Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8246e45ab0...d2.exe

windows7-x64

8

8246e45ab0...d2.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 15:22 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

  • Size

    4.8MB

  • MD5

    4812e3629f2ac215f2524a1fc04d6668

  • SHA1

    cdaec3e5b0c6a585a7fb265c5a6dca411850ba97

  • SHA256

    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2

  • SHA512

    ba3f5b29e044fa1b369a69b620881c3cce841654c0b51e0039d67e65b5946c512da3b94e96a9a3f7712a75fc6415e007b2b7a7b87d78cd5868db75ad70649dbc

  • SSDEEP

    98304:bhIHjWibmorLobjYsfwXmKdzOJDb4v+Ylz:QWibmoay1wN0v+S

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    "C:\Users\Admin\AppData\Local\Temp\8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1268

Network

  • flag-us
    DNS
    download.cdn.yandex.net
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    8.8.8.8:53
    Request
    download.cdn.yandex.net
    IN A
    Response
    download.cdn.yandex.net
    IN CNAME
    cdn.yandex.net
    cdn.yandex.net
    IN A
    5.45.205.244
    cdn.yandex.net
    IN A
    5.45.205.245
    cdn.yandex.net
    IN A
    5.45.205.241
    cdn.yandex.net
    IN A
    5.45.205.242
    cdn.yandex.net
    IN A
    5.45.205.243
  • flag-us
    DNS
    api.browser.yandex.ru
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.ru
    IN A
    Response
    api.browser.yandex.ru
    IN A
    213.180.193.234
  • flag-us
    DNS
    api.browser.yandex.net
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.net
    IN A
    Response
    api.browser.yandex.net
    IN A
    213.180.193.234
  • flag-ru
    GET
    https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 492383
    Content-Type: application/octet-stream
    Date: Tue, 19 Dec 2023 15:22:47 GMT
    Last-Modified: Tue, 19 Dec 2023 14:21:27 GMT
    X-Country: gb
    X-Seed-Signature: MEUCIQCk3N5vKb7jPtae8yxncuV3Ma5T4wmQh7HZKU+DHlZVQQIgbutB9phi0yNF4vDJ9hlkacXJthQypjY/fqApkT3MCsk=
    X-Yandex-Req-Id: 1702999367790378-7153729812946032149-ivz3c4za7fbi25kw-BAL
  • flag-ru
    GET
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /ab/get?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 709067
    Content-Type: text/csv; charset=utf-8
    Date: Tue, 19 Dec 2023 15:22:48 GMT
    Etag: "3002ae6178ab9101c68875833786f70c"
    Last-Modified: Tue, 19 Dec 2023 15:22:48 GMT
    X-Seed-Signature: MEYCIQDs8iy5CFFUkiZJ2lxyCPc6S1d+mUISgImvCauMsh5cVAIhAPYWwnh5y0jCpz8zyxLnrxPnMecFMbdOhXQgLOTiyNGh
    X-Yandex-Req-Id: 1702999368371134-16559855075020921520-ivz3c4za7fbi25kw-BAL
  • flag-ru
    GET
    https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    5.45.205.244:443
    Request
    GET /browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: download.cdn.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 302 Found
    Server: nginx/1.17.9
    Date: Tue, 19 Dec 2023 15:22:47 GMT
    Content-Length: 0
    Connection: keep-alive
    Keep-Alive: timeout=5
    Location: https://cachev2-m9-1.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=94
    X-Request-Id: 1702999367724600-3872477927465937389
    X-Strm-Request-Id: 1702999367724600-3872477927465937389
    X_h: strm-cacto-production-9.sas.yp-c.yandex.net
    Expires: Thu, 01 Jan 1970 00:00:01 GMT
    Cache-Control: no-cache
    Cache-Control: no-store,no-cache,must-revalidate
    Pragma: no-cache
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Tue, 19 Dec 2023 15:22:47 GMT
    Set-Cookie: _yasc=M8tMsNgYN3FBGiPj6HxUQJ9YmGUuwshzMqfo8cUg0lwCWzh1GPg1yjGuHtFH9bZZOf3I; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:22:47 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1702999367789869-11315382840709658460-rxk7d6mxpwbrhz4e-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Tue, 19 Dec 2023 15:22:48 GMT
    Set-Cookie: _yasc=sefrThd8cvIfig/3O1aYq8g5Kx+NPhYp4lJXzgzikwuqT75d05NRANTBHodF+kX1jJg=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:22:48 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1702999368007695-509156651820688969-wqrd2dkq7h6rjy4b-BAL
  • flag-us
    DNS
    cachev2-m9-1.cdn.yandex.net
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-m9-1.cdn.yandex.net
    IN A
    Response
    cachev2-m9-1.cdn.yandex.net
    IN A
    37.9.111.204
  • flag-ru
    GET
    https://cachev2-m9-1.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=94
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    37.9.111.204:443
    Request
    GET /download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=94 HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser lite installer
    Host: cachev2-m9-1.cdn.yandex.net
    Cache-Control: no-cache
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Tue, 19 Dec 2023 15:22:48 GMT
    Content-Type: application/octet-stream
    Content-Length: 160760472
    Connection: keep-alive
    Etag: "0ae344ad942f4e3fc2589e0d7fad6f63"
    Last-Modified: Mon, 11 Dec 2023 09:09:12 GMT
    X-Amz-Request-Id: f136679989a57037
    Access-Control-Allow-Origin: *
    X-Robots-Tag: noindex, noarchive, nofollow
    X-Strm-Log-Split: 7
    X_h: cachev2-m9-1.cdn.yandex.net
    X-Strm-Request-Id: 961b7156f1492b03
    X-Request-Id: 961b7156f1492b03
    Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
    NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
    Accept-Ranges: bytes
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_m9_1.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_m9_1.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Tue, 19 Dec 2023 15:23:02 GMT
    Set-Cookie: _yasc=AWVfFC+nsb+b9iuh4ypi/UUERccMVMchNmb14jsWaL7gXGfj6ekCaFWGrl2bVGYTiXY=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:23:02 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1702999382672322-13960428343614859300-xr6pksy74e7rwhaw-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=15,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=15,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/* HTTP/1.1
    Accept: */*
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Tue, 19 Dec 2023 15:23:04 GMT
    Set-Cookie: _yasc=4lJKzqOO1nRUJE8k2zRKPP98wux+qEL5vT5uUmNXFGdCYGas2u3iqTsyw+kQMF9VY6k=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:23:04 GMT; secure
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1702999384569280-17176498138627435470-x3owdpw2letnvlxf-BAL
  • 213.180.193.234:443
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    32.9kB
     1.3MB
     660
    1011

    HTTP Request

    GET https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771

    HTTP Response

    200

    HTTP Request

    GET https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=1D24496D-5B2A-4E42-B5EE-94C147C7499A&version=23.11.2.771

    HTTP Response

    200
  • 5.45.205.244:443
    https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    1.1kB
     5.4kB
     13
    13

    HTTP Request

    GET https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true

    HTTP Response

    302
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    1.4kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    1.4kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*

    HTTP Response

    200
  • 37.9.111.204:443
    https://cachev2-m9-1.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=94
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    3.9MB
     100.9MB
     65150
    72275

    HTTP Request

    GET https://cachev2-m9-1.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=94

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_m9_1.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    1.7kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_m9_1.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=15,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*
    tls, http
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    1.5kB
     5.7kB
     11
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=15,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=1D24496D_5B2A_4E42_B5EE_94C147C7499A,-yandex_uid=6640029251700049316/*

    HTTP Response

    200
  • 8.8.8.8:53
    download.cdn.yandex.net
    dns
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    69 B
     163 B
     1
    1

    DNS Request

    download.cdn.yandex.net

    DNS Response

    5.45.205.244
    5.45.205.245
    5.45.205.241
    5.45.205.242
    5.45.205.243

  • 8.8.8.8:53
    api.browser.yandex.ru
    dns
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    67 B
     83 B
     1
    1

    DNS Request

    api.browser.yandex.ru

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    api.browser.yandex.net
    dns
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    68 B
     84 B
     1
    1

    DNS Request

    api.browser.yandex.net

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    cachev2-m9-1.cdn.yandex.net
    dns
    8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
    73 B
     89 B
     1
    1

    DNS Request

    cachev2-m9-1.cdn.yandex.net

    DNS Response

    37.9.111.204

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab409A.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    01571e478a39a584d84c9e802db32ea0

    SHA1

    d9e944f369dd429f9b41f8a21d7370c3e702ffbb

    SHA256

    d9fe26d2ad9aa4340a2e9f91d4f4c6e5c7364578c02e7604dc3ebe1f7c3f069b

    SHA512

    dc963761c6abbec1d63e51fde1ecf2d0ae243b1d630334a01bd0a5806fc55ecb291498a8a290a47f539a85ddeac5b3818becaa851a51d0fcfb744b5573c1dd6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    0d803e3d923876f7c0278d8a2f45e101

    SHA1

    271823b32e19f76ce8bcb7d099b106270ca5dc96

    SHA256

    b22815a32e2ef0389cb11281575637b63548c8262221b2b04cbee0de74e64dc4

    SHA512

    243a407c6b4fbef751df4f4a8c5bdab27933ee36024b0b4f31f369cbe003fd4680306c6dcbd1df0dc5e4257743ec8777d1a78055dc0893fb0d782ec915e2b5ec

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    7448ee776a2968850ce8e78774c15583

    SHA1

    935e0501095f8475ec3a6c87ac914a0a6e60d7c2

    SHA256

    824cdd9a0ebbe971ef9650ba442b8dde40fb1ab44c5ce18383fde17215ee01fa

    SHA512

    8721aa6baab02d0b7a3a8d486b0f21423fd27d91d63a58aa15affa2ddd7260e0b01adeceebd7462b2337e2ca1e779f853bb224b5399dcdfee9fc9aa46abc0d63

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3C45.tmp
    Filesize

    5.7MB

    MD5

    e7747cf5b8de62abbaa5c33e85f2dae1

    SHA1

    00313a0c16f3a04171ce36ffa6ca21d5867d7e38

    SHA256

    7ca81b6ad2324f2ac12f921eceda30a0595b2a72d6341ec12929203114393761

    SHA512

    f09f12b7540074be599ab7488515bfb6ae45c6906e84144d10a917eef71ae1cdd041abf6941f11b659a5e128b56e9791ea627bf6ddd9b21bd97a4ea4de831b04

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3C45.tmp
    Filesize

    7.8MB

    MD5

    7bc62aa47726b1a43b505b4fa02cec34

    SHA1

    bcd271f1fd93d6687eff31f9dd37e555057e8abd

    SHA256

    c1a907b07f72d3e5ad1b7bbc0bcb3919314b6c51bc6acfa1106134f959544002

    SHA512

    78c34f6af89892caf9a2d2eeaccb9a840264cf42999b03f54ebce7f2bf3cecfda761b4984e7b9aa2d35ee3fd9c5e3b66ed2279f14a871a73afbd375143dca16f

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.