKa6LXaZBwFgftYNIra4on9okhVBPYP:kb6U4XeBqnIWL2MBPI Copy to Clipboard
settings.ini Dropped File Text
Unknown
...
»
Mime Type text/plain
File Size 17.89 KB
MD5 ebbf1f31b6de4fc2b9de6c80494eeb39 Copy to Clipboard
SHA1 14db29cd23f83a5de771a2cc6cbb41a0ef101b0f Copy to Clipboard
SHA256 2d690ec2c6c859767a9dc29eaedc67c2de103037951494a3eeae6335bac4ec00 Copy to Clipboard
SSDeep 384:f8ip6dC2AWGShPfXbM2ffBME5fNPLmEFqQ12TJPW:f8RdQW7PfXbM2fNvzFFn12TJPW Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\systeminfo32 Dropped File Stream
Unknown
...
»
Also Known As C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\systeminfo32 (Dropped File)
Mime Type application/octet-stream
File Size 16.17 KB
MD5 3a8f710f2a7c79c6829e9682af59040d Copy to Clipboard
SHA1 b9bf965045b3ddc6f332bc36e9cdd52ca03d8b7f Copy to Clipboard
SHA256 0d7fec5789664c377667a89fe1a2098fb201014bafdf475d002a57c96689eb72 Copy to Clipboard
SSDeep 384:/IpVB1xeH7b8hOaGjM6wM9hDUxYoxOoNgkR8UQrra1bVTDnDpPecSKT:/IYbb1xb91COygkRDk6 Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32 Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 578.94 KB
MD5 cbf6993507c3ce333977627d5dd80825 Copy to Clipboard
SHA1 9c100fcbb95c3620cadfaf2eec5e63b2660585b0 Copy to Clipboard
SHA256 08feb5be3c64dee2d43cab334ca37db9214c8d8f5acefd17487d60e38d2b8475 Copy to Clipboard
SSDeep 12288:lWRNtoO/UtADpB/0C8EM3n0B8gmJBxx1B4DEmbmuDd6AIKJtW6l/Ve3kUzJ:lOogUtAf0YM388gmJBv1mDEGJIAe0Vo Copy to Clipboard
c:\programdata\microsoft\crypto\rsa\machinekeys\d71375b114e472f50fdecc6000e0f0a4_3912d7c0-2df4-4798-9de9-c60c58f001d5 Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 45 bytes
MD5 1717f95fa1ffb4cab7e7771b2ddeb37b Copy to Clipboard
SHA1 b4a7a2f9bc64044e604950eb34fbadc7e20464f7 Copy to Clipboard
SHA256 1e3af54334dde428a43ca068306d7400ccd35d81de9b688c151fccb7a77c49d0 Copy to Clipboard
SSDeep 3:/lwltfRl:Wbl Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\pwgrab32 Dropped File Stream
Unknown
...
»
Mime Type application/octet-stream
File Size 1.07 MB
MD5 30e83e96a2ca2bd824fc6683557d0754 Copy to Clipboard
SHA1 e7b8b2235afa4185291be09b938ab84a3f56e507 Copy to Clipboard
SHA256 070f2bb875507aee0cad7a540382f0ff5c18fa4249f6e7729f5530be5843f6e0 Copy to Clipboard
SSDeep 24576:s0OCisGaLSGuZas9pjTeDfHn65brnW0+rflbbi:DOCioLROasTIfiYjlbm Copy to Clipboard
settings.ini Dropped File Text
Unknown
...
»
Mime Type text/plain
File Size 18.08 KB
MD5 bc40d11cfc6d5938ca3ca99d4847e0c7 Copy to Clipboard
SHA1 ece693ab628a17b5d572925f7eb361c61879ed61 Copy to Clipboard
SHA256 99755825296d798f05089b5747382eae6d7b4691e3109ef21363e837149a3cb4 Copy to Clipboard
SSDeep 384:f8ip6dC2AWGShPfXbMOfP0fNPLmEFqQ12TJPW:f8RdQW7PfXbM5zFFn12TJPW Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32_configs\dpost Dropped File Stream
Unknown
...
»
Also Known As C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\pwgrab32_configs\dpost (Dropped File)
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\networkDll32_configs\dpost (Dropped File)
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\psfin32_configs\dpost (Dropped File)
Mime Type application/octet-stream
File Size 928 bytes
MD5 e74f7c2aacf9459d8412c96369d786fb Copy to Clipboard
SHA1 2eb4812bd7d99ffbd84d5381b71475574505d992 Copy to Clipboard
SHA256 82fddb63f4725e9775e9e5e51c83030dd29e339678c3bf1f82931628fb7730af Copy to Clipboard
SSDeep 24:Bbu1tph88ekE5QIvuI8DGrrRQkFLqiSMRjlbH5V6RUqaE:xqtpm8EXdpr2k8ejdH5VdqaE Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32_configs\dinj Dropped File Stream
Unknown
...
»
Also Known As C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32_configs\dinj (Dropped File)
Mime Type application/octet-stream
File Size 129.53 KB
MD5 cc9f120d816b196026d034e7409b8544 Copy to Clipboard
SHA1 03e17fc20d16992a7d0b7137ce8748ad2ecffc6c Copy to Clipboard
SHA256 6ddde728b3ee6369ffed441f095e0d973efe8e39db2b56d0d458c10f9ef1b9ac Copy to Clipboard
SSDeep 3072:hGq0IAYKU55Ioa8g/up43AbPu9bc0l91aVcsmXwiCRyoRW:wq0n8Coa8eup4weQqswwxPW Copy to Clipboard
C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32_configs\sinj Dropped File Stream
Unknown
...
»
Also Known As C:\Users\2XC7u663GxWc\AppData\Roaming\chromedata\Data\injectDll32_configs\sinj (Dropped File)
Mime Type application/octet-stream
File Size 83.42 KB
MD5 fc0ba72f44f4f18f8580b1ed490dea30 Copy to Clipboard
SHA1 98bfd5a30ede84fe45cc951db555b8accdda7620 Copy to Clipboard
SHA256 5fe39efbea646a051b8c52b0e0ed99c23fe72e74fd19bbae22b18ae773b115d2 Copy to Clipboard
SSDeep 1536:B4EJ3ipsjCHVwsL4Q1Uqh1DTY5xuiosEayrzSMEg1m+RAzVGoQ7IY3S:BFJ3qsjVsL4oh1/YLbosEayhmKoHwv3S Copy to Clipboard
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image