Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

94500a91a6...78.exe

windows7-x64

8

94500a91a6...78.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2023, 20:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe

  • Size

    4.9MB

  • MD5

    c2bd142ec90552f6090e4c6ec8cea78c

  • SHA1

    c40568572712b05375d10a985cbaf98147e601d5

  • SHA256

    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478

  • SHA512

    4c3d352226171daa408817adea469a7e15ed7d245546b98c513712309570c8a6aa4785b4f80fd27abc2473cf5bc80df2e1d1ccedfced349774af273148927dff

  • SSDEEP

    49152:tHhWJb8R2TOaCZgdVDgCes3jII0Ee9Uc1c70oPBkgoY+r5u8QeKxFOJxdb4vZKV:RhQI4CudV8s3MKI2tkVKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    "C:\Users\Admin\AppData\Local\Temp\94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3028

Network

  • flag-us
    DNS
    download.cdn.yandex.net
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    8.8.8.8:53
    Request
    download.cdn.yandex.net
    IN A
    Response
    download.cdn.yandex.net
    IN CNAME
    cdn.yandex.net
    cdn.yandex.net
    IN A
    5.45.205.242
    cdn.yandex.net
    IN A
    5.45.205.243
    cdn.yandex.net
    IN A
    5.45.205.244
    cdn.yandex.net
    IN A
    5.45.205.245
    cdn.yandex.net
    IN A
    5.45.205.241
  • flag-us
    DNS
    api.browser.yandex.ru
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.ru
    IN A
    Response
    api.browser.yandex.ru
    IN A
    213.180.193.234
  • flag-us
    DNS
    api.browser.yandex.net
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.net
    IN A
    Response
    api.browser.yandex.net
    IN A
    213.180.193.234
  • flag-ru
    GET
    https://download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    5.45.205.242:443
    Request
    GET /browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: download.cdn.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 302 Found
    Server: nginx/1.17.9
    Date: Mon, 20 Nov 2023 20:02:58 GMT
    Content-Length: 0
    Connection: keep-alive
    Keep-Alive: timeout=5
    Location: https://ext-cachev2-cogent03.cdn.yandex.net/download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true&lid=1503
    X-Request-Id: fedf789171c06900
    X-Strm-Request-Id: fedf789171c06900
    X_h: strm-cacto-production-13.vla.yp-c.yandex.net
    Expires: Thu, 01 Jan 1970 00:00:01 GMT
    Cache-Control: no-cache
    Cache-Control: no-store,no-cache,must-revalidate
    Pragma: no-cache
  • flag-ru
    GET
    https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /content/get/experiments/browser.proto?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 483902
    Content-Type: application/octet-stream
    Date: Mon, 20 Nov 2023 20:02:58 GMT
    Last-Modified: Mon, 20 Nov 2023 13:37:16 GMT
    X-Country: nl
    X-Seed-Signature: MEUCIQDqPNR6BLHLB5vs17Mw61KSaIhM2paDaIG55B+DL7wTaQIgdqPNDIXLjW3/wu0VQswo2Jo3TEG8IbO80Z6vkRI6iNg=
    X-Yandex-Req-Id: 1700510578835620-16587271441100267381-gjnw2g3mjzpgvb6o-BAL
  • flag-ru
    GET
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /ab/get?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 593471
    Content-Type: text/csv; charset=utf-8
    Date: Mon, 20 Nov 2023 20:02:59 GMT
    Etag: "bb5bf5c125f8e85676293bb539fe4ac0"
    Last-Modified: Mon, 20 Nov 2023 20:02:59 GMT
    X-Seed-Signature: MEUCIHuJH1bkm1ViG0zfHbtYzW6ldKiU34OlBx4sEpN4a0BCAiEAneQws+ULUpdls5nXuuAZ49Q/qcSjFtA8owM5UAVjqpE=
    X-Yandex-Req-Id: 1700510579410687-4078301363058514431-gjnw2g3mjzpgvb6o-BAL
  • flag-us
    DNS
    ext-cachev2-cogent03.cdn.yandex.net
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    8.8.8.8:53
    Request
    ext-cachev2-cogent03.cdn.yandex.net
    IN A
    Response
    ext-cachev2-cogent03.cdn.yandex.net
    IN A
    149.5.241.43
  • flag-fi
    GET
    https://ext-cachev2-cogent03.cdn.yandex.net/download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true&lid=1503
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    149.5.241.43:443
    Request
    GET /download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true&lid=1503 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: ext-cachev2-cogent03.cdn.yandex.net
    Cache-Control: no-cache
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 20 Nov 2023 20:02:59 GMT
    Content-Type: application/octet-stream
    Content-Length: 147528856
    Connection: keep-alive
    Etag: "3a6bbe19af05b72490b5410934777d66"
    Last-Modified: Tue, 14 Nov 2023 15:29:24 GMT
    X-Amz-Request-Id: 5cd87443a29c9420
    Access-Control-Allow-Origin: *
    X-Robots-Tag: noindex, noarchive, nofollow
    X-Strm-Log-Split: 9
    X_h: cachev2-kiv03.cdn.yandex.net
    X-Strm-Request-Id: 62b46d1c576ed9fc
    X-Request-Id: 62b46d1c576ed9fc
    Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
    NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
    Accept-Ranges: bytes
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-resolution=1280x720,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-resolution=1280x720,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Mon, 20 Nov 2023 20:03:00 GMT
    Set-Cookie: _yasc=+X/w4NzmAHLQk8975jhfDV03ykmjImuenyKfaznLqiOOOVM+nr6ZvW4tQOds4EJyp+s=; domain=.yandex.ru; path=/; expires=Thu, 17 Nov 2033 20:03:00 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1700510580968429-8033864736056295246-wgmayenxmrp6ikdn-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=started,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=started,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Mon, 20 Nov 2023 20:03:01 GMT
    Set-Cookie: _yasc=ZfiuWsf2jzQSfoOGaJXaBLwFs1XmxGWykwChqsmxqVq8e+5YFgZZ22M8xPWT8CGAHuk5; domain=.yandex.ru; path=/; expires=Thu, 17 Nov 2033 20:03:01 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1700510581205495-8009989550603466481-kike2h6kjzressla-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-downloaded_size=147528856,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-redirect=ext_cachev2_cogent03.cdn.yandex.net,-status=success,-testids=,-total_size=147528856,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fswitch%252Dbrand%252F23_9_5_659_51150%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=8186628901699886554/*
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-downloaded_size=147528856,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-redirect=ext_cachev2_cogent03.cdn.yandex.net,-status=success,-testids=,-total_size=147528856,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fswitch%252Dbrand%252F23_9_5_659_51150%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=8186628901699886554/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Mon, 20 Nov 2023 20:03:10 GMT
    Set-Cookie: _yasc=etWoVnMGWC6P2rQ2xCSzb3lDkPFMph6GAeQqw89CiMgkYMSQ4i9jOUo+rgzul8znCSs=; domain=.yandex.ru; path=/; expires=Thu, 17 Nov 2033 20:03:10 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1700510590800514-14048926227147554525-bxwrk2vfghgeubeo-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-download_time=12,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-new_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=finished,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-download_time=12,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-new_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=finished,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Mon, 20 Nov 2023 20:03:12 GMT
    Set-Cookie: _yasc=v/OqGsON5LzwtyzrIYSoa9BZe1Jl09d4AOM1+Fv28Dmf1K6l7Rz54ZFWieWjKiEiY/1t; domain=.yandex.ru; path=/; expires=Thu, 17 Nov 2033 20:03:12 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1700510592447880-11423706052706230490-p4m4fnhg6ryudxj2-BAL
  • 5.45.205.242:443
    https://download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    1.0kB
     4.7kB
     11
    12

    HTTP Request

    GET https://download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true

    HTTP Response

    302
  • 213.180.193.234:443
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    23.2kB
     1.1MB
     467
    818

    HTTP Request

    GET https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659

    HTTP Response

    200

    HTTP Request

    GET https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-brand&uid=FCCFAB3A-1150-4C68-9D61-D4CE74F81A16&version=23.9.5.659

    HTTP Response

    200
  • 149.5.241.43:443
    https://ext-cachev2-cogent03.cdn.yandex.net/download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true&lid=1503
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    3.7MB
     157.4MB
     70114
    112498

    HTTP Request

    GET https://ext-cachev2-cogent03.cdn.yandex.net/download.cdn.yandex.net/browser/switch-brand/23_9_5_659_51150/browser-setup.arc?from_installer=true&lid=1503

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-resolution=1280x720,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    1.4kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-resolution=1280x720,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=started,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    1.4kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=started,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-downloaded_size=147528856,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-redirect=ext_cachev2_cogent03.cdn.yandex.net,-status=success,-testids=,-total_size=147528856,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fswitch%252Dbrand%252F23_9_5_659_51150%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=8186628901699886554/*
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    1.7kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-downloaded_size=147528856,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-redirect=ext_cachev2_cogent03.cdn.yandex.net,-status=success,-testids=,-total_size=147528856,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fswitch%252Dbrand%252F23_9_5_659_51150%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=8186628901699886554/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-download_time=12,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-new_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=finished,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*
    tls, http
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    1.5kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=0699000051:SW_7c8c9097473f,-brand_id=yandex,-download_time=12,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.9.5.659,-new_ver=23.9.5.659,-old_style=0,-old_ver=,-partner_id=switch_brand,-stage=finished,-testids=,-ui=FCCFAB3A_1150_4C68_9D61_D4CE74F81A16,-yandex_uid=8186628901699886554/*

    HTTP Response

    200
  • 8.8.8.8:53
    download.cdn.yandex.net
    dns
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    69 B
     163 B
     1
    1

    DNS Request

    download.cdn.yandex.net

    DNS Response

    5.45.205.242
    5.45.205.243
    5.45.205.244
    5.45.205.245
    5.45.205.241

  • 8.8.8.8:53
    api.browser.yandex.ru
    dns
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    67 B
     83 B
     1
    1

    DNS Request

    api.browser.yandex.ru

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    api.browser.yandex.net
    dns
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    68 B
     84 B
     1
    1

    DNS Request

    api.browser.yandex.net

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    ext-cachev2-cogent03.cdn.yandex.net
    dns
    94500a91a6df089f9863386d1e16684301f47f43cf0b2c8eb11d07b6764ed478.exe
    81 B
     97 B
     1
    1

    DNS Request

    ext-cachev2-cogent03.cdn.yandex.net

    DNS Response

    149.5.241.43

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    49661a06bc0fcdc96633634e3c6ab744

    SHA1

    3dd31b51607cc8a724343b323b19115614d5ab73

    SHA256

    13267a23b0b95df37a5cc7589cfed0e6a6c609278ba447e51b1512c7fe3e26ce

    SHA512

    2da1a452fef57bfcaafafb6b466298a809af072493d6f35873f037d3c2ffcb273ee1610c52d7797dab6ed4158ee890bee6a2ec3bbc52c6ecfe53df4e156f4771

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ed00c4f477c85507fac0520c76067a0a

    SHA1

    d7516ca6c03950e9a6d1197f1f59b78f85fe5fdd

    SHA256

    79bc7681cb43e61af67479738a1fbbe61cd3e45aee4da88148bacc58e836eea5

    SHA512

    8c1a512b9451f722b8fb6bfd7643dd52d354e5860771b4dced00347f62d1d638bfce98f47291132738b579b8b2abc1eb5a17f2abf58ca529e6259b16d48b7072

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb454A.tmp
    Filesize

    140.7MB

    MD5

    3a6bbe19af05b72490b5410934777d66

    SHA1

    60abab13ccdc4595361c038524e0e930215bb09f

    SHA256

    2aca750337db0a3b960ba71080a4c2565cb09dbf739d358ca06982f50ff28a3f

    SHA512

    754e741e18772358a76bcdf54065f45ff33f49c9499ab9e8c7796362cd60c3a2db589b8477b7c105e64f8d9fdfc44eed4dc1112ec7c5f92a79f8d0c40bd64b94

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb454A.tmp
    Filesize

    140.7MB

    MD5

    3a6bbe19af05b72490b5410934777d66

    SHA1

    60abab13ccdc4595361c038524e0e930215bb09f

    SHA256

    2aca750337db0a3b960ba71080a4c2565cb09dbf739d358ca06982f50ff28a3f

    SHA512

    754e741e18772358a76bcdf54065f45ff33f49c9499ab9e8c7796362cd60c3a2db589b8477b7c105e64f8d9fdfc44eed4dc1112ec7c5f92a79f8d0c40bd64b94

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.