8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2

Analysis

max time kernel
139s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/12/2023, 15:22 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
Size

4.8MB
MD5

4812e3629f2ac215f2524a1fc04d6668
SHA1

cdaec3e5b0c6a585a7fb265c5a6dca411850ba97
SHA256

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2
SHA512

ba3f5b29e044fa1b369a69b620881c3cce841654c0b51e0039d67e65b5946c512da3b94e96a9a3f7712a75fc6415e007b2b7a7b87d78cd5868db75ad70649dbc
SSDEEP

98304:bhIHjWibmorLobjYsfwXmKdzOJDb4v+Ylz:QWibmoay1wN0v+S

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4936	8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

C:\Users\Admin\AppData\Local\Temp\8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe
"C:\Users\Admin\AppData\Local\Temp\8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4936

Network

DNS

84.177.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.177.190.20.in-addr.arpa

IN PTR

Response
DNS

209.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.178.17.96.in-addr.arpa

IN PTR

Response

209.178.17.96.in-addr.arpa

IN PTR

a96-17-178-209deploystaticakamaitechnologiescom
DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR

Response
DNS

57.169.31.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.169.31.20.in-addr.arpa

IN PTR

Response
DNS

41.110.16.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.110.16.96.in-addr.arpa

IN PTR

Response

41.110.16.96.in-addr.arpa

IN PTR

a96-16-110-41deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

0.205.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.205.248.87.in-addr.arpa

IN PTR

Response

0.205.248.87.in-addr.arpa

IN PTR

https-87-248-205-0lgwllnwnet
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

api.browser.yandex.ru

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

8.8.8.8:53

Request

api.browser.yandex.ru

IN A

Response

api.browser.yandex.ru

IN A

213.180.193.234
DNS

download.cdn.yandex.net

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

8.8.8.8:53

Request

download.cdn.yandex.net

IN A

Response

download.cdn.yandex.net

IN CNAME

cdn.yandex.net

cdn.yandex.net

IN A

5.45.205.244

cdn.yandex.net

IN A

5.45.205.245

cdn.yandex.net

IN A

5.45.205.241

cdn.yandex.net

IN A

5.45.205.242

cdn.yandex.net

IN A

5.45.205.243
DNS

api.browser.yandex.net

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

8.8.8.8:53

Request

api.browser.yandex.net

IN A

Response

api.browser.yandex.net

IN A

213.180.193.234
GET

https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

5.45.205.244:443

Request

GET /browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser lite installer
Host: download.cdn.yandex.net
Cache-Control: no-cache

Response

HTTP/1.1 302 Found

Server: nginx/1.17.9
Date: Tue, 19 Dec 2023 15:24:38 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Location: https://cachev2-mar-42.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=26
X-Request-Id: 1702999478503551-17185865790352526976
X-Strm-Request-Id: 1702999478503551-17185865790352526976
X_h: strm-cacto-production-8.sas.yp-c.yandex.net
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Cache-Control: no-store,no-cache,must-revalidate
Pragma: no-cache
GET

https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771 HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser lite installer
Host: api.browser.yandex.net
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Length: 492383
Content-Type: application/octet-stream
Date: Tue, 19 Dec 2023 15:24:38 GMT
Last-Modified: Tue, 19 Dec 2023 14:21:27 GMT
X-Country: gb
X-Seed-Signature: MEUCIQCk3N5vKb7jPtae8yxncuV3Ma5T4wmQh7HZKU+DHlZVQQIgbutB9phi0yNF4vDJ9hlkacXJthQypjY/fqApkT3MCsk=
X-Yandex-Req-Id: 1702999478090181-17448675631396027924-vnt6q7n2ztobgctg-BAL
GET

https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /ab/get?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771 HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser lite installer
Host: api.browser.yandex.net
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Length: 709067
Content-Type: text/csv; charset=utf-8
Date: Tue, 19 Dec 2023 15:24:38 GMT
Etag: "3002ae6178ab9101c68875833786f70c"
Last-Modified: Tue, 19 Dec 2023 15:24:38 GMT
X-Seed-Signature: MEQCIHL2Mk6skV4axT0KFJEfVBTFEmRDYvPA/vaYonB3sXq+AiAbs7sp+96EtsM1z+kwCkOKbjTlR4Rc4KhKO1dNjfITIw==
X-Yandex-Req-Id: 1702999478920685-10803345767269857430-vnt6q7n2ztobgctg-BAL
GET

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/* HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser installer
Host: api.browser.yandex.ru
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Cache-Control: no-cache
Content-Length: 13
Content-Type: text/javascript
Date: Tue, 19 Dec 2023 15:24:38 GMT
Set-Cookie: _yasc=pmHCqR3IXTC++HVYowx/K+4fRqhFuvY++NuqzAJUMiZIow7kGODeZRmIgTmSMjR+Tr8=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:24:38 GMT; secure
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Yandex-Req-Id: 1702999478087359-11670630546297783058-zlj3fzyy5bqaqp2g-BAL
DNS

234.193.180.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.193.180.213.in-addr.arpa

IN PTR

Response

234.193.180.213.in-addr.arpa

IN PTR

apibrowseryandexnet
DNS

244.205.45.5.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.205.45.5.in-addr.arpa

IN PTR

Response

244.205.45.5.in-addr.arpa

IN PTR

cdnyandexnet
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
GET

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/* HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser installer
Host: api.browser.yandex.ru
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Cache-Control: no-cache
Content-Length: 13
Content-Type: text/javascript
Date: Tue, 19 Dec 2023 15:24:38 GMT
Set-Cookie: _yasc=F6i7cOh8A2QM0+rsU6n/Et8XmhiVU1+I6P9p1NNIeoEZ6NkSqtpzhCK2JLqR5KA08jU=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:24:38 GMT; secure
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Yandex-Req-Id: 1702999478547201-12184556180392253306-dcrjsvuzkuup6woi-BAL
DNS

cachev2-mar-42.cdn.yandex.net

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

8.8.8.8:53

Request

cachev2-mar-42.cdn.yandex.net

IN A

Response

cachev2-mar-42.cdn.yandex.net

IN A

37.9.116.23
GET

https://cachev2-mar-42.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=26

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

37.9.116.23:443

Request

GET /download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=26 HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser lite installer
Cache-Control: no-cache
Host: cachev2-mar-42.cdn.yandex.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: nginx
Date: Tue, 19 Dec 2023 15:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 160760472
Connection: keep-alive
Etag: "0ae344ad942f4e3fc2589e0d7fad6f63"
Last-Modified: Mon, 11 Dec 2023 09:09:12 GMT
X-Amz-Request-Id: 67ba5d7739f96d7f
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex, noarchive, nofollow
X-Strm-Log-Split: 6
X_h: cachev2-mar-42.cdn.yandex.net
X-Strm-Request-Id: c5b5a89f950dabc4
X-Request-Id: c5b5a89f950dabc4
Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Accept-Ranges: bytes
DNS

23.116.9.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.116.9.37.in-addr.arpa

IN PTR

Response

23.116.9.37.in-addr.arpa

IN PTR

cachev2-mar-42cdnyandexnet
GET

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_mar_42.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_mar_42.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/* HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser installer
Host: api.browser.yandex.ru
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Cache-Control: no-cache
Content-Length: 13
Content-Type: text/javascript
Date: Tue, 19 Dec 2023 15:24:57 GMT
Set-Cookie: _yasc=qk3p3rrhxZkKLinq0IacuM2FlWAhZ9lAuW6UWU4HVxXhsi6nQB+RUiScF8/kSE5tP2l8; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:24:57 GMT; secure
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Yandex-Req-Id: 1702999497156524-15136699866189571636-hwv32an4emfzyo62-BAL
DNS

181.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.178.17.96.in-addr.arpa

IN PTR

Response

181.178.17.96.in-addr.arpa

IN PTR

a96-17-178-181deploystaticakamaitechnologiescom
DNS

3.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.173.189.20.in-addr.arpa

IN PTR

Response
GET

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=54,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

Remote address:

213.180.193.234:443

Request

GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=54,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/* HTTP/1.1
Accept: */*
User-Agent: Yandex.Browser installer
Host: api.browser.yandex.ru
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Cache-Control: no-cache
Content-Length: 13
Content-Type: text/javascript
Date: Tue, 19 Dec 2023 15:25:18 GMT
Set-Cookie: _yasc=glcQ4yAEMQ2MSIFQ68/N9W4ZnRR/jDc3FCBa8N4sv0YjBWwW0rm5I6HDNDuW/kpH7to=; domain=.yandex.ru; path=/; expires=Fri, 16 Dec 2033 15:25:18 GMT; secure
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
X-Yandex-Req-Id: 1702999518276639-290129553070692709-ko5s546lgrpqmetg-BAL

20.231.121.79:80

104 B
2
5.45.205.244:443

https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

1.1kB
4.8kB
12
11

HTTP Request

GET https://download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true

HTTP Response

302
213.180.193.234:443

https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

47.6kB
1.3MB
1017
1013

HTTP Request

GET https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771

HTTP Response

200

HTTP Request

GET https://api.browser.yandex.net/ab/get?brand=yandex&partner=portal_uz&uid=96A8031E-712F-4F8D-BD7A-DEC323E4EBC4&version=23.11.2.771

HTTP Response

200
213.180.193.234:443

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

1.5kB
5.7kB
14
12

HTTP Request

GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-resolution=1280x720,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

HTTP Response

200
213.180.193.234:443

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

1.4kB
980 B
10
8

HTTP Request

GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=started,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

HTTP Response

200
37.9.116.23:443

https://cachev2-mar-42.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=26

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

6.1MB
165.8MB
118759
118697

HTTP Request

GET https://cachev2-mar-42.cdn.yandex.net/download.cdn.yandex.net/browser/portal_uz/23_11_2_771_52257/browser-setup.arc?from_installer=true&lid=26

HTTP Response

200
213.180.193.234:443

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_mar_42.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

1.7kB
980 B
10
8

HTTP Request

GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-downloaded_size=160760472,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-redirect=cachev2_mar_42.cdn.yandex.net,-status=success,-testids=,-total_size=160760472,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fportal_uz%252F23_11_2_771_52257%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6640029251700049316/*

HTTP Response

200
213.180.193.234:443

https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=54,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

tls, http

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

1.5kB
978 B
10
8

HTTP Request

GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:6581980c08498c46109c0239,-brand_id=yandex,-browser_present=none,-download_time=54,-install_type=normal,-installer_type=lite,-launched=false,-lite_ver=23.11.2.771,-new_ver=23.11.2.771,-old_style=0,-old_ver=,-partner_id=portal_uz,-stage=finished,-testids=,-ui=96A8031E_712F_4F8D_BD7A_DEC323E4EBC4,-yandex_uid=6640029251700049316/*

HTTP Response

200

8.8.8.8:53

84.177.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

84.177.190.20.in-addr.arpa
8.8.8.8:53

209.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

209.178.17.96.in-addr.arpa
8.8.8.8:53

9.228.82.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

9.228.82.20.in-addr.arpa
8.8.8.8:53

57.169.31.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

57.169.31.20.in-addr.arpa
8.8.8.8:53

41.110.16.96.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

41.110.16.96.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

0.205.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.205.248.87.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

download.cdn.yandex.net

dns

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

69 B
163 B
1
1

DNS Request

download.cdn.yandex.net

DNS Response

5.45.205.244

5.45.205.245

5.45.205.241

5.45.205.242

5.45.205.243
8.8.8.8:53

api.browser.yandex.ru

dns

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

67 B
83 B
1
1

DNS Request

api.browser.yandex.ru

DNS Response

213.180.193.234
8.8.8.8:53

api.browser.yandex.net

dns

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

68 B
84 B
1
1

DNS Request

api.browser.yandex.net

DNS Response

213.180.193.234
8.8.8.8:53

234.193.180.213.in-addr.arpa

dns

74 B
110 B
1
1

DNS Request

234.193.180.213.in-addr.arpa
8.8.8.8:53

244.205.45.5.in-addr.arpa

dns

71 B
99 B
1
1

DNS Request

244.205.45.5.in-addr.arpa
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

cachev2-mar-42.cdn.yandex.net

dns

8246e45ab00ef4bcd3f5f525684b656dcee2ad7c9642fc04eb07d897616f4bd2.exe

75 B
91 B
1
1

DNS Request

cachev2-mar-42.cdn.yandex.net

DNS Response

37.9.116.23
8.8.8.8:53

23.116.9.37.in-addr.arpa

dns

70 B
113 B
1
1

DNS Request

23.116.9.37.in-addr.arpa
8.8.8.8:53

181.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

181.178.17.96.in-addr.arpa
8.8.8.8:53

3.173.189.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

3.173.189.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
0e58e96ac9f0a8859625339fb97abd57

SHA1
9f440cfcd4374e73e712b8cceb94f11e8bb28aff

SHA256
7bee9f2bfffb26496bd3c8b347e9fb71a1c2729002103fb3b32f5be4497099e1

SHA512
1490061813f60ad5c138b8d2d4b3186cc4d8bffa582f743a3004f8830354035d9487ed2cc859cabe8031f0287ab5cd460e97bcce7dc2e169146bc398470e6085

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
6KB

MD5
b3011f97416932ba83d52ea982c14fbe

SHA1
4fb5e9b841a30800b86480b59d3e693e2e5bc4ef

SHA256
1c18f209b08e00d70fd46f933c2002e0c9271857f31691dc3fe418c2c2cffa44

SHA512
6515d7caec75aa105708d23693b8d35c2b370367dc25300a3d1f86727c3ca5e9c15ecb959ebc2f60eee2c1c892ec934f3ba2ea7942f3f117816970aa8284b2b8

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
a7eeab3db1193e2fe0565dddacdb08af

SHA1
6ed8095c56d5636e25ecd029c4916f6aabf6e818

SHA256
a746a64189f44976cabf05fd7c6ebc0480095e120bb7928fc87c190ea985fbc7

SHA512
69295bc0b1a3a430e997622469bff76959e1cb8c47005db10d9840a0388e190119f2aea7e2da361e77126bc7124c76d766d9fd64c2d4c3296803c806a0db8953

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.