Analysis Overview
Threat Level: Known bad
The file https://browser.yandex.com/ was found to be: Known bad.
Malicious Activity Summary
Modifies WinLogon for persistence
Boot or Logon Autostart Execution: Active Setup
Sets service image path in registry
Drops file in Drivers directory
Downloads MZ/PE file
Modifies RDP port number used by Windows
Checks computer location settings
Event Triggered Execution: Component Object Model Hijacking
Checks BIOS information in registry
Loads dropped DLL
Executes dropped EXE
UPX packed file
Reads user/profile data of web browsers
Impair Defenses: Safe Mode Boot
Enumerates connected drives
Checks whether UAC is enabled
Checks installed software on the system
Adds Run key to start application
Checks system information in the registry
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
Suspicious use of AdjustPrivilegeToken
Opens file in notepad (likely ransom note)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious behavior: LoadsDriver
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Runs regedit.exe
Checks SCSI registry key(s)
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy WMI provider
Suspicious behavior: EnumeratesProcesses
Modifies system certificate store
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Uses Task Scheduler COM API
Checks processor information in registry
Modifies data under HKEY_USERS
Modifies registry class
Script User-Agent
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-26 19:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-26 19:32
Reported
2024-06-26 20:05
Platform
win10v2004-20240611-en
Max time kernel
1241s
Max time network
1243s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} | C:\Windows\System32\ie4uinit.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\IsInstalled = "1" | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383} | C:\Windows\System32\ie4uinit.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\Locale = "*" | C:\Windows\System32\ie4uinit.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\Version = "11,1081,19041,0" | C:\Windows\System32\ie4uinit.exe | N/A |
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\Drivers\PROCEXP152.SYS | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
Modifies RDP port number used by Windows
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\mbamchameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\PROCEXP152\ImagePath = "\\??\\C:\\Windows\\system32\\Drivers\\PROCEXP152.SYS" | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService\ = "Service" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates connected drives
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8192se64.inf_amd64_167684f9283b4eca\net8192se64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1c63x64.inf_amd64_4d6630ce07a4fb42\netl1c63x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8185.inf_amd64_7a30f5a9441cd55b\net8185.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61A0.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\201DA8C72BE195AF55036D85719C6480 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\ipoib6x.inf_amd64_ef71073a5867971f\ipoib6x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netxex64.inf_amd64_ede00b448bfe8099\netxex64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netbc63a.inf_amd64_7ba6c9cea77dd549\netbc63a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlanu.inf_amd64_1815bafd14dc59f0\netrtwlanu.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61B1.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netelx.inf_amd64_7812e4e45c4a5eb1\netelx.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\nete1g3e.inf_amd64_af58b4e19562a3f9\nete1g3e.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netathrx.inf_amd64_220db23f5419ea8d\netathrx.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\201DA8C72BE195AF55036D85719C6480 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\nett4x64.inf_amd64_54eacac1858c78ab\nett4x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net44amd.inf_amd64_450d4b1e35cc8e0d\net44amd.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw04.inf_amd64_c8f5ae6576289a2d\netwtw04.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_EF6C9357BB54DDB629FD2D79F1594F95 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlans.inf_amd64_97cd1a72c2a7829c\netrtwlans.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net7400-x64-n650.inf_amd64_557ce3b37c3e0e3b\net7400-x64-n650.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.cat | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F7456FD78DEB390E51DB22FDEB14606 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netr28x.inf_amd64_5d63c7bcbf29107f\netr28x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netsstpa.inf_amd64_e76c5387d67e3fd6\netsstpa.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_56DB209C155B5A05FCBF555DF7E6D1BB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\48B35517638A85CA46010B026C2B955A_4301D087ABDD3CB96DA18A17FE4B3BEB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\SET61B1.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_D2F6556190F7B1A25A117FFB5467EEBD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwns64.inf_amd64_162bb49f925c6463\netwns64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\439F613B3D55693954E1B080DE3085B4_C4927E03400A4F6EDB9D613E6354F864 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D84E548583BE1EE7DB5A935821009D26_5B98B6CD6E69202676965CF5B0E2A7A7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrasa.inf_amd64_1bdf7a435cb3580d\netrasa.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw06.inf_amd64_2edd50e7a54d503b\netwtw06.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netjme.inf_amd64_752bf22f1598bb7e\netjme.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1} | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netg664.inf_amd64_84cd7b2798e0a666\netg664.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1e64.inf_amd64_8d5ca5ab1472fc44\netl1e64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_amd64_3294fc34256dbb0e\dc21x4vm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\repdrvfs.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_D2F6556190F7B1A25A117FFB5467EEBD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netk57a.inf_amd64_d823e3edc27ae17c\netk57a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_10CFC0D4C45D2E76B7EA49C8C22BEDFE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\Amsi.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netbxnda.inf_amd64_1fff3bc87a99b0f1\netbxnda.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\rt640x64.inf_amd64_8984d8483eef476c\rt640x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\w3kwab.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.sys | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_0A36A03C09DCEEA388C024E3D20B14B7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\drvstore.tmp | C:\Windows\system32\DrvInst.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Security.Principal.Windows.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Prism.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\System.Xaml.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\PresentationCore.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\PresentationFramework.Aero2.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Runtime.Intrinsics.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Text.Encoding.Extensions.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\cs\UIAutomationProvider.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\de\System.Windows.Forms.Primitives.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ko\Microsoft.VisualBasic.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\Microsoft.VisualBasic.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\ReachFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-rtlsupport-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.IO.Pipes.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Text.Encodings.Web.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbtun.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mwac.inf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-processenvironment-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hans\System.Windows.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\it\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pl\System.Xaml.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\System.Xaml.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\WindowsBase.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.Win32.Registry.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Transactions.Local.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Web.HttpUtility.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Threading.Thread.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\fr\PresentationUI.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnel_wireguard.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBAMCore.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Tray.deps.json | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-fibers-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Diagnostics.StackTrace.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Security.AccessControl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\it\System.Xaml.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ja\UIAutomationProvider.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ru\System.Windows.Input.Manipulations.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ru\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hant\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\Microsoft.VisualBasic.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\es\PresentationCore.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\fr\PresentationCore.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\ko\PresentationUI.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\System.Windows.Forms.Design.Editors.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.VisualBasic.Core.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Transactions.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\ucrtbase.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\cs\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamUI.Services.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\System.Text.Encodings.Web.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\Microsoft.NETCore.App.runtimeconfig.json | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Globalization.Extensions.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Net.Ping.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\Microsoft.VisualBasic.Forms.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-core-handle-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\System.Reflection.Emit.Lightweight.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\pt-BR\System.Windows.Controls.Ribbon.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.28\zh-Hans\WindowsBase.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\System.Diagnostics.EventLog.Messages.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.28\api-ms-win-crt-private-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.pnf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe | N/A |
| File created | C:\Windows\rescache\_merged\2229298842\1848681917.pri | C:\Windows\system32\LogonUI.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe | N/A |
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\regedit.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\regedit.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceDesc | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000\Control | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\DeviceDesc | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0014 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\Control | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\LowerFilters | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000\LogConf | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Phantom | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005 | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0005\ | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \Registry\Machine\Hardware\Description\System\CentralProcessor | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key enumerated | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\FeatureSet | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\FeatureSet | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\Identifier | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\VendorIdentifier | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Malwarebytes.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\BrowserEmulation\CVListTTL = "0" | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Capabilities\Hidden = "0" | C:\Windows\System32\ie4uinit.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Capabilities | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Software\Microsoft\Internet Explorer\BrowserEmulation | C:\Windows\System32\ie4uinit.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\SOFTWARE\Microsoft\Internet Explorer\Main\OperationalData = "12" | C:\Windows\System32\ie4uinit.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-20\Software | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes\FirstRun = "false" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-20\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0C4652FC-FA35-4394-A133-F68409776465} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9F0067A5-A8F1-46BF-AA32-F418656FDE6F}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8C842243-BDAD-4A93-B282-93E3FCBC1CA4}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2A153977-1A37-4EF7-9226-9E128FA51AE1}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D88AC9B4-2BC3-4215-9547-4F05743AE67B}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexJS.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FA1D4FDD-C9C8-4575-A2A1-4179C3A3473D}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{557ADCF9-0496-46F6-A580-FF8EC1441050}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{53260A87-5F77-4449-95F1-77A210A2A6D8}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexXML.TNI4X5EMNWWMEECFE3V3XDRYPY\Application | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{964AD404-A1EF-4EDA-B8FA-1D8003B29B10}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\xhtmlfile\shell\open\command | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\iexplore.exe\shell\open | C:\Windows\System32\ie4uinit.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{55D0C28B-2BF3-4230-B48D-DB2C2D7BF6F8}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{09F245DA-55E7-451E-BDF3-4EE44637DFF1}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1E3F0FEC-3E40-4137-8C7D-090AFA9B6C5E} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4163399F-AB08-4E5E-BE28-6B9440393AD3}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1A173904-D20F-4872-93D5-CBC1336AE0D6}\ = "_IRTPControllerEventsV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2DEBAD4E-3BAF-44F0-9150-BCCCC3801CF9} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexPDF.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\.xht\OpenWithProgids\YandexHTML.TNI4X5EMNWWMEECFE3V3XDRYPY | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.CloudController.1\CLSID | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6357A98F-CE03-4C67-9410-00907FB21BC7}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D10B0F61-43AA-40F4-9C6C-57D29CA8544E}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController.1 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController\CurVer\ = "MB.LicenseController.1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2FB37514-21FA-4B2C-94DA-1562126E9F5F}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5BA2811A-EE5B-44DF-81CD-C75BB11A82D4}\ = "IAEControllerEventsV4" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5D448EF3-7261-4C0C-909C-6D56043C259D} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexHTML.TNI4X5EMNWWMEECFE3V3XDRYPY\Application\AppUserModelId = "Yandex.TNI4X5EMNWWMEECFE3V3XDRYPY" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\yabrowser\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.LicenseController.1\CLSID | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{90A62FAD-6FA9-4454-8CEE-7EDF67437226}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{62A3C5F3-503F-4205-A044-5EA683BEDABE}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{960F2BB5-E954-45C5-97DF-A770D9D8C24B}\ = "IScanParametersV9" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CE7ABFE9-8F8F-4EDD-86BD-9209FD072126}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F5BCAC7E-75E7-4971-B3F3-B197A510F495}\1.0\0\win64\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\\4" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{81701AB9-0B9C-49FE-9C79-C3C4DCA91E7B}\TypeLib\ = "{A82129F1-32E1-4D79-A39F-EBFEE53A70BF}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{638A43D2-5475-424B-87B8-042109D7768F}\ = "_IUpdateControllerEvents" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D7A05281-DB9E-4E02-9680-E4D83CDAA6AB}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D8258E71-3A7A-4D9D-85BB-C7999F95B7E4}\TypeLib\ = "{2446F405-83F0-460F-B837-F04540BB330C}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{31BF2366-C6DB-49F1-96A5-8026B9DF4152}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{983849D5-BFE9-43E9-A9A0-CBAFBC917F39}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F418F2F6-5173-4E4F-80EF-AF21E516C461}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{106E3995-72F9-458A-A317-9AFF9E45A1F0}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FB81F893-5D01-4DFD-98E1-3A6CB9C3E63E}\ = "IMWACControllerV12" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6724C143-DE69-4A93-80ED-19B75DD2AA99}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B42C0E8E-5C9D-46B7-AAED-2294C6566DC0}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A0EB1521-C843-47D5-88D2-5449A2F5F40B}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{FFB94DF8-FC15-411C-B443-E937085E2AC1}\1.0\ = "RTPControllerCOMLib" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B1D8E799-D5A2-45B4-9524-067144A201E4}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BADF77CD-ECCE-4B36-88FF-6A2804FFE307}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1691A7E8-B8D1-46D5-BB29-3A4DB2D809C6}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2FB37514-21FA-4B2C-94DA-1562126E9F5F}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E230930A-6CC2-4B9D-8CE1-03F86A8EDA05}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ABC1D1AF-23ED-4483-BDA4-90BCC21DFBDB}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4E0F1EE6-E7CA-4BEE-8C08-0959842DA615} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\YandexCSS.TNI4X5EMNWWMEECFE3V3XDRYPY\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{783B187E-360F-419C-B6DA-592892764A01}\1.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{61964EBA-D9C0-4834-B01C-A6133F432BB1} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 040000000100000010000000cb17e431673ee209fe455793f30afa1c0f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c953000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030109000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df1400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331330b000000010000001200000056006500720069005300690067006e0000001d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3617e000000010000000800000000c0032f2df8d6016800000001000000000000000300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e5190000000100000010000000d8b5fb368468620275d142ffd2aade372000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd0300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd17e00000001000000080000000080c82b6886d7017a000000010000000c000000300a06082b060105050703091d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a07f0000000100000016000000301406082b0601050507030306082b060105050703096200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf690b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520036000000090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff1200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 040000000100000010000000324a4bbbc863699bbe749ac6dd1d46240f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a190000000100000010000000fd960962ac6938e0d4b0769aa1a64e262000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f1030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2090000000100000016000000301406082b0601050507030306082b060105050703086200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e12700b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000000f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d0030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d578112861900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 5c000000010000000400000000080000190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e76200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb65809000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e650040000000100000010000000324a4bbbc863699bbe749ac6dd1d46242000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0400000001000000100000001d3554048578b03f42424dbf20730a3f0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186819000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 5c000000010000000400000000100000190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd0300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd17e00000001000000080000000080c82b6886d7017a000000010000000c000000300a06082b060105050703091d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a07f0000000100000016000000301406082b0601050507030306082b060105050703096200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf690b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520036000000090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff10400000001000000100000004fdd07e4d42264391e0c3742ead1c6ae200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa20f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e349040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 5c000000010000000400000000080000190000000100000010000000d8b5fb368468620275d142ffd2aade370300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e56800000001000000000000007e000000010000000800000000c0032f2df8d6011d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3610b000000010000001200000056006500720069005300690067006e0000001400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331336200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df09000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703017f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c9040000000100000010000000cb17e431673ee209fe455793f30afa1c2000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD\Blob = 0300000001000000140000001c58a3a8518e8759bf075b76b750d4f2df264fcd2000000001000000c2040000308204be308203a6a003020102021006d8d904d5584346f68a2fa754227ec4300d06092a864886f70d01010b05003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3231303431343030303030305a170d3331303431333233353935395a304f310b300906035504061302555331153013060355040a130c446967694365727420496e633129302706035504031320446967694365727420544c53205253412053484132353620323032302043413130820122300d06092a864886f70d01010105000382010f003082010a0282010100c14bb3654770bcdd4f58dbec9cedc366e51f311354ad4a66461f2c0aec6407e52edcdcb90a20eddfe3c4d09e9aa97a1d8288e51156db1e9f58c251e72c340d2ed292e156cbf1795fb3bb87ca25037b9a52416610604f571349f0e8376783dfe7d34b674c2251a6df0e9910ed57517426e27dc7ca622e131b7f238825536fc13458008b84fff8bea75849227b96ada2889b15bca07cdfe951a8d5b0ed37e236b4824b62b5499aecc767d6e33ef5e3d6125e44f1bf71427d58840380b18101faf9ca32bbb48e278727c52b74d4a8d697dec364f9cace53a256bc78178e490329aefb494fa415b9cef25c19576d6b79a72ba2272013b5d03d40d321300793ea99f50203010001a38201823082017e30120603551d130101ff040830060101ff020100301d0603551d0e04160414b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304006082b060105050730028634687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63727430420603551d1f043b30393037a035a0338631687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63726c303d0603551d2004363034300b06096086480186fd6c02013007060567810c01013008060667810c0102013008060667810c0102023008060667810c010203300d06092a864886f70d01010b050003820101008032ce5e0bdd6e5a0d0aafe1d684cbc08efa8570edda5db30cf72b7540fe850afaf33178b7704b1a8958ba80bdf36b1de97ecf0bba589c59d490d3fd6cfdd0986db771825bcf6d0b5a09d07bdec443d82aa4de9e41265fbb8f99cbddaee1a86f9f87fe74b71f1b20abb14fc6f5675d5d9b3ce9ff69f7616cd6d9f3fd36c6ab038876d24b2e7586e3fcd8557d26c21177df3e02b67cf3ab7b7a86366fb8f7d89371cf86df7330fa7babed2a59c842843b11171a52f3c90e147da25b7267ba71ed574766c5b8024a65345e8bd02a3c209c51994ce7529ef76b112b0d927e1de88aeb36164387ea2a63bf753febdec403bb0a3cf730efebaf4cfc8b3610733ef3a4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 0400000001000000100000004fdd07e4d42264391e0c3742ead1c6ae0f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff153000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d0020005200360000006200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf697f0000000100000016000000301406082b0601050507030306082b06010505070309140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a01d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef7a000000010000000c000000300a06082b060105050703097e00000001000000080000000080c82b6886d7010300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd1190000000100000010000000cb9dd0fceaaa492f75ce292c21bbfbdd200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 0f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e0b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000006200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e1270090000000100000016000000301406082b0601050507030306082b06010505070308140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 19000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf50f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e0b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000006200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e1270090000000100000016000000301406082b0601050507030306082b06010505070308140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 1900000001000000100000009f687581f7ef744ecfc12b9cee6238f1030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa21d0000000100000010000000e78921f81cea4d4105d2b5f4afae0c78140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2090000000100000016000000301406082b0601050507030306082b060105050703086200000001000000200000005367f20c7ade0e2bca790915056d086b720c33c1fa2a2661acf787e3292e12700b00000001000000800000004d006900630072006f0073006f006600740020004900640065006e007400690074007900200056006500720069006600690063006100740069006f006e00200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f0072006900740079002000320030003200300000000f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e2000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C\Blob = 0300000001000000140000002ad974a775f73cbdbbd8f5ac3a49255fa8fb1f8c2000000001000000620400003082045e30820346a0030201020213077312380b9d6688a33b1ed9bf9ccda68e0e0f300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3232303832333232323132385a170d3330303832333232323132385a303c310b3009060355040613025553310f300d060355040a1306416d617a6f6e311c301a06035504031313416d617a6f6e205253412032303438204d303130820122300d06092a864886f70d01010105000382010f003082010a0282010100eb712ca9cb1f8828923230af8a570f78b73725955587ac675c97d322c8daa214676b7cf067dae2032ab356125dc6b547f96708a7937a9592180fb4f9f910369a7f2f80b64fba134ec75d531ee0dd96330720d396bc12e4745042a1051373b54f9b4424fe2d7fedbc2285ec362133977506ce271882dce3d9c582078d5e26012626671fd93f13cf32ba6bad7864fcaaff0e023c07df9c0578728cfdea75b7032884dae86e078cd05085ef8154b2716eec6d62ef8f94c35ee9c4a4d091c02e249198caeeba258ed4f671b6fb5b6b38064837478d86dcf2ea06fb76377d9eff424e4d588293cfe271c278b17aab4b5b94378881e4d9af24aef872c565fb4bb451e70203010001a382015a3082015630120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d0e0416041481b80e638a891218e5fa3b3b50959fe6e5901385301f0603551d230418301680148418cc8534ecbc0c94942e08599cc7b2104e0a08307b06082b06010505070101046f306d302f06082b060105050730018623687474703a2f2f6f6373702e726f6f746361312e616d617a6f6e74727573742e636f6d303a06082b06010505073002862e687474703a2f2f6372742e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e636572303f0603551d1f043830363034a032a030862e687474703a2f2f63726c2e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e63726c30130603551d20040c300a3008060667810c010201300d06092a864886f70d01010b05000382010100ad00de0205232e063262b46bb19416e41140de2bfa59c135efe0aa8f2b41b9d1f38739001df23db5a7470c0606c691f3075702d4edbd17c1909abf4875a2074f30dd4a6a42b50d3d15c00ffe845bc63c99cc5752b1d86e12d59692934b94e507e88982086a7a34d49e64e13d876a92909a63a14bf88fb6ea34d305be20c2de06e28c9f738b9f4d3985cace19369d85c99ec9f8503fb67e88a1efca84068b50b40a5ca61c44f1fdc8614060f26125aa07f4c7c27375e40c0b428d04e55f4448995b7b898196a7889d4b0d62e804c4d7feb4e8b26dcaecc01cbc385b1ddf85ce5b7ae3494b6cb9a7ddf405b249ade1c5146bc2ccebcd7fd65869bac3207e7fb0b8 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 5c00000001000000040000000008000019000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b0400000001000000100000001d3554048578b03f42424dbf20730a3f20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1\Blob = 0f0000000100000030000000ea09c51d4c3a334ce4acd2bc08c6a9be352e334f45c4fccfcab63edb9f82dc87d4bd2ed2fadae11163fb954809984ff153000000010000007e000000307c301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301f06092b06010401a032010230123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000056000000305406082b0601050507030206082b06010505070303060a2b0601040182370a030c060a2b0601040182370a030406082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d0020005200360000006200000001000000200000002cabeafe37d06ca22aba7391c0033d25982952c453647349763a3ab5ad6ccf697f0000000100000016000000301406082b0601050507030306082b06010505070309140000000100000014000000ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a01d0000000100000010000000521f5c98970d19a8e515ef6eeb6d48ef7a000000010000000c000000300a06082b060105050703097e00000001000000080000000080c82b6886d7010300000001000000140000008094640eb5a7a1ca119c1fddd59f810263a7fbd1200000000100000087050000308205833082036ba003020102020e45e6bb038333c3856548e6ff4551300d06092a864886f70d01010c0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3134313231303030303030305a170d3334313231303030303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523631133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820222300d06092a864886f70d01010105000382020f003082020a02820201009507e873ca66f9ec14ca7b3cf70d08f1b4450b2c82b448c6eb5b3cae83b841923314a46f7fe92accc6b0886bc5b689d1c6b2ff14ce511421ec4add1b5ac6d687ee4d3a1506ed64660b9280ca44de73944ef3a7897f4f786308c812506d42662f4db979284d521a8a1a80b719810e7ec48abc644c211c4368d73d3c8ac5b266d5909ab73106c5bee26d3206a61ef9b9ebaaa3b8bfbe826350d0f01889dfe40f79f5eaa21f2ad2702e7be7bc93bb6d53e2487c8c100738ff66b277617ee0ea8c3caab4a4f6f3954a12076dfd8cb289cfd0a06177c85874b0d4233af75d3acaa2db9d09de5d442d90f181cd5792fa7ebc50046334df6b9318be6b36b239e4ac2436b7f0efb61c135793b6deb2f8e285b773a2b835aa45f2e09d36a16f548af172566e2e88c55142441594eea3c538969b4e4e5a0b47f30636497730bc7137e5a6ec210875fce661163f77d5d99197840a6cd4024d74c014edfd39fb83f25e14a104b00be9feee8fe16e0bb208b36166096ab1063a659659c0f035fdc9da288d1a118770810aa89a751d9e3a8605009edb80d625f9dc059e27594c76395beaf9a5a1d8830fd1ffdf3011f985cf3348f5ca6d64142c7a584fd34b0849c595641a630e793df5b38cca58ad9c4245796e0e87195c54b165b6bf8c9bdc13e90d6fb82edc676ec98b11b584148a0019708379919791d41a27bf371e3207d814633c284caf0203010001a3633061300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0301f0603551d23041830168014ae6c05a39313e2a2e7e2d71cd6c7f07fc86753a0300d06092a864886f70d01010c050003820201008325ede8d1fd9552cd9ec004a09169e65cd084dedcada24fe84778d66598a95ba83c877c028ad16eb71673e65fc05498d574bec1cde21191ad23183ddde1724496b4955ec07b8e99781643135657b3a2b33bb577dc4072aca3eb9b353eb10821a1e7c443377932beb5e79c2c4cbc4329998e30d3ac21e0e31dfad80733765400222ab94d202e7068dae553fc835cd39df2ff440c4466f2d2e3bd46001a6d02ba255d8da13151dd54461c4ddb9996ef1a1c045ca615ef78e079fe5ddb3eaa4c55fd9a15a96fe1a6fbdf7030e9c3ee4246edc2930589fa7d637b3fd071817c00e898ae0e7834c325fbaf0a9f206bdd3b138f128ce2411a487a73a07769c7b65c7f82c81efe581b282ba86cad5e6dc005d27bb7eb80fe2537fe029b68ac425dc3eef5ccdcf05075d236699ce67b04df6e0669b6de0a09485987eb7b14607a64aa6943ef91c74cec18dd6cef532d8c99e15ef2723ecf54c8bd67eca40f4c45ffd3b93023074c8f10bf8696d9995ab499571ca4ccbb158953ba2c050fe4c49e19b11834d54c9dbaedf71faf24950478a803bbee81e5da5f7c8b4aa1907425a7b33e4bc82c56bdc7c8ef38e25c92f079f79c84ba742d6101207e7ed1f24f07595f8b2d4352eb460c94e1f566477977d5545b1fad2437cb455a4ea04448c8d8b099c5158409f6d64949c065b8e61a716ea0a8f182e8453e6cd602d70a6783055ac9a410 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186820000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Runs regedit.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\regedit.exe | N/A |
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\adwcleaner.exe | N/A |
| N/A | N/A | C:\Windows\regedit.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\procexp64.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://browser.yandex.com/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d620ab58,0x7ff9d620ab68,0x7ff9d620ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4332 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1420,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4372 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1556 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4988 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5004 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5284 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5224 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:8
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe" --parent-installer-process-id=5516 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp\" --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp\" --verbose-logging"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3480 --field-trial-handle=1892,i,4107128749005162470,8340231109988645044,131072 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\yb79CA.tmp
"C:\Users\Admin\AppData\Local\Temp\yb79CA.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\399e5216-4e9e-496d-bcba-54c169e97144.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=603426436 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=603018327 --progress-window=458856 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\981e33ce-1ebc-461c-a68f-fd0e2ead0d56.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\1547f616-5574-40ff-b84f-1861c95051e5.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=621053964
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5668 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x23c,0x294,0x7ff6d858d688,0x7ff6d858d694,0x7ff6d858d6a0
C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe
"C:\Windows\TEMP\sdwra_5668_572777290\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5144 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x20c,0x210,0x214,0x1e8,0x218,0x7ff7f0f08aa0,0x7ff7f0f08aac,0x7ff7f0f08ab8
C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.6.1.766\service_update.exe" --update-background-scheduler
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe
"C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\Temp\scoped_dir5668_365155830\explorer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5612 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x7ff635dad688,0x7ff635dad694,0x7ff635dad6a0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source5668_2027215247\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=458856 --ok-button-pressed-time=603018327 --install-start-time-no-uac=603426436
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=2612 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x13c,0x140,0x144,0x118,0x148,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=2240,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2088,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2376 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2636,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2668 --brver=24.6.1.766 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Storage Service" --field-trial-handle=2808,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3092 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3244,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Audio Service" --field-trial-handle=3456,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3488 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Video Capture" --field-trial-handle=3464,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3512 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=4160,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4184 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4524,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4520 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Profile Importer" --field-trial-handle=5164,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5176 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7064 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff6883dd688,0x7ff6883dd694,0x7ff6883dd6a0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1712,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=3884 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5412,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5424 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4484,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5312 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5800,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4852 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5872,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6128,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5852 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6280,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6168 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6120,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6124 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=6596,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6736 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=6768,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6780 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=5216,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6740 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6956,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6952 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6924,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6740 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=3280,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4708 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6808,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5924 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7088,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7104 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7092,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7256 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7400,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7420 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7404,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7560 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7704,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7708 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7736,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7864 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8008,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8024 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8160,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8172 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8164,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8328 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8316,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8476 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8512,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8636 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8644,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8780 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8804,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8932 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=8956,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9092 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9232,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9248 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9384,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9392 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9432,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9552 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9428,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9576 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9840,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9856 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9864,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10008 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9984,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9844 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater --broupdater-origin=auto --bits_job_guid={FD17C2FC-A0AE-4B50-BB89-B0B74881AECB}
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=1 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=5912 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=micromode=broupdater --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2356,i,10525820128065667569,4715874121738457172,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2352 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2084,i,10525820128065667569,4715874121738457172,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2396 --brver=24.6.1.766 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=1044,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5952 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=9936,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6936 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=install --bits_job_guid={2A6CCDD8-41FE-4180-AD0B-512730B53D88}
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=2 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=4380 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2332,i,3512179273608981091,12599438969218374592,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2328 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2220,i,3512179273608981091,12599438969218374592,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2364 --brver=24.6.1.766 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5440,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5460 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5528,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10036 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={A358220A-E71A-46C6-AF74-6980BF1CE957}
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=3 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=8128 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=2328,i,11947471634704334533,16395763992577357260,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2316 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=2256,i,11947471634704334533,16395763992577357260,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2484 --brver=24.6.1.766 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=1132,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1140 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8772,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6124 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=4148,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4924 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10136,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10036 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1144,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7696 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=5428,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8312 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1120,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9372 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8148,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7720 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=6416,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7720 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=1072,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=5480,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8636 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=5788,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8768 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=9584,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8000 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8000,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7688 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=7080,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9644 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=info-collection --field-trial-handle=6904,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=756 --enable-elf-protection /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=7616,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7624 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=1368,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7044 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=spell_checker.mojom.SpellChecker --lang=en-US --service-sandbox-type=utility --utility-enable-offline-spellchecker --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Spell checker" --field-trial-handle=3472,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9312 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=6696,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6564 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9332,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4620 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9796,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1284 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=6988,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9184 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=8348,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8340 --brver=24.6.1.766 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9248,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9004 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\Downloads\adwcleaner.exe
"C:\Users\Admin\Downloads\adwcleaner.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9764,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7208 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9236,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9016 --brver=24.6.1.766 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000148" "Service-0x0-3e7$\Default" "0000000000000158" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7208,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7220 --brver=24.6.1.766 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9008,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9788 --brver=24.6.1.766 /prefetch:8
C:\Windows\regedit.exe
"C:\Windows\regedit.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9208,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8548 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=3248,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8592 --brver=24.6.1.766 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=6608,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8548 --brver=24.6.1.766 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe
"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1396,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4176 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7024,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8984 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7116,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7012 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7632,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9020 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=8836,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9772 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=9180,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8344 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=4256,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2640 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=9112,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9264 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=6820,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=8432,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7948 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=5996,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3284 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9104,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7212 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6288,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8196 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=9960,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9752 --brver=24.6.1.766 /prefetch:8
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=4240,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8556 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6232,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6508 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=6632,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5280 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5768,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3236 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=8196,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=752 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9140,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4224 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=7244,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1284 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5948,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6864 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=8992,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=6892,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3296 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8840,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9772 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=6496,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1204 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=9640,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6880 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=8776,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8616 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=spell_checker.mojom.SpellChecker --lang=en-US --service-sandbox-type=utility --utility-enable-offline-spellchecker --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Spell checker" --field-trial-handle=7856,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8472 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=6220,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9292 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=6784,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9192 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7032,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9376 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=7800,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9996 --brver=24.6.1.766 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\Malwarebytes Scan Report 2024-06-26 195153.txt
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=7752,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5736 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=10228,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9380 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=10188,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10176 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=9356,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1068 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=6532,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8400 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=10180,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8612 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=8572,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3304 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=qr_code.mojom.QRCodeService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="QR code service" --field-trial-handle=4328,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6508 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=file_rating.mojom.FileRating --lang=en-US --service-sandbox-type=utility --utility-enable-file-rating --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="File Rating Service" --field-trial-handle=5272,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10160 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=7556,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8620 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Quarantine Service" --field-trial-handle=7708,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7104 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8616,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9292 --brver=24.6.1.766 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=10216,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8256 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe
"C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe"
C:\Users\Admin\AppData\Local\Temp\procexp64.exe
"C:\Users\Admin\Desktop\ProcessExplorer\procexp.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7324,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=9120 --brver=24.6.1.766 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\browser.DMP
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" https://www.virustotal.com/about/terms-of-service
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=4 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=8120 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=6544,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8564 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=3292,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8400 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=8516,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6832 --brver=24.6.1.766 /prefetch:8
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=9144,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=276 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --yagp --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=6460,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3256 /prefetch:1
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9312,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6884 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5476,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4636 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9696,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7612 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=4296,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8428 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=9388,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8284 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=deep_links_provider.mojom.DeepLinksProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="DeepLinks service" --field-trial-handle=9196,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=10204 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=hips_info_provider.mojom.HipsInfoProvider --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=hips_info_provider.mojom.HipsInfoProvider --field-trial-handle=8480,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6888 --brver=24.6.1.766 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap4597:368:7zEvent20226 -tzip -sae -- "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\YandexBrowser.zip"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=10004,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=8620 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=7352,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=7364 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Unzip Service" --field-trial-handle=8760,i,4037900294966922817,4614310723747242334,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6748 --brver=24.6.1.766 /prefetch:8
C:\Windows\System32\control.exe
"C:\Windows\System32\control.exe" "C:\Windows\System32\appwiz.cpl",
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL "C:\Windows\System32\appwiz.cpl",
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe"
C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe" -nosurvey -uninstall
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /uninstall
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Unregserver
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /uninstallmbtun
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "5" "2" "C:\Windows\System32\DriverStore\FileRepository\mbtun.inf_amd64_add82795013a7c3b\mbtun.inf" "0" "48643ea57" "0000000000000150" "Service-0x0-3e7$\Default"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --single-argument https://links.malwarebytes.com/link/uninstalled?days_since_install=0&prodVer=5.1.5.116&prodCode=MBAM-C&lang=en-US
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=4 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=4372 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --gpu-process-kind=sandboxed --field-trial-handle=2032,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2028 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=1668,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=1912,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2260 --brver=24.6.1.766 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Storage Service" --field-trial-handle=2472,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2584 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4016,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4012 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --allow-prefetch --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4464,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --ya-custo-process --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4600,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4596 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5112,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5044 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5020,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Windows Utilities" --field-trial-handle=5652,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5672 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=5664,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5752 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Data Decoder Service" --field-trial-handle=2808,i,14547252885995929805,9862474483749418892,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4992 --brver=24.6.1.766 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --uninstall --verbose-logging
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe" --uninstall --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=1711875625
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7176 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x7ff6883dd688,0x7ff6883dd694,0x7ff6883dd6a0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --uninstall
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1719431247 --annotation=last_update_date=1719431247 --annotation=launches_after_update=2 --annotation=machine_id=e7ae39fa5eee477481dc83ee66f9242b --annotation=main_process_pid=7800 --annotation=metrics_client_id=3163fe5b9fd848b2ba8b5401499fce78 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.6.1.766 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff9c325bf90,0x7ff9c325bf9c,0x7ff9c325bfa8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=1980,i,10439544620570865549,2301244948330544693,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1976 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=7B92A788-7D2D-46AE-98D5-A12ECD75919E --brand-id=int --no-appcompat-clear --process-name="Network Service" --field-trial-handle=1896,i,10439544620570865549,2301244948330544693,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2012 --brver=24.6.1.766 /prefetch:3
C:\Windows\System32\ie4uinit.exe
"C:\Windows\System32\ie4uinit.exe" -reinstall
C:\Windows\TEMP\sdwra_7176_734054612\service_update.exe
"C:\Windows\TEMP\sdwra_7176_734054612\service_update.exe" --uninstall
C:\Windows\TEMP\sdwra_7176_1521301580\service_update.exe
"C:\Windows\TEMP\sdwra_7176_1521301580\service_update.exe" --delete
C:\Windows\TEMP\sdwra_7176_1260482126\service_update.exe
"C:\Windows\TEMP\sdwra_7176_1260482126\service_update.exe" --delete
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://browser.yandex.ru/goodbye/?beta=0&brand_id=int&brversion=24.6.1.766&clid=2270482&dateinstall=26-06-2024&distrib_info=%7B%0D%0A+++%22banerid%22%3A+%226400000000%3A667c701fa054d8d722d02397%22%2C%0D%0A+++%22browser%22%3A+%22GoogleChrome%2F64%2F110.0.5481.104%22%2C%0D%0A+++%22download_date%22%3A+%221719431199%22%2C%0D%0A+++%22mongoID%22%3A+%22667c701fa054d8d722d02397%22%2C%0D%0A+++%22pps%22%3A+%22installID%253D8063537421719431107_1719431199507%2526mongoID%253D667c701fa054d8d722d02397%22%2C%0D%0A+++%22scup%22%3A+%221%22%2C%0D%0A+++%22statpromo%22%3A+%22true%22%2C%0D%0A+++%22vup%22%3A+%221%22%2C%0D%0A+++%22win10pin%22%3A+%221%22%2C%0D%0A+++%22yandexuid%22%3A+%228063537421719431107%22%0D%0A%7D%0D%0A&lang=en&os=10.0.19041&ui=7B92A788-7D2D-46AE-98D5-A12ECD75919E
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --field-trial-handle=3856,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=4120,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5280,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5336,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5896,i,17949988676391029604,13756926835471203788,262144 --variations-seed-version --mojo-platform-channel-handle=5908 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.92 --initial-client-data=0x23c,0x240,0x244,0x238,0x24c,0x7ff9be9d4ef8,0x7ff9be9d4f04,0x7ff9be9d4f10
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2240,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1932,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2648,i,3936464242335570242,10900357309487407538,262144 --variations-seed-version --mojo-platform-channel-handle=2644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3f49055 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | download-paranja.yandex.net | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 93.158.134.121:443 | download-paranja.yandex.net | tcp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 93.158.134.121:443 | download-paranja.yandex.net | tcp |
| US | 8.8.8.8:53 | csp.yandex.net | udp |
| RU | 87.250.250.104:443 | csp.yandex.net | tcp |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.250.250.87.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 5.45.205.243:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 243.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 244.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 52.247.45.5.in-addr.arpa | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams03.cdn.yandex.net | udp |
| NL | 5.45.247.53:443 | cachev2-ams03.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 53.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| RU | 87.250.250.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | 232.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 37.9.64.225:443 | tcp | |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 213.180.204.196:443 | tcp | |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | 225.64.9.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 87.250.254.216:443 | tcp | |
| US | 8.8.8.8:53 | 216.254.250.87.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 93.158.134.144:443 | tcp | |
| RU | 93.158.134.144:443 | tcp | |
| US | 8.8.8.8:53 | 106.254.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.134.158.93.in-addr.arpa | udp |
| RU | 62.217.160.14:443 | tcp | |
| RU | 93.158.134.144:443 | tcp | |
| RU | 5.255.255.242:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.204.158:443 | tcp | |
| RU | 213.180.204.158:443 | tcp | |
| RU | 213.180.204.158:443 | tcp | |
| RU | 213.180.204.158:443 | tcp | |
| RU | 213.180.204.158:443 | tcp | |
| RU | 213.180.204.158:443 | tcp | |
| US | 8.8.8.8:53 | 14.160.217.62.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.255.255.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.160.217.62.in-addr.arpa | udp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 158.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | 77.255.255.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | soft.export.yandex.ru | udp |
| RU | 87.250.254.20:443 | soft.export.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 20.254.250.87.in-addr.arpa | udp |
| RU | 87.250.254.45:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 45.254.250.87.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | udp | |
| US | 8.8.8.8:53 | csp.yandex.net | udp |
| RU | 87.250.250.104:443 | csp.yandex.net | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | udp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| GB | 142.250.187.206:443 | tcp | |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | tcp | |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| GB | 216.58.213.14:443 | tcp | |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.16.227:443 | tcp | |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| RU | 93.158.134.36:443 | tcp | |
| US | 8.8.8.8:53 | 36.134.158.93.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 216.58.204.67:443 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | webntp.yandex.ru | udp |
| US | 8.8.8.8:53 | webntp.yandex.ru | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| RU | 213.180.204.196:443 | webntp.yandex.ru | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| GB | 142.250.200.46:443 | udp | |
| GB | 142.250.200.46:443 | udp | |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 93.158.134.242:443 | tcp | |
| US | 8.8.8.8:53 | 242.134.158.93.in-addr.arpa | udp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| GB | 142.250.187.196:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | udp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 93.158.134.242:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 192.0.66.233:443 | tcp | |
| US | 192.0.66.233:443 | tcp | |
| GB | 142.250.200.46:443 | udp | |
| US | 34.96.102.137:443 | tcp | |
| FR | 143.244.56.50:443 | tcp | |
| GB | 142.250.179.238:443 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 192.0.76.3:443 | tcp | |
| US | 34.96.102.137:443 | udp | |
| US | 34.96.102.137:443 | udp | |
| FR | 143.244.56.50:443 | udp | |
| FR | 143.244.56.50:443 | tcp | |
| US | 8.8.8.8:53 | 233.66.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.56.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 18.208.60.200:443 | tcp | |
| US | 104.19.178.52:443 | tcp | |
| US | 104.19.178.52:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 172.64.155.119:443 | tcp | |
| US | 8.8.8.8:53 | 200.60.208.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 104.18.32.137:443 | tcp | |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 192.0.76.3:443 | udp | |
| GB | 216.58.213.3:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 44.233.60.45:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 45.60.233.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 100.24.217.80:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.107:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 80.217.24.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 100.24.217.80:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.10:443 | cdn.mwbsys.com | tcp |
| US | 100.24.217.80:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 10.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.107:443 | cdn.mwbsys.com | tcp |
| US | 100.24.217.80:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.41:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 41.91.86.99.in-addr.arpa | udp |
| US | 100.24.217.80:443 | ark.mwbsys.com | tcp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.41:443 | cdn.mwbsys.com | tcp |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.179.238:443 | tcp | |
| US | 8.8.8.8:53 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.200.46:443 | udp | |
| US | 34.96.102.137:443 | udp | |
| US | 192.0.76.3:443 | udp | |
| FR | 18.164.52.105:443 | tcp | |
| FR | 18.164.52.105:443 | tcp | |
| US | 8.8.8.8:53 | 105.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 23.34.233.128:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adwcleaner.malwarebytes.com | udp |
| FR | 18.164.52.32:443 | adwcleaner.malwarebytes.com | tcp |
| FR | 18.164.52.32:443 | adwcleaner.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 32.52.164.18.in-addr.arpa | udp |
| FR | 18.164.52.32:443 | adwcleaner.malwarebytes.com | tcp |
| FR | 18.164.52.32:443 | adwcleaner.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 8.8.8.8:53 | ipv4.am.i.mullvad.net | udp |
| US | 3.209.127.22:443 | holocron.mwbsys.com | tcp |
| SE | 45.83.223.233:443 | ipv4.am.i.mullvad.net | tcp |
| US | 3.209.127.22:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 233.223.83.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| FR | 18.164.52.32:443 | adwcleaner.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.238.120.189:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 189.120.238.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 92.36.219.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.65.42.20.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | udp | |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 54.236.97.178:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 178.97.236.54.in-addr.arpa | udp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 192.178.49.163:443 | tcp | |
| US | 192.178.49.163:443 | udp | |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.213.3:443 | tcp | |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 52.88.118.164:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 164.118.88.52.in-addr.arpa | udp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 3.209.127.22:443 | holocron.mwbsys.com | tcp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 3.219.36.92:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 3.210.87.158:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 99.86.91.10:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 158.87.210.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 104.18.38.233:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 23.34.233.128:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| GB | 142.250.187.196:443 | udp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | ocsp.trust-provider.com | udp |
| US | 172.64.149.23:80 | ocsp.trust-provider.com | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | crl.trust-provider.com | udp |
| GB | 172.217.16.226:443 | udp | |
| US | 172.64.149.23:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.intel.com | udp |
| ES | 23.60.219.84:80 | www.intel.com | tcp |
| US | 8.8.8.8:53 | certificates.intel.com | udp |
| SE | 184.31.15.48:80 | certificates.intel.com | tcp |
| US | 8.8.8.8:53 | 84.219.60.23.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | udp | |
| US | 8.8.8.8:53 | 48.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.204.158:443 | tcp | |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.250.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 8.8.8.8:53 | spyware.neocities.com | udp |
| US | 151.101.65.140:443 | tcp | |
| US | 198.51.233.2:443 | tcp | |
| US | 198.51.233.2:443 | tcp | |
| US | 8.8.8.8:53 | 140.65.101.151.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 2.233.51.198.in-addr.arpa | udp |
| RU | 87.250.251.20:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 20.251.250.87.in-addr.arpa | udp |
| US | 198.51.233.2:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 198.51.233.2:443 | tcp | |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| US | 18.245.175.4:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 4.175.245.18.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 198.51.233.2:443 | tcp | |
| RU | 93.158.134.242:443 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 93.158.134.242:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.129.140:443 | tcp | |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.65.140:443 | tcp | |
| US | 151.101.65.140:443 | tcp | |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.235.117.63:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 63.117.235.44.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 151.101.1.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.187.196:443 | udp | |
| IE | 209.85.203.84:443 | tcp | |
| IE | 209.85.203.84:443 | udp | |
| GB | 142.250.179.238:443 | google.com | udp |
| IE | 209.85.203.84:443 | tcp | |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | udp | |
| IE | 209.85.203.84:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 44.235.117.63:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.254.106:443 | tcp | |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.179.238:443 | google.com | udp |
| GB | 142.250.180.1:443 | tcp | |
| US | 104.26.6.129:443 | udp | |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.6.26.104.in-addr.arpa | udp |
| US | 104.26.6.129:443 | udp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 104.26.6.129:443 | tcp | |
| US | 8.8.8.8:53 | relay.wormhole.app | udp |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 50.116.12.82:443 | udp | |
| US | 149.137.132.105:443 | tcp | |
| US | 8.8.8.8:53 | relay.wormhole.app | udp |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 50.116.12.82:443 | tcp | |
| US | 149.137.132.105:443 | tcp | |
| US | 8.8.8.8:53 | 82.12.116.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.132.137.149.in-addr.arpa | udp |
| RU | 91.215.42.31:80 | tcp | |
| RU | 91.215.42.31:80 | tcp | |
| RU | 91.215.42.31:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| RU | 87.250.251.20:443 | tcp | |
| US | 8.8.8.8:53 | 31.42.215.91.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| IE | 209.85.203.84:443 | tcp | |
| GB | 142.250.187.206:443 | udp | |
| GB | 172.217.16.227:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.204.29:443 | tcp | |
| RU | 91.215.42.31:443 | tcp | |
| US | 8.8.8.8:53 | 29.204.180.213.in-addr.arpa | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 44.236.68.145:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 145.68.236.44.in-addr.arpa | udp |
| US | 104.26.3.70:443 | tcp | |
| US | 151.101.65.140:443 | tcp | |
| US | 151.101.65.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.193.140:443 | tcp | |
| US | 151.101.65.140:443 | tcp | |
| US | 151.101.129.140:443 | tcp | |
| US | 151.101.129.140:443 | tcp | |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 151.101.65.140:443 | tcp | |
| RU | 93.158.134.242:443 | tcp | |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.187.206:443 | udp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 87.250.254.106:443 | tcp | |
| RU | 62.217.160.2:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.179.238:443 | google.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| SE | 23.34.233.227:443 | tcp | |
| SE | 23.34.233.227:443 | tcp | |
| RU | 87.250.250.232:443 | sba.yandex.net | tcp |
| GB | 142.250.200.46:443 | udp | |
| US | 104.26.6.129:443 | udp | |
| US | 13.107.246.64:443 | tcp | |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | 227.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| IE | 52.17.107.72:443 | tcp | |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 13.107.246.64:443 | tcp | |
| GB | 23.214.139.72:443 | tcp | |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| IE | 66.235.152.225:443 | tcp | |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 8.8.8.8:53 | 72.107.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.139.214.23.in-addr.arpa | udp |
| US | 20.42.65.88:443 | tcp | |
| US | 8.8.8.8:53 | 49.43.201.23.in-addr.arpa | udp |
| US | 20.42.65.88:443 | tcp | |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
| SE | 23.201.43.27:443 | tcp | |
| PL | 93.184.221.200:443 | tcp | |
| US | 8.8.8.8:53 | 27.43.201.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.221.184.93.in-addr.arpa | udp |
| SE | 23.201.43.67:443 | tcp | |
| US | 8.8.8.8:53 | 67.43.201.23.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | udp | |
| US | 152.199.19.160:443 | tcp | |
| US | 152.199.19.160:443 | tcp | |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| RU | 87.250.250.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 93.158.134.242:443 | tcp | |
| US | 151.101.129.140:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 151.101.193.140:443 | tcp | |
| US | 172.64.149.23:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | ocsp.trust-provider.com | udp |
| US | 172.64.149.23:80 | ocsp.trust-provider.com | tcp |
| US | 8.8.8.8:53 | crl.trust-provider.com | udp |
| US | 172.64.149.23:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | www.intel.com | udp |
| ES | 23.60.219.84:80 | www.intel.com | tcp |
| US | 8.8.8.8:53 | certificates.intel.com | udp |
| SE | 184.31.15.50:80 | certificates.intel.com | tcp |
| US | 8.8.8.8:53 | 50.15.31.184.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 74.125.34.46:443 | tcp | |
| US | 74.125.34.46:443 | tcp | |
| US | 34.117.229.111:443 | tcp | |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 34.117.229.111:443 | udp | |
| US | 104.16.242.118:443 | udp | |
| US | 104.18.168.110:443 | tcp | |
| US | 104.16.242.118:443 | udp | |
| US | 104.18.70.113:443 | tcp | |
| US | 8.8.8.8:53 | 111.229.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.242.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.168.18.104.in-addr.arpa | udp |
| US | 104.18.70.113:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 216.239.32.36:443 | tcp | |
| US | 104.18.72.113:443 | tcp | |
| US | 8.8.8.8:53 | 113.70.18.104.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 113.72.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 216.239.32.36:443 | udp | |
| US | 151.101.129.140:443 | tcp | |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | w3-reporting-nel.reddit.com | udp |
| US | 8.8.8.8:53 | w3-reporting-nel.reddit.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 151.101.193.140:443 | w3-reporting-nel.reddit.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 151.101.193.140:443 | w3-reporting-nel.reddit.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 3.209.127.22:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 3.210.87.158:443 | sirius.mwbsys.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| RU | 62.217.160.2:443 | tcp | |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| RU | 87.250.254.106:443 | tcp | |
| RU | 87.250.254.106:443 | tcp | |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| GB | 142.250.187.196:443 | udp | |
| US | 8.8.8.8:53 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | udp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| GB | 216.58.201.99:443 | tcp | |
| US | 216.239.32.36:443 | udp | |
| GB | 142.250.187.227:443 | tcp | |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 142.250.187.227:443 | tcp | |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.235.117.63:443 | telemetry.malwarebytes.com | tcp |
| GB | 142.250.187.196:443 | udp | |
| GB | 142.250.187.227:443 | udp | |
| RU | 87.250.250.232:443 | sba.yandex.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 37.9.64.225:443 | cdnrepfu6rku5qba3zpu.svc.cdn.yandex.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 93.158.134.242:443 | tcp | |
| RU | 93.158.134.242:443 | tcp | |
| GB | 216.58.213.3:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.187.196:443 | udp | |
| US | 216.239.32.36:443 | udp | |
| US | 151.101.193.140:443 | www.reddit.com | tcp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 35.81.120.136:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 136.120.81.35.in-addr.arpa | udp |
| US | 35.81.120.136:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 44.195.186.47:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| FR | 54.230.112.71:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 47.186.195.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.112.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| US | 3.209.127.22:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | webntp.yandex.ru | udp |
| US | 8.8.8.8:53 | webntp.yandex.ru | udp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| FR | 3.160.188.41:443 | links.malwarebytes.com | tcp |
| RU | 213.180.204.196:443 | webntp.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 41.188.160.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | plausible.io | udp |
| US | 8.8.8.8:53 | plausible.io | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| US | 18.208.60.200:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| RU | 213.180.204.196:443 | webntp.yandex.ru | tcp |
| US | 8.8.8.8:53 | sec.api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | sec.api.browser.yandex.com | udp |
| RU | 213.180.204.196:443 | webntp.yandex.ru | tcp |
| RU | 213.180.193.234:443 | sec.api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.254.20:443 | soft.export.yandex.ru | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| SE | 184.31.15.40:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 87.250.247.181:443 | avatars.mds.yandex.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 87.250.247.181:443 | avatars.mds.yandex.net | tcp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 77.88.44.55:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| GB | 216.58.204.67:443 | update.googleapis.com | tcp |
| BE | 88.221.83.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 201.83.221.88.in-addr.arpa | udp |
Files
\??\pipe\crashpad_3404_JOMXNBIYLHSXMXJJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3eb87fd9eda1376f08c2eb333f61692b |
| SHA1 | 78344d8eed13ce2fa9e1ff148b29cf9bcf080878 |
| SHA256 | 2f0722c767dcc4513549453f282b26e996e304d840b4c203d8dd7a5c2c3db50e |
| SHA512 | bca3db8d0b8eb7d880f10dbbca7be30aa58d089a0aaffc5b72d644a82489c3b84e274522bd965050dde6d999f558b1ecb51287f9e7714ae48fc74520d919c43b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4f688ebb11f7310656530903eaf56813 |
| SHA1 | a277007ffa25ebdbfebefe62d26079f23dca7380 |
| SHA256 | 544664231023299b9586c17cd510443b80f40c52c8c3abdfe18b79ee717dd1cb |
| SHA512 | f897f39f8338d15cc01742922e35d0da0525bae7dc424e4679cd3113bfedf2e33dead8e38756c0b940cf7745413c9f0d9e2f39b2d1e9e43e412626107c4c18cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b9238f633134d8374b4d25aa52887f53 |
| SHA1 | c84aa97fdd06c437493b7a4d6d8ee0966ca583a2 |
| SHA256 | 85e4930062dcb8c470ea86a618dd176fe16320649190cac6314e7685344ea0ac |
| SHA512 | f55355cde86c40a2abe431b055c5753decd257270a19d1a876fa269501c2cdc7d931df8a417291bc2ad979bb3ca85cb9fa7b7db23e70f59a1f95ce1d5a403c75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f03998b4bea81ec95c6d0b131fbfcd8 |
| SHA1 | ddfaf662d46337e41de51de43ee15a760f28ae3c |
| SHA256 | 9155edb3a2071967b160f1e9a930d034549cf1ff6f04ba906be92be026f15e72 |
| SHA512 | 680c1fe1565685bf04fc9ce35d3db43464346efa9322bc74b21349067c0b86edff23fae9e61d6aaf82aa32d2b34f9f836260a8d275a21d936fbc127fa82fd24d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 65c45c79dc44fe6759c7cd13d02c830c |
| SHA1 | d39dafa12b2d75de6e692a2cc1f7dd5f3893f493 |
| SHA256 | e1eb3c47967e57a1dd7c6fab75d292897f6bb6fcb900d4e489abd7e8971bb54d |
| SHA512 | c96ddf99d4dfb5ebae26395c4d568d2bc65c300252c004eeeca4f66a0a06a1b0ba82a25af2548c583e2789d41f97c82637b39d8b8b78936b1b28fd362821549a |
C:\Users\Admin\Downloads\Unconfirmed 135120.crdownload
| MD5 | 01aed496ff6eaed7541cdb2cee447d85 |
| SHA1 | 893f3f34589bdaa4a82c0f527d336dfac2e5802a |
| SHA256 | 7f98254d0e238ecb23685bc912aeaace20bc393eaa3868388e5a4a1ae510d295 |
| SHA512 | 70ffadf979d00b134cb539298b8481f21907276a0f3818f08680c2763a96fd5385cc1d5a098994dd7b6f13cb210f934e0183569c5c2ceeb820dcda7f59de7175 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 81a90d55acb406ca13a476a6fcdf7a42 |
| SHA1 | 26573592d597c10c8570591c0cd3de241e3a1600 |
| SHA256 | daaf630e0c61a07e6927735af0bb6231cce3789866902a54fa1e47815575e2f8 |
| SHA512 | 8f46b7da1ba525ae4035918c6c4b3c11a22b2e3adb559e9a267cfc7c85e6ef11f6e5d08c5e65696e124f30cd76a381b1168d915c6a97cf94b25b28edd91e4b36 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 8909e1e6baf7cb6213b88d9f0a851da3 |
| SHA1 | 48bda5e5632c869b511239a587b5041c10f3deb0 |
| SHA256 | 611b0086bd73304736fa1179c2b22e7b754c2c17b6d7de0c9c13e64fd309a005 |
| SHA512 | cd69cc436d5561da4789aa3acb30f24a9aac01652481b6cb2a0e070131637c98c50bc6fcae8914233df13ca157aa1ddf3168e022e6245c31f9b153d0ab9cbc21 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 5a30fc1f5a7550545eb2bd29b0856f63 |
| SHA1 | ec15f6ed9e8ecdf9d122283501392404a535ffa3 |
| SHA256 | 12d60e1b320641d947f2c821aa0726641a5716d8a020f328fbbe4d94f259fa43 |
| SHA512 | 9adbc535fecee1b2b5aababd210356b20b2ca9a62b27ad977bc42d2e05857ec456234b90f75b8a9f625ff33ce17cd5f2c0cea068c57443cf25e8e9d18069717e |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 111af257cc8e3495f4fc21542d080082 |
| SHA1 | 429c3b38df308fa01e52d523786f2d684fb7397c |
| SHA256 | 0544b7f6b80ef6fb29c9968be2ec1c0181532a773de07485f5016c6a59c9a2a8 |
| SHA512 | 164e102e5eefbfa3850d7161eebc538cc6532b921965c78a7c5f392aa87e26a58bef8487cf93600e79e0ae14acae1972549ac2137446893dc3a29dc311014959 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f67489556f3dec93194a77813029d1f6 |
| SHA1 | 2474218c06cab10c400f45bb6a86fb7369bdca2a |
| SHA256 | 725f2a5a25cbf368fd99c8915f007a92f4697ef17e4a28aa5a0a37f39d5bc06d |
| SHA512 | 11f5e4988906146c264239560802d4c269f050b3af7f1b1b33becf2e5b43368a98801efec785ba4399d3f4823a552e4a4ded3d1876c00a19d523f6416ce1be8e |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | c815879c3a09fe45ad4ca78283c53d20 |
| SHA1 | a4f2056f4e319d42b304ac7ee48123b4f030f199 |
| SHA256 | 5d4ab8f8a222706220d0148519c7c5bdfa2df5f142d0f97aa11a36357f8a3354 |
| SHA512 | 47239b2f3205006d7cd7bdb764c10a303bfad65a058d16402021e0999d550ee3a4ce8db003d2e238c2714db6b7e6265fe7fb61a6a3c779a30a0f27a26fc4b427 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ee5f5be8c15831352760ba9a0b86f02 |
| SHA1 | 4314a4613e5ec4dad8dcda33d0f793c3158ac4fc |
| SHA256 | 14a7b4f4d8a1015d5b8eb99222fde460bb42bcc964687a3ca30c9465a3e6a454 |
| SHA512 | c2f21c5b66df249dc548edadd5e5bc26c1a3201e88472474431ba3bb8a6317bac4b53aff7e1eee2900c0ef07bf9d8a2d238dd93390f7179804b4759f7a1b8163 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3dc1ddd1b26a8a231717253f7282fdc9 |
| SHA1 | e748306529d2778b78895d2d999c38b85e0cd170 |
| SHA256 | 054a3a4197210e969bbfb4d295d76f516c040468600d33817726755babc094e5 |
| SHA512 | 6c76e7b68381a59d1a708c9e66ccb9a557fa3d569564cc1fc02050991aa63a683f64e20e3b4e7880394a22491fd40fa1a67b9eece4618da5ba20e69ae3ce4537 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe599cf2.TMP
| MD5 | eff0a34ae604b2defec15f6d7a4dd89f |
| SHA1 | 8e64aa223a4c807f380a21404a1b23ca2f4cb760 |
| SHA256 | aed7dd0d4bf1306880f57499d8b01f0098862c242646f85ed00686568ec27ea4 |
| SHA512 | 7a645366e2fe7a8cc124bf099828884d9afe2bb2f855193070a35417fcdd8eea1934888abd392d301b90625cbb24ab310e7229f855087f75b073d3766b0b2e99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 43f71d2332647da6d2e982c044ce5f25 |
| SHA1 | 5c0325591bbd52326300c3b73b0fb41cc85e75e0 |
| SHA256 | 1d791465d8312b3996710f26d6bd47352f2dcfa2b17febdbede6d4a94c840ad5 |
| SHA512 | cc9e85979453529a8cbd907080f8852ecaecd35d99b99d84f2fde26fb8b5227d18fad25c7a7af900b88a045080bf632a25ce33932b10a11f911d24c721807dff |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 440500f8bab6fb34b469afab5672b2b0 |
| SHA1 | 8ab416d5cce4a316a39c38f25aee36950d7a7441 |
| SHA256 | 2ffc9b061ba0ec9da3fd3d741acacf810fc4fa4e81bfb33234cfeb00db1b786c |
| SHA512 | d6e9fc59978df7bcb8bf587970cb112c63c8702652b992872f3a614c65547e2bc3c1513215304a4e1e830dae6bb057a8f74a238bdfd6dc58e8f24c65f329618e |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f1e2c3b3a84304179fca8e998a9e13f5 |
| SHA1 | bc71e54bc31036af018984f2d75421b9367f6771 |
| SHA256 | 0266544f3efa1e6ce7fc79aced4b15872e1d48608d31a017bb0054e541bbe03c |
| SHA512 | ea3bc4cce9958288eef6631eb59829c01be0ccea82031869d4637f509a91a2aaa65d8c477e141c8aad11049e3f89bb6f479323c80d7fc2452a9e3e1b19127257 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 1adf1df1f49bf333f03a4f301efe1364 |
| SHA1 | c17a1e310ff4eee132c79067bb5c49b1845faed1 |
| SHA256 | c198d9e3569861b3b1d8c8b1bfb7c8b1c40035364c66dc067ac7fbd3497144ef |
| SHA512 | 3099a8518012956704bd82ac5d4f4f65e1d15f2e2fb882220b7374c47086bba1f84f0a1124d895382e6970afd7433758febe0dadc967a44d96e264916f8cb2e7 |
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\setup.exe
| MD5 | 3567844a6a9f79777657d980d8ee0092 |
| SHA1 | b0800199cf6ee828268926e76f563adb23dfa7a9 |
| SHA256 | cb575379b3235c343c67088a6041b8d105f56f9a60bad0fb721c7aefd6bbf592 |
| SHA512 | bb87dce77a5dbe7b19ec44286fd930e92812aa857832aba8d80103eee044ae53e302c183d1dc6d5edbb9e64206b8891977f326bb8bb6ef53a1e7d1f1a47a16fd |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 4420dd84487c800ad7a9051167166c95 |
| SHA1 | e88e4852e8a2ad1455f711aee51c871a1e6a158d |
| SHA256 | 6f2497d865f6f5ac38e9426abe5b234afffb00f11e48d332b198bb61341e5ec7 |
| SHA512 | 555951739eed0892dbe368a24268c4fe48c959d6ae550b65756a11c2e594b2d8b180f53f65bf662313f0554b52d7a4876761d7656cc0b4e509f85e6d0173187c |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | 1fb99fd7254ad09c42563e2f91c7e72c |
| SHA1 | 73c8d8e42ac5d19269015c18202f39f226e9bc9c |
| SHA256 | e03df61e9a9fc733fa87c93b084b65b33b76633ec1bcc15764f75dac944be3da |
| SHA512 | 123ec537decd1564201430fd7096cee77bed47748cdb5347b06eef126aed14c02433f1115e97000204778e05e63f8f4f5d15bf37e7ea6ee72be986bf7f52ca7e |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | f3e1263e4b6cfa45e139ca3cb390484d |
| SHA1 | 6f3cc9ea1bdc99a849fd678f4a6dc94947edc14a |
| SHA256 | b2f29aad5a07e308752cc28f6053dd5418c3d2b974afdbb15c315584b3045990 |
| SHA512 | 363ac00cfc9544fa59307077351a65e198679638537c3cf560deead2a5e7abfba86d0eb29cbf6cc72a514b2f055b1a342fdcc8964f018254901212ab5dafedcf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_2D5E5B350E01A107C0352A3E192E40C3
| MD5 | 554a0387c8d05cbbb373f68f966bb0c4 |
| SHA1 | 6591dfee8e415d8a75ad1ff1afc583271c0061e8 |
| SHA256 | 1c7ac3d44b6211b1fd5dd3288f4949cb16695a1391310782adfdeb840c887b7a |
| SHA512 | 24b437a1cec347ab5ddcf658b91f3d005b5b94e12e93cea2180351b978742d73f79dcc5aae21834f3f5df90415d79d0c30f1258b450922991eaeeb20c1c74671 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_2D5E5B350E01A107C0352A3E192E40C3
| MD5 | b907654fe0a07cb880c168eaadc2f764 |
| SHA1 | b041990cf76c0fdb883fd3e22f5589e018d48312 |
| SHA256 | 50b98c4b35a08a57b0b934618249ee229c1f9118d26040389c527d2ce390f444 |
| SHA512 | fca5893fe23c2449220108206bde7394c006cea24cc1cb8ae5ea16e96a092d22e92a84542fb1cf4356ec24469dca6eab4faa1ffa89f197fddecbd95c091e8aae |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | eaafffdd4305d3fdecf0e9c1d7f26cee |
| SHA1 | 8e3aab060cc7ba22479d7e298f8e417504aef99b |
| SHA256 | f6f236c92e3f8d7d4bbbeeb8be420fbd443111cb4c0704a99a29f9936b569783 |
| SHA512 | 750427d84ee401bf9136c58e0a816a2fdae87533b17b649dd0b23f6da59de094f36c27b28d76450b32b1acdd8aeaf527870470f5648c932f93bb817cd0874341 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 174fe1bc809d88689e193b020af83591 |
| SHA1 | 8e7aa2a02dacd1e4e401e46861b864f4bc59deff |
| SHA256 | b255f8c8bfa932d778a648d62eecb2e70688a002849ade2e5f5999b45a09574f |
| SHA512 | b389f1a07a41e01d586e36885f68b6cd8558e2976ddbb8ea542593e16d56a229e36c0321db7b99aef54cd427146cfbf98bc8a6899a2f3d60e95028ec9365b93b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 092acc0090616f5eb823e3ae8cca1d73 |
| SHA1 | 1eaa94fc2c68e189db5ca88e38a87d46ec67f95c |
| SHA256 | c0c35b1f34dc1ca1564e49215631903099abc2c1e203c9dbf079cd68070bfddc |
| SHA512 | 9406a6f1a8909b731603096527e56cb7e5700ac4b4b2238a8465fc2d8aba7d941d68560cf397d365df3659e82fd02c43ab8640160760f7636b4121fc973d38b3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 678733ed067b12340acbef1ac9261788 |
| SHA1 | 7df15e69381203ae7eb8c19292eb543f25b2e7b5 |
| SHA256 | 320aeb203b226fd6d04a2601262589f8f36af2c8e088fede44bf6811bd3b86b0 |
| SHA512 | 6eb09c022396d8eff9f86d2b93b1e9ea583872ae04b32a00b00e7f33da57a533664c6a51ccaddf528f3118a4a5e83a33b7874d2584716b93086f1e6d242f955d |
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\BRAND_COMMON
| MD5 | a759c5f1c85c746667a2116f3826def4 |
| SHA1 | cc123af479e5a778e2e380eb853529c00a6abbe3 |
| SHA256 | c12498e96122788d6938cdd23697db73cb4cc67593314eacec21d4a73ccb37f5 |
| SHA512 | ac88e74bd3fc7eef48b75331631e47f15e69b04a88b7ba7c76d666ac4adae739ba4ebbfee9e721dd1099cc166894b934bb3053de069c2aa382756e5788d3e6a4 |
C:\Users\Admin\AppData\Local\Temp\YB_E62F5.tmp\brand_int
| MD5 | 3510863bdd2584a2d91daabe0852f3d5 |
| SHA1 | 5f4518b3ab74ea3bb834b137123f2e65681ed289 |
| SHA256 | ac12ee7fefa378584abe8e7e685c45e4d7f59acd7afa7d93ccdb66311e02a37b |
| SHA512 | 6b2437790045367243060137390fc22648fa44ffbc6aa97ec6a1a4296a94d5aea13683091b96da20f4b2976132ce22a59c096954e50f85791184e89c4088bd06 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | 1c5785de1c58cbe564b3d07511a3858c |
| SHA1 | 4576e9f10701e93dd17a1be79464da2749d5144b |
| SHA256 | a53efac4d2fe2f0f8d35bd6dc992fb2cf536839ec7bcdc33698b753dc244db10 |
| SHA512 | e12d13cbeb6625146d913ab9231aaed0bf4449979f42d96b529300391dae8bd6e1bdc346673285ed44cb503aab7202853146e8347ef37119b2489a0f1b3b93d2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | a4c4fb10f7942f12d32095f01c327012 |
| SHA1 | ca92965a7092d1d18080e90ddeb95094952c27ed |
| SHA256 | 7628816b0102f05b98489a30460d6f3c32f44486811de3150dc7a7fd1850a7a4 |
| SHA512 | 20339ab7ccd444baa7e5a81916b24eeaea5723e31060ae9d8097ad590070856352bd554073f73fc687294f948960e15bda3c19e94727b0bbbc4a89bf4d4873b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | 62b2c6cef6ec030703786bf01ed3bd01 |
| SHA1 | 486d964500afc50c7c22c379ceb32e7db082f88f |
| SHA256 | f6781d8c865c4b885cb5568ac8675cd224581ae9c7c467530529915318210192 |
| SHA512 | 46f71d1a84d9e9cd5f2c9fb899b1d873646a73319b2de86ffd0ee2d4df36ad5ccec7ed430c57844899e55afc8ccda0cf3450020323cc7202a89ef6289fba0b3d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | 419702ca8cd436b83bf2417fa9c52dfd |
| SHA1 | 76578f296b22a76d398d1b32b313e7974ef62e7f |
| SHA256 | 8a2c90fb7acd62d28b3764a35295ef5761e4b532344ca1919bf11ca2ebf6de25 |
| SHA512 | c1cebb7fded8c86ab3e928b56d243c5da30c2d2f397fe8f1554b3b23f335bc1bacdceeee54cc845c46f382ab6f9c4045d623b8b26d738e4024b8125c18084170 |
C:\Windows\Temp\sdwra_5668_572777290\service_update.exe
| MD5 | 640d5c17c78283c43f02abc001a701fa |
| SHA1 | 640de7ea486310a0006f003b98107460b01611cb |
| SHA256 | 480ca1ca69e5ef3e0ae7a5bd1a242fdd80c68bdaf1f328a03e4c95d2cf7853b7 |
| SHA512 | e333b638d6b44834200ac13d64d7e82f8be5ecf334bf70b97e673a65bec7caf65371787e77cf6ff5e927b6fa056505db1447755116c96e44d0183d2859ba3c6f |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 3642116538454d36e93b1c6b5e207df1 |
| SHA1 | bbbfaed352a0e6243099a154f7b6beb6c3b2ac30 |
| SHA256 | 75f75025da3ae2da5c098f0f37711bbc6d0cf1e68453851d863d90df316efcaf |
| SHA512 | 99ac576b0ed0008285f4b602a3c012a4c0c4227f5c31ba508775fa937f460f90d5d10d6ed1b88485b49e042132464905211012641c511e8e2f264a822660b2fa |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 7f09ddb4968b90d41f918d2ddb69b63b |
| SHA1 | 985c076ce48599b09ec87c3fdb08c3dc68704ae6 |
| SHA256 | 702b3a313925746c008f50bea89c9e018c87b9dad68fd237814627fc78e719e2 |
| SHA512 | 7b4ebbf0c40fc35d5394258605bad46b12658f7691e5945fa57a92e1c7f0edff494756f1633c2dcb9f8e8c42dec85887423cc956eae50372bd7a63ffa304e69e |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 33965d4b597d9e78e6dd8dc84ca0dfed |
| SHA1 | 70803846e7a0ae45da60d3880247bfe12e9d5c16 |
| SHA256 | 88bb8b86b8be27ae6661b96458482b1935f984524a4c38ab559b767ebd3f5f25 |
| SHA512 | aa662d10395c57aaa151def9b3118e3121a1d86f259ec5f94f6fb960d8deb83ab68cbc47c817b6c320c054e4dae7589670b3684a361d9772d5d8f14b2c132b3e |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 2e7f2a8a60f95d5333a9b9ffb52cfd3c |
| SHA1 | 6ef340db35da6d4e42ac761cc32d12eb22abdefc |
| SHA256 | e220d88daa21e88eb4133549e46931021d260ea08abded8f03c60b0934a6e400 |
| SHA512 | f9227d690329ef73f73c912bcfd696518efd913d524b220d6fc74cb892ebfcd668663e7f533c06a3cbe15cf133d459dde0b93a523b8aa4b153ef738c4819a803 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | e005a74433da8d6caa24fb5ec324a198 |
| SHA1 | 1874711afe1d99c8f181a124e81fbffa7e657fad |
| SHA256 | 0cca8bd70da39de5767120cf1a729d9d22c709228eba0b74d49fd60b0e5fa784 |
| SHA512 | fb1bbad8ad55ca8f98e8f74a5793f772f5daf1e61b04c4fd746db95ae3dd1babd6410c8786bf91b0039f4a6508e6f028d58bbadf538541d8141fc674d32dbedd |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 123dc15b38a2bef98164070ef3145360 |
| SHA1 | 52c8e67de972131e79d4345d38096cc65db57b96 |
| SHA256 | abc66148d80029a856ecce0a7ab549bb1c272ac26bca1fece59b92baf4780928 |
| SHA512 | 6d2474e60d0020460c9196c733981ace05ce50da250c1b9bac5a746f28813fadb532ba9774893002811735ec0c8602972942a53c9fcf3a2879ddef22e417c2ea |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 013b8f867b1d4fa2438f4d885a5e9510 |
| SHA1 | 596a8afc21df141049715dc8b13834ecffe1b940 |
| SHA256 | 0d140eb778162a6b74c51eb6cc6ae26ce69aea8af71875b8d2491cd32fab2de6 |
| SHA512 | 866be0de3bc1ee8735d25e2c82fc12e075b79dfdcefd303d018e808774898b0af69cd8c0764f121bbd89e6f60cf83f871fc7cf3abc2f35a449a6d130c092ece6 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | ec2684d74241f53ad28ef8bb6436ab16 |
| SHA1 | 9750844d7d88aa30454087c21eb45500436a1efa |
| SHA256 | 76e88f17c278594744fa07664499cdf48bb95e2d29ee33e9199ab844caaaf1ac |
| SHA512 | e271994eb837d7ccf0dbac071fa93b755796e8f44150ae65e2b8c58aa4967e2e268aca02220180e5607a1d03c942bc9caf7245657ff27472af9d31a5b865e3aa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.6.1.766\brand_config
| MD5 | c58880e8fe94993877961f66f2d6f64f |
| SHA1 | f4695e57ee5f3c37655fddcada0f64aee014f9b4 |
| SHA256 | a2448207c0e747a750afc7599ac5dc6daa3cfa7c51dc87c380b81fa96af95e13 |
| SHA512 | 115720ca3cc79591a82dffb58906b1c38a9708cbdf865c132bd6ba1bda70141d68a0d6b1fa7682ff3b366470bb05d1577b8240c7b947ec83594c541706558a9e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_DE_
| MD5 | 4757da1b4ddb8085be308d987b150a35 |
| SHA1 | ce3492d4efa7f87e29c6b53aa7e3ac6d9ee95152 |
| SHA256 | 9133f9eca9355387159ecfecc7158796305713c4046445d601eb5ded5fc0d3c3 |
| SHA512 | 025d1e09494ac470f0cdefea6136d928d47f5f795f105603b43f37e43884e2c73da15757dc24f6793760bcc11501a2a4b3832a31f213c6751da20fc866ce9d72 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_CN_
| MD5 | f2826b7f3232265257d6efad0c443d21 |
| SHA1 | 9da0d12745e199ac3f30f92c672b4dc97f35c75c |
| SHA256 | cfb1791b0a72d00fde5675da5c041fc2de53123b5f5b2b2129237404eb8ba482 |
| SHA512 | 4a8ac9dda75df8016e9b367b5d76afbab7f4f7f6fdcfe7f36d6273b7709fb992c377d21954a3665c234f84f640342b90161965e5dd09942ff8fbeaa8cccf7b8d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_GB_
| MD5 | efda29551136fcc4de2ab4092ff02e21 |
| SHA1 | a911fb873c1221efd99e9ca330435788aea01a75 |
| SHA256 | c491c7db179d23b53ec7f378f280d971d7b96d738187c1377fed5bc8c89a652c |
| SHA512 | e650b8b567dc658720cf74d8eb5cb6d51b4685f208232b9510a6b8739f8caa7f1d5e5e7b20a98b0b856ee56dce86cdae3eb7cf1b83974cb473011253a0af5c25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\configs\all_zip
| MD5 | ea3ae3b2101e4e4806afa0fecd78ee72 |
| SHA1 | 9f1719a2bab8afe355bc7329ffdfad65662d44da |
| SHA256 | 31086498440a9ab6cb32a31179c2c7b353df49c1b3a67f129cff2b2a9a4a04ee |
| SHA512 | 24fb4877ff65681b941ebcc6fe7669e0c02845928c38359487902321cdd6c6646bfffefa26936a235f15c2463cb51212e7ce34349f1d62835ef4af9fbe9f0121 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 909b09582eadd71cdfd92d615ea70a87 |
| SHA1 | 715f244e8c4b306f26649167a2186a598f65f3df |
| SHA256 | 7bbd3e9581b9990cd48933c7b6ed0a22216db7f3544daf510b4acfadcab0426a |
| SHA512 | 95a6d43d88b88bacc7ad49ea40b1797f28c2fe835f8c5287b13426581088154d952803c8461d6c311520fa3b92ceae4ee9f9328a9e70ceb9b48be639f948cc4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | fda6c7f7660e9be254ef3745b8dcc4c0 |
| SHA1 | 953062beb6ba234633f1de0a6964e7dec3ba2cf0 |
| SHA256 | 29660aabd512c66468f36862bf0087855e4c18bee937e9d1a403d548f0ce1b8c |
| SHA512 | 0b18601b8771071d601c00a8ecb687d807ca4c785c387701f6dff99566fab72227b9af84a17bf9c40a583c2501d3c20cb93681f4a1f6cb0227e4dd5b5a005077 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 4c817e4c2d0ed4b5603e7192da413a6a |
| SHA1 | e70fe2b6c5548273bc00b8863e0752c7bf93ad11 |
| SHA256 | cbbda477eaadbaf9fc385bff50dfaf9af360dd82fd8b345209456d8da580273b |
| SHA512 | 39a4796f25ee166dd8a079b3556b1e50d9e85a1bad8a9229a428a9d160411c7362fdf05db872ff167ce23f7769de582f63155863bd3e06313d49e71841f369ae |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 59056ed6f292c396d692c4df62c9f39c |
| SHA1 | 68d4b88a4d4ea3770eaefce1d6a7c2361c4471ab |
| SHA256 | f6898aa373621f37ceff948ded3b784ce7ef206e13d8b4b97319e9ef3669a01a |
| SHA512 | 3b0dcdd27a4fd4fcad357135743867201425aa1a5b93bb3e1f9d60e59b4511767812ceb52fd700f0dc62f3bcf0eb7972042f5281407be5bb82f1fd36ee6fda89 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\stop-words-en-US.list
| MD5 | 202e1cc3e24e0a76bb1fd8779ddae5cb |
| SHA1 | 7566a9437663e808740ef75c9a79f414daa6b44d |
| SHA256 | 95984aa8caca82fc5c2ac6721e17206e45f12404567bf05bf397131ab83cef58 |
| SHA512 | dba1d7714da25c670cef62d22638ba759add34e26e69666973e26b7e7542b7c04d3694bb0f22ec2b7f89a33e48b3546507a108a385ba5945e0d293f501511717 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\abstract\light_preview.jpg
| MD5 | 9f6a43a5a7a5c4c7c7f9768249cbcb63 |
| SHA1 | 36043c3244d9f76f27d2ff2d4c91c20b35e4452a |
| SHA256 | add61971c87104187ae89e50cec62a196d6f8908315e85e76e16983539fba04b |
| SHA512 | 56d7bd72c8a380099309c36912513bcafbe1970830b000a1b89256aae20137c88e1e281f2455bb381ab120d682d6853d1ef05d8c57dd68a81a24b7a2a8d61387 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\abstract\light.jpg
| MD5 | 3bf3da7f6d26223edf5567ee9343cd57 |
| SHA1 | 50b8deaf89c88e23ef59edbb972c233df53498a2 |
| SHA256 | 2e6f376222299f8142ff330e457867bad3300b21d96daec53579bf011629b896 |
| SHA512 | fef8e951c6cf5cec82dbeafd306de3ad46fd0d90e3f41dcea2a6046c95ab1ae39bf8a6e4a696580246c11330d712d4e6e8757ba24bbf180eec1e98a4aec1583b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\wallpaper.json
| MD5 | 662f166f95f39486f7400fdc16625caa |
| SHA1 | 6b6081a0d3aa322163034c1d99f1db0566bfc838 |
| SHA256 | 4cd690fb8ed5cd733a9c84d80d20d173496617e8dde6fca19e8a430517349ed5 |
| SHA512 | 360a175c5e72ff8d2a01ee4e0f365237bbd725b695139ea54afc905e9e57686c5db8864b5abf31373a9cb475adcbdb3db292daf0a53c6eb643a5d61b868ad39b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 8a2f19a330d46083231ef031eb5a3749 |
| SHA1 | 81114f2e7bf2e9b13e177f5159129c3303571938 |
| SHA256 | 2cc83bc391587b7fe5ddd387506c3f51840b806f547d203ccd90487753b782f1 |
| SHA512 | 635828e7b6044eeede08e3d2bb2e68bc0dbbe9e14691a9fb6e2bc9a2ac96526d8b39c8e22918ff2d944fb07b2531077f8febd43028be8213aa2fad858b6ee116 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\flowers\wallpaper.json
| MD5 | 4938bc67f6e2d6e8faeb7ba9ca8dbc69 |
| SHA1 | 7600cfbe9d5e6be6a12642670107857abe36e383 |
| SHA256 | 3bdb98cfc0379426a56ac7813f4bdd4787bea9ee8a65b7914e62226e584ac977 |
| SHA512 | 27b680deb837cf7831c2d865f210fa1321fe5a2ee885be1dc058916ae0fa0e6fcf9c9f9de4ee86806dd3ab271c47f79ab621741664b8bdce7be117ff52ef6c85 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\meadow\wallpaper.json
| MD5 | f3673bcc0e12e88f500ed9a94b61c88c |
| SHA1 | e96e2b2b5c9de451d76742f04cc8a74b5d9a11c0 |
| SHA256 | c6581e9f59646e0a51a3194798ec994c7c5c99f28897108838aaf4a4e2bda04a |
| SHA512 | 83fb3fe4a3562449a53c13d1c38d5fe9ef1fa55c3006f59b65eace9a6ad4963e768088bc500dbe5266b5979c6ace77874ef11a15a7bd9fabae00ff137e70ecb5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | 2b65eb8cc132df37c4e673ff119fb520 |
| SHA1 | a59f9abf3db2880593962a3064e61660944fa2de |
| SHA256 | ebe9cadad41bd573f4b5d20e3e251410300b1695dfdf8b1f1f1276d0f0f8fa6d |
| SHA512 | c85fe6895453d0c38a1b393307b52d828bad8fa60d1d65bb83ffa3c5e17b71aa13cab60955489198503839ce5a4a6c1bb353752ab107f5e5b97908116c987e52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\peak\wallpaper.json
| MD5 | f0ac84f70f003c4e4aff7cccb902e7c6 |
| SHA1 | 2d3267ff12a1a823664203ed766d0a833f25ad93 |
| SHA256 | e491962b42c3f97649afec56ad4ea78fd49845ceb15f36edddd08d9e43698658 |
| SHA512 | 75e048c1d1db6618ead9b1285846922c16a46ee138a511e21235342a5a6452c467b906578bdd4a56e7b9e0a26535df6fb6319ae1cae238055887b48963fa6ed6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 5f18d6878646091047fec1e62c4708b7 |
| SHA1 | 3f906f68b22a291a3b9f7528517d664a65c85cda |
| SHA256 | bcfea0bebf30ee9744821a61fcce6df0222c1a266e0995b9a8cfbb9156eeeefd |
| SHA512 | 893b2077a4abaa2fe89676c89f5e428ccd2420177268159395b5568824dd3fe08bea8a8b2f828c6c9297b19e0f8e3a1b7899315c0b07f4b61fc86ce94301518b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea\wallpaper.json
| MD5 | 92e86315b9949404698d81b2c21c0c96 |
| SHA1 | 4e3fb8ecf2a5c15141bb324ada92c5c004fb5c93 |
| SHA256 | c2bb1e5d842c7e5b1b318f6eb7fe1ce24a8209661ddd5a83ab051217ca7c3f65 |
| SHA512 | 2834b1ef7bb70b2d24c4fedef87cd32c6e8f401d8ee5f3852808f6a557724ce036c31a71298cd0ed601cde4be59ec4042542351c63c4e0ac3d31419f79240956 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\stars\wallpaper.json
| MD5 | 9660de31cea1128f4e85a0131b7a2729 |
| SHA1 | a09727acb85585a1573db16fa8e056e97264362f |
| SHA256 | d1bef520c71c7222956d25335e3ba2ea367d19e6c821fb96c8112e5871576294 |
| SHA512 | 4cb80766c8e3c77dfb5ca7af515939e745280aa695eca36e1f0a83fb795b2b3ef406472f990a82c727cea42d1b4ef44a0d34a7f4f23e362f2992dbff2527798b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_UA_
| MD5 | 1af7c65a09f5b23c8919656a631580db |
| SHA1 | c9dca1523cc25f50bdd8d5ce2d354abb40cf6e5c |
| SHA256 | 71f09d4dc7592990580ad74d2f5262c29f98f72e11319daccdbcd1f095cec3f0 |
| SHA512 | f39f7490857186663577af939c802757ba35a8b15fd0d7acc9786779f5cd2e179dc41d5b89695abaeaf1b6acc9d20b5754e6201f2ffe55c393e8fedb3ac24eb6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_TR_
| MD5 | 9aac83dab47ce1228e8819cdcf1cceb4 |
| SHA1 | c3d60af194dc7be089ea62750ecedbb6e5fa16fe |
| SHA256 | 199b7586e0d25718342e3657eedbe81d20968759af4a8a63b04eb9ac6ee56d5f |
| SHA512 | 3cf47d3c13c752222a34a94896c005db96927c2d5d4c132655bd7a84bfb9607a0feeccefbfae8e98467cd8642c31d843bba4c6293007ef071d91e7dcfc8bf1b3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_RU_
| MD5 | fbd7c40aa538b758a4588a07e88ac57c |
| SHA1 | af30b54822bbd0674cb1ea9a51be19b7a78d43b4 |
| SHA256 | 4ff2f383821f2e77878e4e624aadda8d4fc942e54803c69747da41c9988919c8 |
| SHA512 | bb183fe4b7f197bcf1ef72b5095cf41065f288c1426b006a6b99873969592825b623eeec51642a98fa783f6d7817766747a3f1209c8344559d21614f12c58448 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_PT_
| MD5 | 0dde45f225a4290e59bfb55c80d4a51c |
| SHA1 | 3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e |
| SHA256 | 8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40 |
| SHA512 | d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_KZ_
| MD5 | 7a9698fd54deaf12679dfa246adf5b60 |
| SHA1 | e824691b404a9aafe617c9c88e2063aaa08794bb |
| SHA256 | 8ff43d0de20a9e37107bd6428d6ac41843fe4f8261b00b8cea5792b72e365122 |
| SHA512 | 805d72d8ade2e2018e7dba83bfdc292b3cdc4dff9746e717d74f5955466e55f67f8d03076bf1a6c5f8be37e77f8aaf855044b8b28a0e7f39580dad009fea4e8c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_JP_
| MD5 | eb6d55790b6164b73e275c2401ad0550 |
| SHA1 | 5c47d0c866925eb05a4b59986921ed60f8a612c4 |
| SHA256 | 61f5b2ef85394c0034cfb05b650d7f4d9d79ffa87f2f6448566929f27a11411f |
| SHA512 | 0d4915979764f168b320e5152adfc18b186c5c966a3d42ba02c81bd5041386e08a89c818aa79d1c76304a3c9a3971982d5c97fc0493f19c1f283a64317acf9f3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_IT_
| MD5 | da963f528183e2c335b3523c5b5e667f |
| SHA1 | 1b63bc824508cc978916ad6ace199d8058ef53dc |
| SHA256 | bdc01e40b4ac8d262d616d31bef7d8bd2784c918ec9ea76e2be929bfb554585e |
| SHA512 | 8e1dca38a869a00bf7eb86b4173850631b1085068da2b49a184ef68029e03b8fe1906d8d0df2f6a5457905570b6dad57191a8175d6581a50092d531bda672e73 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_ID_
| MD5 | 2271cc49e222c5fd558572fe9d7808b0 |
| SHA1 | 6dbcf76e96e67434b8b9f294a61d1185afd9cbba |
| SHA256 | 8a4d261a6344c0eca555038eab21dd54d68c3cfbbe6eb11e7792c33f12537d03 |
| SHA512 | f3c5b9480dda3b8d7d7c36e5b2d4084c776ddd92d3a1e8086b9bb447486060ba07fb3d7ad9c8a15421d19b82b4e61f60057e94da726e5c8a7362438fa8b1961d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\web\wallpaper.json
| MD5 | e4bd3916c45272db9b4a67a61c10b7c0 |
| SHA1 | 8bafa0f39ace9da47c59b705de0edb5bca56730c |
| SHA256 | 7fdddc908bd2f95411dcc4781b615d5da3b5ab68e8e5a0e2b3d2d25d713f0e01 |
| SHA512 | 4045e262a0808225c37711b361837070d0aeb5d65a32b5d514cc6f3c86962ba68f7d108bf4d81aa3bf645789d0753029a72c1ce34688a6d7af15f3e854c73f07 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_ES_
| MD5 | 1c5d71e5a413ad550a08fe785f11d94c |
| SHA1 | 6c90db1ac6f5aa58202ee350f4e53ae3971be2bb |
| SHA256 | e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643 |
| SHA512 | 5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_CA_
| MD5 | f8495a109372348b2f3aa8fd41fac4f7 |
| SHA1 | 77c42c500e5a0889ad83d7693c6988b091a45012 |
| SHA256 | 3b5a77e2a5d9bd96d68ae95981d82aab133fca44110622fcf5ee7e12dd667ebd |
| SHA512 | 19126463e599d7a41a7b1815ca8176a7aac922ef39807c262ae15671bb49c0244e884094b361a20554c08e0aae028155d6608f080fd0d72ee12d36185ea203a2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo_BR_
| MD5 | 6a8fa7f8a6893d052627cd428d1e3237 |
| SHA1 | 81422d8c739a136967a6bf77167bda1afee1280c |
| SHA256 | 71e8cdfe763f3479b399ffdb8dacd136e118c52b9d980e75e97a41e592cd258c |
| SHA512 | 86bf094a4b2d7d13ac1d9d872458ca88cadca6744a638173e0425f4eba5ff624343de2c9b9ef38502174847e0b4f00ce768c7fafdf8e7f8a9ad1d1c2fb308d42 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\tablo
| MD5 | b8aca2f09f3c9ecbd1c848007c3fd8b6 |
| SHA1 | e81fc8e2512026f9df9a661529a1e7a9ce0b2ba3 |
| SHA256 | a3b688dbadf99ba57652809adf074bb6e441895d0035983fae33912128fdb7cc |
| SHA512 | df4eae94ee9eee02ce2fb7ced9968d9f644369638ec1ff392a15a28c89e4ec112aef966260be4072681f87145eee1460db1ced15b61798e3955c10eed3454a38 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.6.1.766\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json
| MD5 | f280105a60cd0f68ac8885ee7091c157 |
| SHA1 | 7ce4f76981b6702d1c483317bef3b9b8b5559153 |
| SHA256 | 73d889a5ca1c254302270a1703f1e14b4a785d56e931b9b928a40c6a2ec16167 |
| SHA512 | 1f0c4c6ef7941ac48542c51d6aae315fc3bf1d3ae6c175c51cb4ab22d2536986018f2c5e44c3d3a7022ecb93caad94f5acab4a0e1d1487d1581ae2dd1c4c70a0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | a29564082f5cb90fe24ccf5d5430ddb8 |
| SHA1 | 2e5f461c8dbe4aac0dba727c794470550bd74208 |
| SHA256 | 86a696157db6b7b0368d803f4f9332218164d7a12313617a85d9a085f244fcab |
| SHA512 | 9ea86260a3d40bcc5a48f579a1ab26cfc2a93298a27ace75103ec476b92c8ee5e2b9e09db53037933c2e3e8ed488431e55c9470aadaa7fe8a7d69d41652134cd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Yandex Profile.ico
| MD5 | e83f8ddcd8a44db1f17574eb0f501331 |
| SHA1 | 0b30ec881ad62158f896ea47f5c70db3806aefd6 |
| SHA256 | 3bae34ca8c4ca34ad7177a57d3934891651bea573f72a7da8cdf004f897ffee3 |
| SHA512 | 8a246ea1417825e1de0ee26af667c849175659441dac4c9f115d58ebb68abaac9245b231d787edfa72384ebdf0f170e871fca352b441faa41bc2984bc1a56223 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe5a13c8.TMP
| MD5 | 53244ef3cc1c2c0f6754bf3644b5d671 |
| SHA1 | 7eb842245d7c84ef4c8baf1a37fbf5e81a8ace21 |
| SHA256 | 8e877825ab3bb548f0eec1492b83421456ff731b5c91b6e9a4fdea9f66e5491c |
| SHA512 | 8a7ea48fc756bc72cad2713869db80f3a29c6500aba3686435d0f1033e8cac84094b24f72b4d682274582cb685997aff7d13ca4e912261b4f52a37f1020a5131 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
memory/4428-1262-0x00007FF9E3100000-0x00007FF9E3101000-memory.dmp
memory/4428-1261-0x00007FF9E3810000-0x00007FF9E3811000-memory.dmp
memory/1920-1207-0x00007FF9E3A60000-0x00007FF9E3A61000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\878715c0-df3e-45a6-99a6-4370a79196eb.tmp
| MD5 | 156f28f15aeb6f8cdec3a6a7a5a2e78a |
| SHA1 | b24775ba128ae0acc98910064041f254b696a23c |
| SHA256 | 6c25ed7fe03aaf96f1d7125ed229efaa7ac0f6f853ac9c4fdba84e7e56b0676f |
| SHA512 | 3f230a1394f92c71d39c526563d66eeac511d3ac996729145d8e15c25016a67a1b51e650595f72aca6449a58d592582094a925ab178a2a9d9f6176cac90316fb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 3f00c1d6de0d2ae9eaca9be998afbfca |
| SHA1 | 7e72e8c13ef17fc755a8719852cbf97809450963 |
| SHA256 | 78864c568fd909c8128e6d5114c3a8c376dbd615f9830f13e1ac64a7cb2ff7dc |
| SHA512 | fb914aaaee3c33bda4046e5303abb87daa7ac6c0b3a150eca87d19d7e65c8e7696b92a1038a7d6116c6151ce5fce64a25de5350dd39fd3f1f0c34462401504c4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | 1b96ca0a59dc57d283774738b6230767 |
| SHA1 | ff3166612bb256f432c54324b201de9518f7efab |
| SHA256 | 26f42ac55e6739d56b00f701c4a18cd1355dfd3c64ce78b758b01f320ae4ea9c |
| SHA512 | 28a15732a1ed7317bc7d5d7f0954d6cc5e27f1bac2baae00f2f590e93a81f973fc9ee9220d0213723b168f5e58e96a440d3fc2dd7b93ff16a580bbd3a72601e3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe5a16d5.TMP
| MD5 | df0e468cc7cf587dc93d7a545a86f959 |
| SHA1 | 635581aecf3d8723acd6e7383c5bb917bed8167c |
| SHA256 | 81b44a760ba596ecb7188f770ddbb90513b2d2ce77384804c491ae8541e1761b |
| SHA512 | 221b081995eff808c9541042c946bb4ea6427d28e332423159b419c5f8196df394e5a3fea90ace00d4ac71bcc5e6b10eb937b47b9d869dd6a4d6346216f51f3b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | 7655de30417be44beb217273111fac97 |
| SHA1 | ed5f081d298f554ca6b9d42d77b20523d8eb665d |
| SHA256 | b27acb468a28b61618880dafbc4d49ac293e545be6cabfe157d96f69a2bc1472 |
| SHA512 | 6a0b1ed36c004e21bb7b7996fdc51d4025ef0daaae1420d2989e32065cd2cea70a62ec36f360afeabc801028fc920eaf21c42efa3ebfcdfb143413f57d95bd9b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe5a1907.TMP
| MD5 | a66e4a45717a3394a0998bf3ad3e597d |
| SHA1 | 0615e3abb7906334ee09088d16e975583b3befbb |
| SHA256 | 044af0d3bae874442d7a3fbfed3b07d2c69a2ffbad1d4ed48e82ba8261d895e9 |
| SHA512 | d47dc2efdc4377c0032e7ce3bc5927c013428e330956e4585cbf6a2f30728397976c72d2586a4c892c64ce71e4942ecbbd5e08a5980cb25247eccb4e24e3842d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | a0ebfef436e83fb6a4a215f9096b98d7 |
| SHA1 | a0ccb09254727e8fd651f7133735059aa507b3bd |
| SHA256 | 4c9ad11f83beaf250c82fd4ea0bda152b0f534d3d736f90a441df91ff7153e8e |
| SHA512 | 05ecfcfabb99eab35aff1180b652d5da4048374fe79e027090f8491a6e54703e0f86928b7d3ed43e220fe6165f9f82a27788c3fec84cc77324e598273cd99df1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\256.png
| MD5 | 1535a76a498b65bee06ded1c5f50e4a1 |
| SHA1 | 018661eeef38f3d500aedbfe207d832b0f90a42f |
| SHA256 | 3bca4e4770c35facfc30643c961cdd582df578fbe5c8dc4fac0b58bb11dd4e5d |
| SHA512 | 87005610e053dde9f81f2f86e41170b6470678a8dd6963b0bb979e1ae0c493c204f93fdc002a4cf76d17bf627750968802dd0773afe5d5cc6a8fbd4a8425f3bf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\128.png
| MD5 | e4e50cc5b187d2c380bd98cda0ce9140 |
| SHA1 | 4b9e71a015e7201eedec8b1cd51219b18e232eab |
| SHA256 | b7e5aff778e8930f415ae444c9caa6fc4eb6a26bfee7d80603c6c69a645a2702 |
| SHA512 | fd454ffcbd68f1071dd5d54a221b3f41aee88be38b5acb63bc285d04232da9d13fdb9011a85f87c579043d7987f0863e6ec8b3ac1013454ee6bffa5acf4e67cf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\96.png
| MD5 | 4f2707f07034b3bff67c301f7e849d2e |
| SHA1 | 3c3fc972f9eb7b670d94b018356a78067851c2d2 |
| SHA256 | ef2af430071fedf5ca3a58ee3370ed517aeac8ed39860cb914c69730f9dec188 |
| SHA512 | 1ef91c533c93ed39246514be9bb4817bc553f755a08c0f36d6f0f40c31a73ccc1003fb422e4ada109d15048c80abb7da2a13bc5a5557ea189bd528c1e3a9cb2b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\64.png
| MD5 | 8440c3597e83ff1c7a7cf59556cf5a2c |
| SHA1 | cb5f1dce00457d8475dae15df3dd71f66c43060e |
| SHA256 | bf089d45819bf9d044583525c34ec0a1199fbd8ae1858f8d3eea07ee332b2a59 |
| SHA512 | 5b00af8c7ac557c8bc2ec9f9afee1e91cf06c33ee3deabfec7dd4b382a12ff0a942f90c501c44e66b38f38e448b465fa55a8c74e8afbb357e3c2e1381aef4628 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\48.png
| MD5 | d2febeac064e50019485b7eed903fc19 |
| SHA1 | 83d85f246a6cb8d55d7d159a82163cbca82a5476 |
| SHA256 | 086dbea695a07a1c9a128e217c75f33feed49be7c48b86987928ed1286145994 |
| SHA512 | 592d28728d6278ea1a7425122c88a556e4584107bab883915cd5a7414abfeec2f3ca6efa89b78147399a12943261a80f1931d721363e52e82afe0675a03c63a1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\32.png
| MD5 | b2e115beeb708b1128414a99e1364795 |
| SHA1 | 7133bd55ba21daa3a1309e89e4ae6add3c7e582e |
| SHA256 | db9a7fa18af97a9ed6d6936b6661da6d5438f3580191a879079e444a1675405d |
| SHA512 | 3760e8ba321ea5265ec92340768b2f8f3247b97751f7998c48694e7890c3521bca126dedaa26272b0b570f2e4338e42b6f377f9afbe581ba7a7d51730379bffe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\16.png
| MD5 | 4ba9bff449aa818bd40d00277c088df7 |
| SHA1 | 3fd8742ca57a086075239e1c2f76821177aac653 |
| SHA256 | 1532cd8dd902ae80ed72d42304d8a43194cca7d18b0c993fa4ac938a8631b702 |
| SHA512 | 8dee24d83ceabe5728dc4cd38f21de57ae7355db34818976d117adfe37e2687b8630d353dde0d5815354c63b75d960769ad151d0717213924b1a8a1abb406573 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 6d23d73559a1b02e5c2bfe6022dede82 |
| SHA1 | 5022b47ae3f20f63f852e7c3092d999595d73efa |
| SHA256 | 2ad19a516619bdb7d22b9b72586c39f9b245ed8ee79ef5fd9084a2e4e96182a7 |
| SHA512 | 3871a234eee506f879211a6bc1dd6012e33c1277dd96aa1d485af8c30428614d859ee4185fc5f0cc2c3e00beee537ee596c91c2f48ecd7ac188181b39ec67480 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | e7bf511fe1e5a218175a4d8775b748e2 |
| SHA1 | 1aeb1f6942bd8dd9502e86e1384bed1b9fbabe15 |
| SHA256 | 3055eb54d52c6a58e851d3c344f0863b55a8326a4181533a06537ed9608038cd |
| SHA512 | 0e48b702c23ffcfa595c10939fe939c99971db3895327d994f58094d28b352bfa56926c1c2a635f0ee50bd818a7d5e9c0307eb4d86c52b0f340720dc26787e28 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\0e8e2f22d40226da_0
| MD5 | 97cec0ad21ed629a8633ab3d83b25256 |
| SHA1 | 046a269efab781eff64e8208f1043eeeb2b6f958 |
| SHA256 | accdfcecec86263164dec787c1d81d23de0b273cd5a90ba554492e4845633417 |
| SHA512 | 41ad35ad5d5eae83ca0173e064f87bfa2bcab38c33d09a7222a345a4536c06012253327fe6dfab507149975ab51c24610d592b2912fdc0be35d1209265118a32 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\fef132170d47887d_0
| MD5 | e0bdf8522e20e956c5c1865aea9b9868 |
| SHA1 | 9ecc21586f436f316a1fe6d980a257b2092fc1e9 |
| SHA256 | 194f70947de7fc73ac784d63e235ebb225702d0ad4b462e6deee49003906680b |
| SHA512 | 807b0d6d87d53a4c9f8ae54217d0838dadb80ae60ed583402c099faa8838fbf22c134183937dafcb451fcf670ab2a7b1a02a9dabbf0c886733789c65cf125a38 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\593066361082d420_0
| MD5 | 253707000a9e1d7eda4fa53b5c03696f |
| SHA1 | 4d10d7433aba95d582ff6a0e30b5003bcd49e833 |
| SHA256 | 460b69ac570c033d5ed7f48b494db67e7d9d299eaaab6fb91105024992501f7d |
| SHA512 | d5eaff063fba19dff3481ffa9f3b8d04452118e882f65e5818332937e04c0034d8c7c43fd320cd70f80d1b48e470d4e3308da0f78de7a3c530892b9414cc3591 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\64318a514819a736_0
| MD5 | a82c3fb689779451a1587c1ea4b2ca1b |
| SHA1 | 5dc3c5232c709747ccdc2dd1425ed0efb0fc5f7c |
| SHA256 | 2fc89111c4e65ee5ca121233ebc780f155440b39ea0872e8a5aafe16d718b45e |
| SHA512 | f36cd5f7ecce9272d5ddcbead78f6165a6aa35fd7ca61b66e3cf424d37ec377d3aba10a2460d69977e33ddaafd1d2b25d3c8e9df536e869debcca897c21fcfac |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\292fbdd019f435bf_0
| MD5 | ce49ffd96f3a0f37fd409db959c5542c |
| SHA1 | 3603990c7bac5671509d136950c14e43bdf10db4 |
| SHA256 | 8775e72567355d67ab5d1103b497b20fad47c61be6ca754e58f69633891a59f1 |
| SHA512 | 5d150812ecb4e6b38343be33784da153c21a7b8cd6593398cb2b2857e300d9e1496d0ece9cdc600f8ad482e184e784d20420cfbd2add6187bcf41d7659aa2042 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\88a052183f2a4b12_0
| MD5 | a24ec308005470ad8ebf021f60f34c4e |
| SHA1 | 73d84ddf6a6dcf42cde5ca155efd7c2495aaee58 |
| SHA256 | a9500fc6c51d69be22f6c594dbe92c0eac32a505737120663cdad7096fc6b721 |
| SHA512 | 3fb3d6187fd1cb40997b1124c0d3d9d6e64f77a465a439bd49d47c0556c28c35e226049f48d1dd46ff9bee810ab788f6131d522c86c7a31c1a6dfb97ff8a7998 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\de3b030126695833_0
| MD5 | 45d06d56086c9b67cfb8b52c8d806ba7 |
| SHA1 | a86a2333ec99715ca6352e423a74a84d13b13036 |
| SHA256 | 8aaefaa38fa069c69851f3261fbd6234352c358baefc9c0c1427d1483e2ef667 |
| SHA512 | 8c263d46a5384923f5b71e73da8fdd34814b59fbd22f48c60867a68951161af24be6283bab67b68c86ee0ad725ad7e8c30c79b5449de3a7071c9538925b54283 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\25fecb7eba1124c3_0
| MD5 | df5239903c20374d11f3c757a1bbbcfd |
| SHA1 | 7bd4c2d2a26cc4f06aac6089d84822f7e5298d2f |
| SHA256 | bc1738ff3d35f86808babcdd3d8a11603cf213e3abc907b8a9df133d9630856a |
| SHA512 | f4561d450735f614cb4a2f14b23fc6298124f060106a1ad6df1176edc908cc40c91a69baff848f37ebd0c3abd8fe8709fd52d7c7d38fb07b2dfea5fb4c87dd3c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\26986cc774600b65_0
| MD5 | e639c233ce080d788d8f0e6a3477fa48 |
| SHA1 | 3a27ce65eef3d1461e157291d45aeab1bc7b0438 |
| SHA256 | 5711ea052329a3a27a73fd195d33f4f1016649e6383167bb0626b07a070034f0 |
| SHA512 | 55320631d4496c4320b1728ab4273cb263983b3d5ff423a9876fef2a2bc86f247f5c4bc4c756485609f2ab3b25ed64ad0421912b43257ba875df210c20450a90 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\6d861d3c5a9afc0c_0
| MD5 | d256f73305bf5d044358e64ce8986a2f |
| SHA1 | e28faba7f00fe14ab0642b19af0e4833bbe05514 |
| SHA256 | 6cc735cdc0f34a8ed614d884f8df4adc1c50d7afffad3668747103090a0d9cf7 |
| SHA512 | 2a9d0b0b7185e6be42a8d365813e2cc9d2a012e392c69bd1972a7a3437511dabe37054c8c4f98a0e9bbbf23fd7f80766be858b39d75b9273a3a16e88d7104154 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\5128ede85833242e_0
| MD5 | bee1c94006f703548bd3eb0ba17230e4 |
| SHA1 | 1f6a91404255ddd024e35048772bfa57396590c2 |
| SHA256 | d0f016d16bb9faee831f2713c2b2f6b2ea40ce29990a0e9f25c8e10f24de5fc7 |
| SHA512 | 7a6face339d3f3934d78bbcbb11e4f716130e51d806eddc8b57502acef0b434f34a8d92c02815ef7fbdbcf7785af0183ed8761e190ee6e449de2ebcb1e342e29 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\76c5a9253784477d_0
| MD5 | ea4c4341414a1b8b7708a09fa57068a2 |
| SHA1 | 9f9a55bf5ac9660ea5641d0e12ab8355b6fe6257 |
| SHA256 | 8ec6356ec1673d88a3612a74742fcab1041770f67cc909601eb11c4811c707d1 |
| SHA512 | 83346274cddbb2993dc3821ed4e21dd24b851066de31be27442742f5b1d5986b0e0799b789e525239111c6c44080e8e7b8906d1210d3d221ab791b7de2cd9e0f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\72c2e20ca5d250b9_0
| MD5 | fe144e8a946692c1fdbbc1e94d5aab9e |
| SHA1 | 8e93027375dce95f4373e2c38aa3c57634240d48 |
| SHA256 | e9532c23d55b0620c0a6dee30de083b2993c5fbf497fec4de854cfb1262077af |
| SHA512 | 815b2ee2e1ab7c5bd4098555ca948b37e473671d6189d1aa8fe6ed381453555b80fd4f118c74cf58e581c33d4066eab4552673da52f5aebb1fe87c1099cd885b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\9c1d7216fb32fb2b_0
| MD5 | c79374430f99c63078cd9dea8669d627 |
| SHA1 | 081ab48ee9093d1b0eb1cc5e773a81a2a3c431ea |
| SHA256 | a2b872d715662ed1b369c06b4ee179dee8036e65dadab70f7753f8cfa143392b |
| SHA512 | bdba70c40a19dc1a47e2c2efaf866d8547f810bbec627956652a301df789e46aee9f50be1a5fa89f447f89febd829404cfed35a60706733dc2122e5306add136 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\e7d083353a620397_0
| MD5 | 400d22f91fdbd17ad45b1a39743c69dd |
| SHA1 | fa38d5d97dda5336895e593dd029d224006b242a |
| SHA256 | f3f3a7cd6966e3aec87065042f6b1efac1747fe68d3f676c9a16b86c2dd03fa3 |
| SHA512 | 6ec61a1a277acd448a7bc0c8539aa06819edff1eeab5153e1a6f758309d93d1715bb3d3fdd1c8b01a101203c2a09d356efc2690f47db27ce08eb014d685d68ae |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\2a9877b782e7616c_0
| MD5 | 39846803ac3f83839365ce751d1870e7 |
| SHA1 | 1eac7e342ae8a1cbb09e01c2f2e658b06f45458d |
| SHA256 | 35a82e2e896ab0129a3a01aba72f20af0a5d09dc351c6d0250cd849c15dc090c |
| SHA512 | 063dd219c835a58206254301a7ac896580efdb6f762e0f1d81a9ebb56a19eb1bb842f87d1e233ca42d712f30881d9657c98edc3a1b0cb351ac986cb29444647d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\1ad10c4bb9e37138_0
| MD5 | e57ebaa421abb69c998b1c801b8a213e |
| SHA1 | 386a3166fd447d1ec8bf1f8daf51d81b4f9020d6 |
| SHA256 | fe43fa74b6a6c370af142d7ab14d8d89e610923ff0a00a5a777920e4c9d6fcff |
| SHA512 | 5ffbfee9970bfa19ff9242b08870ad1b4d3690363f05d7af792cabced98cb27fdafba3f1161f4fc1544ca34da1fa3ac418131f5210e3452e376456ed57377cb4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\cd4004d6793712fa_0
| MD5 | d8b4c2d97d843da3f576599122e45bf6 |
| SHA1 | 33423ee82244450056292e4d46a0ce2c8abd545b |
| SHA256 | 1dc739f09ae3c59b424c64ce51e701117cb878852a337095309c4589c0b4b8f5 |
| SHA512 | 06d8324a1e1e7516d45c6c825468a326286ff47cf5a85007cbbcee64643264b0e8243abebd290c2b5b45526aaf677d5176481c98625e0a22ed58bc62f95e9bbf |
memory/1920-2430-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp
memory/1920-2431-0x0000027A755C0000-0x0000027A755C1000-memory.dmp
memory/1920-2428-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp
memory/1920-2427-0x0000027A755B0000-0x0000027A755B1000-memory.dmp
memory/1920-2429-0x0000027A79FF0000-0x0000027A7A3B5000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\ae662e046f7b3fd9_0
| MD5 | bca4c558f9dc9d4becb164bfefb0b8f8 |
| SHA1 | a735452410f3b870f7017d0579fea61b3326046f |
| SHA256 | 2f2d589a50f51e990d758f9d552076e0fde5f9ce9b8be781465f86c3fe1dc810 |
| SHA512 | e85c68f22871ebda2d559a22ed0056afd3631f75b4ca09e89da73fca2f9499df7e32e106b3f7227db2529ac93fe375316ec8f3c0501fa794ca60ceed4b645798 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\11b2a035e28b3e94_0
| MD5 | 813361932b486b0dcc95b6ccdac636bd |
| SHA1 | 544e770f3050fe551f2b027fcfcea75d7945bc2b |
| SHA256 | 383836a0a9b32d9dd4994ed625fdc3b0b5106fc4895a520f05b0f5572dcb8009 |
| SHA512 | 421144f48f7972ddbffd709bd5acde5ca0de25060e46a09ec64fdefa71e2bb6a8b98fbf98ca65a5635364e68014818dd1c5fb170c0daef8e75be609fd15e2eff |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\261779a6811bbe41_0
| MD5 | 424153b88709940239d633ca57cd032d |
| SHA1 | 8140ee5d1896cca484d602a6abcdd427e56b3f55 |
| SHA256 | b186b0e70c9dd55ef860e556c063a996b5ce676d56e968c6d66e1b33e987b754 |
| SHA512 | 40ab2406840a000a82f5495c48be66b0087289ae256d8172ba60225335b2802bad9ba61a62c20db8f885d68b1a36c0df61d4d35d5373d533f5c54b7ba956b2dc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\eae1176e3e946f64_0
| MD5 | 30f0904f7e6562f13afc6723f0e2aa99 |
| SHA1 | 5e46ad2b171c32bb473c58253cb65565e49c05b3 |
| SHA256 | 75d9e883a0924cee00e2aca5a16219da845086c2d9c31fb7132b6d03eebe4e2d |
| SHA512 | f81da25095b08567b64a68160e9d0341ec7e74fb17907a77c0a4190d89908b9946af761d8eaf50afbe387b2e37e9536292c449f0eb72ff48336426b934404a66 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\dcd100f566d000a0_0
| MD5 | aa44ff5d3fc20a45b973649d2804ef6c |
| SHA1 | dbf61de0d2a646df9c9cf4307c23f867d5f45648 |
| SHA256 | 8c44591d4861f4a2377b41396d7219201bcecb733678889213fa57ab89042cdf |
| SHA512 | 7e1d16fbdf5c39b4968cdf74ecc797c3db3bf1d6a0629fbacf51e7333570e0980792bddace388b964a3494afc001f02d97620bdfb2c2c20a368fbade29a487b1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\a2223359f092e089_0
| MD5 | 518f51e78f977c87818e3d6fae124e26 |
| SHA1 | a327fbadb7ca64816e407fd302eb00d5e09101fd |
| SHA256 | a0bf8d641eb67b664a1bb47745f05e70cc6fe643a4819d4d8c90972df819a962 |
| SHA512 | 55b630fd4c84475c62bc598131cb1902a16b4f88d1f698ceeb628d0ea450465dd3cdd16758779dc82fe64003afdf6e7335362a11e369fad4458da0a8634ce183 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\8296f0417b1dca23_0
| MD5 | f65459811d66edc1c7f5099694ed225c |
| SHA1 | d8b35bc139b8a428ff2a10e05efbeeb74a50f9dc |
| SHA256 | 2a74a365c812abc80636310066ecb8df6135045f9ddb6e375b9b9979232267dd |
| SHA512 | 7405709e69df9ae6f3f4bc9da688e9acb849e31e53a3f3ac2d989febc6cb839f624707e5bf9cd6d98bd3d54569d4a19963d2d82db09d2fb0522ca207b9289c33 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | b258a20473ae106fd1e23df9c9778e88 |
| SHA1 | 568dd0b5a31e5928b0e8268077becb4e23066006 |
| SHA256 | b413f4fd69b9cbf847ff54af4e4fa42bc31d0de643fa26b5e809be170f3b247b |
| SHA512 | b8dd2b273ccc69f0de23817df2e36888d7548f1d20c6054a5ed97b58c6472f07b3c7604cf6a79bcac265c055047e95f04711a99f43ea1c2121d8e3e11f7495ab |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | 9fe5c7dd02c3986c3f683a8843d541cf |
| SHA1 | 34597613d28c95d996cc421df696c3f22905aacf |
| SHA256 | b3c9f7916384fe7a910f2c01912418439a9939e669c7fd499facffa60f48d661 |
| SHA512 | ec27995f2e2f15678cdbfb7595a07004e3f362c0b919b25cf93ae20056ca6194c8b816985455b32619c39d79efaa5458d5bd1c335ede73d30458dce45ab64333 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\YandexDictionaries\en-US.bdic
| MD5 | a001803a541e9423287f10e04c308458 |
| SHA1 | 34f61dd4de2b813cf4e83973883f92a4dcaea375 |
| SHA256 | dce332b36c0d04d42f2811183b690c1018753fbeb0253a06ad27340bcbcc098d |
| SHA512 | 54713d13d00de040bf12111fda4d7de1086abb4b7dc73d6a7b27a4d7772044095827a4b070d8a13d195d9ac064a7b18cbc1b1ae7e09e79dd5665e35781210908 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\YandexDictionaries\en-GB.bdic
| MD5 | 0219b9e35a405b78aa6a883976d18e7e |
| SHA1 | 7fc3859a80368155a247312a4a891632ae102b8d |
| SHA256 | 160aa12638debeddfd670c37415a40bc49004a7257fe8921642b4bd7802d6f74 |
| SHA512 | bd786bdfe2d1476c8b88320110afcf97eadd641f728c487775b87cee9ff31fa7f13ad5200559b918db7b9862f5ea99e4584b4020643bab5e5369af9e0cf6c6a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\google_import_script\24.4.23.0\script
| MD5 | b807ebd3002f71c1de6deb285528a920 |
| SHA1 | 14b2c18684174abd078600bc9ac95628c00ea952 |
| SHA256 | 8b44c53ea53b3ff1465263dec2380c68e88e4964984dbdc1497ff2aeedb010d6 |
| SHA512 | 2885e6e91a8ddb346b15ee22f8bd0ea4735314d16a7a480c999b890fc3fcf68e5ab7ee137c7e788f1652f889f23ed920e70cd58bd9300a1e0af44babeeb9fdab |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\google_import_script\24.4.23.0\_metadata\yandex\verified_contents.json
| MD5 | 683c4594670f2cfde98a198091bf1889 |
| SHA1 | 3d6e271a452024422213183980bcf510226648ec |
| SHA256 | d38c186b9c02f7db4aeaa4326e5012470c3eaffc1f40553761b5db62f6c1d344 |
| SHA512 | 62a24ff8f7d2fe1f5fe1793719b2e3f964ab97552e0c75835f299c8ae3cdd4f92ab71c3c4baead8d234176e96672baa787fdc043ebc2686f6639cbf494c7ab4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1174149641\manifest.json
| MD5 | 29012066e78d4e28ea709f43e49c9cc5 |
| SHA1 | 88c04e80be6ad489b271f3f86a4f1c6d29c53f67 |
| SHA256 | 711594a302c5158486932dc5a5a080a8e7d2542a8c36da00cb8cc388a08a99b1 |
| SHA512 | d4dd602aa722bd46fd9477e7b167e65285003594fd6ece49523533913e8281a4bbe1d971fa7fbbb0baf3944aba1d19b5f3a2c6b56dc1101bcdc6a53905f511ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 922fe2c0242d155b740458388b99c8bf |
| SHA1 | 28226a297ff85a341e134da4ea5c928177b99291 |
| SHA256 | 2cb1573d9a9801a2942ad36bf79996af7736fdbf03163b176f025c69b825cd5c |
| SHA512 | fe4e94f87622a2fab1ea1a5d8682a5e0c2b8d73cb24ec9199b92f2d83de67e174da652c447a18457fed65ee1ecf424b6275396556d39aaa8f356e7a178914680 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760
| MD5 | 17c227679ab0ed29eae2192843b1802f |
| SHA1 | cc78820a5be29fd58da8ef97f756b5331db3c13e |
| SHA256 | d9a253514b6a010dfc1916c55246797e5773f13844ea3ec2d25078e845fef760 |
| SHA512 | 7e33288afd65948a5752323441c42fcc437d7c12d1eaf7a9b6ae1995784d0771e15637f23cc6bc958e40ea870414543d67a27b4c20331fde93d5b6dc6a59cbaf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1361809516\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | dd8881b04a3a42ff2f03a00fbcae8c09 |
| SHA1 | d3edbe7f32360bcc90f075ee15d1c664b6da0d10 |
| SHA256 | a72e976ed18b7ea3618cb3ef4126fa9071cde32d66a057a92e2c605a9cf7939c |
| SHA512 | bf52d961301f038a301c07e1f7f502f97e3807ad06f78e6c9c84c9d22924500e06b839ba6f8399a593d185d6994baa897924d6d95fa69a78d99e0723dce41e6e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 89211ab77b1c50aa32ec9e2b5cc2eb1e |
| SHA1 | b791fef2ecb8f0d1416b337dd5eb00620ef47b13 |
| SHA256 | 69272c4c5162b8e63cea1b555993003c6e61df93b6127dd68ea0dae51d0cbcef |
| SHA512 | a0af2c7c380ff6b577a195451906264d180283dd811a77157f552233f23be3bc78b09b0de2e400fbf1582538b4498c48dd83f570aa119ad9412181ef22761741 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity~RFe5a76a8.TMP
| MD5 | 369a738a7fdbe939a0ba0647fd4a8b21 |
| SHA1 | 55a1b357b3ba75da8cc6b9f8e0fd8399b1aa8d52 |
| SHA256 | 12ab3e66991b34cb00c7bda6da1cc131af7303a94a26574a1ed495b796b9d116 |
| SHA512 | 4f54cc2f3e47b0539eb8422571ee6b1e33e8bd519aecc9254da9730c4d3329e609ae53a39308d471c1fb3d551e50feee5a28eeaf0579097a05109eeeab98f761 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_updater.log
| MD5 | 9323eeba4807c8127c53f419219c32be |
| SHA1 | 8a5a25cc327f3b3c48e1c2549bdac024d1c0f224 |
| SHA256 | 768862ee79443cb27f7f72a24543fb0f9a9fc600927564518c1293ad3c1f99e0 |
| SHA512 | ba302cd3efdc44847db8537c6345aed19af403095f7c460ca9f3ebb61bca59dc8c366b14d20b3fa8e8ea63a65e2c97800178b91267d63819bf86642133fc2ca5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index~RFe5a8648.TMP
| MD5 | 48372170b73b8f00f658962b0665d7f8 |
| SHA1 | 3edd53c87cf6b64ba0143a0504e03d504c98f6b0 |
| SHA256 | 85c7e0c2c32badb73a36abac4f275910ec8d149770cb6b55391d17f0687e147f |
| SHA512 | d813a3bd23c0679b5555137fb8176816e708f62d37bb2f64f01f16a7ed8b9662c464c16dbc4fed074a525f56c374e3dd0f022e8927bd21e46a2001875e9ba227 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | 51df11bb0df4722ef87bce792e95789c |
| SHA1 | cfa37975ad1575a62d74b0acffd2266080cae8fd |
| SHA256 | 17f04dfcc7dd3c39402c8161ad7c45ee85efabb9beaf39235bb6e75b7e00ce7d |
| SHA512 | f7a11eed640f47bad6336aef040b53b6c01c9db98d74b18d95799ce30fea60ca2c4ae58f89fcf992765a2b75a4a958cb0c53dab65c0d3467c585e97610b3ba7d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 15256e12f369ea7502090255885bbe6c |
| SHA1 | e29b557bee7af64671afcbd27df5d83f0eaf69ee |
| SHA256 | 0a339e98a05e145efd68dfe26bae7492601f7cea6089fd815510716bc1e0428b |
| SHA512 | 8b9f05908cb0559a9d177056ebd9ea9c00d444901cb4c8857ae7d34b0c442770890567e6c1f962c6716d6239f72f88af0a46efaba5c6ee8956d0fce2d3b755bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 090113e209ab2765ac9caf2cd5ef7249 |
| SHA1 | 01adee72f13afb897b47aeb7a10d84831cc3b522 |
| SHA256 | 96f2c5fc814c744f7281c585b80d8c39f9e07189a1c225f8b85e9b17d52609af |
| SHA512 | 8d6ba8ca9b394484b9ce5f5c727274d5f82b5c4f4d2c7a0232aa6177125637b4e5d8716352bb1d64be10afcac2c693235d9fe474b8b6a4de3dd97899aa7d6399 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 709f6b900ddcc0263bb72bb0f11b7999 |
| SHA1 | a7f70fcadab029ac74be814340788cee148e4431 |
| SHA256 | 82bbe0f8d0d51cd0eb8e6f0a8c4501618ca991204214cfd5f1f30df2bc76a068 |
| SHA512 | 8b654e75f7e6a8d3888b0c0eb1dd98a85f71ea18c78d142975bb3a2f7ffbb1fc3e91a82be30da520c2a510c962fb4b4b5666e9e0703412b360ff06268696c3e9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 45fcf75fc3344ce9c32fc172ba5d8a7b |
| SHA1 | 17176dd9c369425cfc1b2f924389af9a1e39c091 |
| SHA256 | 808e77d9064b5a0fa2e87f9d2eaa7965e052ea4a53e9640ddd76885856f6c058 |
| SHA512 | b95fc13fac346172a887e1a9760621ee798d8a726b78825f01388d5eadec8728b466bab16ff4905bcdbd3a0e4f4cfbe455eea91e63ac7d610e85f20e35c5067c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | eb3fbe1bf2d81032cea655b54981a1a3 |
| SHA1 | a80b11e3880fea987cc52f2d4dab7c3c51fd6982 |
| SHA256 | c6f9a0d458f631a2ea9a245a6d65ca19258fbcc223beb63cb24179e5d7fa9079 |
| SHA512 | 4312d91be7cc29a65739e5935cc769b3dbe5636d4f7332baae03521338752bed6e40cf91cfc2c017e963b5e476136ee21d5e3237f2018ec05f9e86e00a48f92d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo
| MD5 | f62a6115f847e0c192f4c4f92670ac02 |
| SHA1 | 31a1e3e7a248bd3498a2d54856cf605d8a5bb458 |
| SHA256 | 1685e8a707aa4b9b6f86dcfb89eb93aa632196eef708f3e5e4785a7c5f4e322d |
| SHA512 | 808ce21e3232055696e434c42d1d9b8f1873fc3167de2f83bf8a1524ff3a3a950067d03a38e46facbedb583758ca4d6b263a7e3e01fe3a869f37e07d6f0cc0c0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo~RFe5ae2ef.TMP
| MD5 | 5d0414083e8babf809471cba9aa5e5b5 |
| SHA1 | 628a34df5219fbdcd757942552923054f57919e1 |
| SHA256 | aed72a9b08791afba1feb6f5235dd8d5bf4b2e199dd055a8a80988fc21d1c38f |
| SHA512 | f5a3f363d686cf4b2ccf0e9f4c2d53f47d5fbed2207a3c44354a1dd00e57a7a40766e99fdae0e8807d83f2fc72786e1b9f7cc14bb83dc2a5d4ff98a03c69ce54 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | c77b3aebab85769996588ab39aa5493c |
| SHA1 | 6f53b06e039c61bbb8edd89dcb679aa16384dbfd |
| SHA256 | 24cb79f031ff2ea9c03c021b7373acba0db53af5c6ff6f103e2bb551fdeecc13 |
| SHA512 | 84c8d5382c75830ac39ac708183f528e290a34e3942212af2ac0516efba70f69786a014d1715de755a3be69e0e0bded5fad0408c53752b39c30d0f3fb27b31f2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 04c155ac7b4937fded0bbdb9a680ae9c |
| SHA1 | cac0e139dac2566b37821b853abbcd4234edb83e |
| SHA256 | bcf3b49cc47f22ffee635b1a32bce1746ed80b3027c4887572a75cd42f35c524 |
| SHA512 | 91cb29dd2a56d68000a28bc5787eacf0058d04b193bcdf952f5f8bb2d9ddd59c50834a88e489f83584c41648397d8256ab4d0ced60aab520b8acdc96840d954d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | f7eba7d064b3470e63612858c71546e7 |
| SHA1 | cd407a86c2f4b44d9e1ee57dc328c454e38ea78f |
| SHA256 | f3fb0563256b7bddd4e1709ba31f96529465514aa4ba23e48a4710a222212e5d |
| SHA512 | 71daa14a462067605259cda9a79022d240d09e12d70d25ebdc632f9bf3e8de707b98bd9ee8e60404ae6da52c7aeee7cc098173a215a5fda66c29d89d4cbe8093 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1095762810\manifest.json
| MD5 | 7a74e28cea0b1a8f1969ff4ef4430047 |
| SHA1 | 11cbf0dd7060e36283dea377fdfb1105068eddda |
| SHA256 | 8fd032d30c7b9340e45428cfef8aa409a5df1f5a89be46ec0ab92e7ac53cc2ca |
| SHA512 | f5cb2e55c0ef4e56fa12bfffe78829109214aa213c193da2e75a51d6bbf5bcaef1e74bb40e091abfded7bdb076b2c266212abeb05aaa87f4cfda804f581c2b0f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\TrustTokenKeyCommitments\2024.6.20.1\keys.json
| MD5 | 595a80c921652ccf09afd0b196fe3a94 |
| SHA1 | e4ae3f8b880e57b64c6e899505a4ad1ec99d6d6b |
| SHA256 | 7d9965e3d4c47a32fa6d7b290704f22382b70b80e414ce091eb0b0964dc509a3 |
| SHA512 | 0dec0a48f2d13100e07a114dd288370a4449cc347162d6febc8b9b1dc66dccacec6bee79b7d42123c12c7500881e31f30cab5ef3f77029493546cf262de583cb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6ede9f6ba259b11e57e247fb90581f77 |
| SHA1 | 2f16c659ea78d87ed70652d80b1ac0d55213b743 |
| SHA256 | d9f5dac53103211c3682d44fa232495f844ca9c97a1135a10c501d83e4b2e8f7 |
| SHA512 | 29f0d586250b06f99a45d8eb3a1d11a066e36c3230f1e782de85d6b44d29bb9a52419a60a2d24d4d9eeaa90b1e9adb441e25370f8155659cf1946e1224e4b0fa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 25aec3d1f8a0dc50dda3489b0cb1dcd8 |
| SHA1 | 1d1ea9025590882a2bbd5e10cff10d0b8682cdbb |
| SHA256 | 087f935e4306d1f9d5b3a9f5ec795b329b1854f3da593feb26132c0cdd6dff2d |
| SHA512 | 489364f170395a4a8153589d6e0e13d1c848b463f317acb419f5f344cdfeeafdba83a443ec9df37ab76ef9e216671e69482ad758a2617171b5c68e3c4578bf7e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State~RFe5b2d17.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 2b630b428b511483c9a023224b825349 |
| SHA1 | 6287bc16d8fe3df58fcbd44b1423f20fff0f4e2f |
| SHA256 | c3ed9fe62839029d9f072c413cb5662f0d4d61e496b9dfea01598ef6c5c3d17a |
| SHA512 | 6e54b900c2265a41f6b84d45f10ebf47e9ffa74c4abac2105817056857d15adea52a1eb961d381bcf56610b71651b5be559787dacb27e1b53ddd4add81a60e0d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | b4ae3458c006da53c778cc0490d50132 |
| SHA1 | 2fba13d9f253a173ef94dcce12512fe025346b5c |
| SHA256 | 8158e4a1cf33f9baac13f228fde303d77ca6b07828e4e6350d71bf4cb59e8c3a |
| SHA512 | e8f706954cfa2924062ad973137e90b6c0aacf3f8db49117af8740e6d6d4190a599992a010bfb249b38d2f7dc8677ecb45372cd1d4d72a81cca8eeb3788ceda8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_226942362\manifest.json
| MD5 | 5be67ca403afd6d1a47f0c56578bd8c2 |
| SHA1 | 434f0f82a741dd869c20af9d87a7c8b74ee6a132 |
| SHA256 | 0425063c480769e254f7b23b7d850db2f9ac5ebc130777f0878e48bbc5337052 |
| SHA512 | d008b88aba3f76a3165e31b137be6a2b29ee70831c393119d5c652abfb784d61c7229293f289c4112db593592d86b0a2ba4586bfee292154136a2447e9b2249a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\SafetyTips\3033\safety_tips.pb
| MD5 | 3e3b6ddf8fee9a502253ff810e727efe |
| SHA1 | 039bb227ee6a33bd9a5702992757302b7e261562 |
| SHA256 | 574f584b1eb99c8b3b72dbbeaef489ad2a41a998185374ab06337ba19edf4689 |
| SHA512 | f71de8802493d8a15d1ec10293379e2e6c8d7f2355fc5ffdd7b37a27676b26641127e52cd7bd08a6d68da687ed3058a901775a1dd041a31134d15298a968c206 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 3a26c9d63be151c2f34b0d90494006ec |
| SHA1 | 9ac7c3bfcde25b91212b547b9757872486bb9b54 |
| SHA256 | e3e23504a90002efea893b8dcb25ce2549bcea3efe2da43154df2143cd8b30c0 |
| SHA512 | b1afba866a12a5aa03e1a513bb4537a70c0bd6c4f981346e3ab8a1e3db27ac85530cca3f3dee91fd74f358dbd4d817b06e2c02ddf2d921b4ae02a843aae4939e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | bfb1b271a246c52391a0d80738543d68 |
| SHA1 | d61645c04da2628d2e8cba8ea61802dfd6def201 |
| SHA256 | 04ebbd1cd9d6ce8cfd667f7522561bbc72931ceb8b7fc768b9db62afff2a9664 |
| SHA512 | 40ddd53b6e8ea8fbc7def779f0d62e705bf172fc686a615ad2cbda0b140c7a071212740466a3d664934e3e60583fcb7684eda0a016628a189f329700c46e6a9a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\79d4fa5f979d0a01_0
| MD5 | 43bfb86c1d011699ef211246864c6cfe |
| SHA1 | b7be15381856d40eafd3b007c2dea68887eede77 |
| SHA256 | c18f7352c705ed4af0d10209f66ddab3a1b46077f7a09f3a128fe870ff195c01 |
| SHA512 | 71e1df51f9ccc31aefed304c82db84fc895f5e8f983b89c2b3ca2f5a0c0ed5d09182b9b026502b32733b47ec20ea7fcad6de42445647820937956890c097a6e6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\7827bee013d00f80_0
| MD5 | 46086179e2a1c05a6c95d5e9927ce8b4 |
| SHA1 | 8e5f0f8db27998195dc14d9a2f08bc8a2f1f9c76 |
| SHA256 | 417a7705a2df06e622e49d07ef6b95a7882708f7c429925da44575f30cc9a0de |
| SHA512 | 0771bf05a7e0a6302ea33fa2fca6892f50397af5473e6e91df4ee3923007b37b32a0dfa42aee6ecddf4866cd90d68f0c7ed14bb4a016be6cd16887c6fb897063 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\60066e49286e850e_0
| MD5 | abcfc9e7442d5d9aefafc6c34fa50d2c |
| SHA1 | 0fecec408085b0c0b0f3921c28c6f5d71a159c18 |
| SHA256 | 4c7e186813cc90abf9e914e03900d446837441ec4629f7bcf776be1ac5d71a8c |
| SHA512 | 4ba471b7dbd9cd96ab4e3c49d8215eddc5f06a82f14edfaa2b6929dadcac6d0fb656b54828dc8353d21c5ade45ba4034ee85175b91a4c719b53b1c013ae9bc5c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1458602318\manifest.json
| MD5 | 10950d82748d86dd18d27a3ff48e3d89 |
| SHA1 | 51f45aa31aa80eea0a895c2593644b18437f0409 |
| SHA256 | b01191554fdfb5be60e485d455168942b73fe1d92f6994b40c859161f1d252a9 |
| SHA512 | 84103bb69e1ed9ba8fa50cb6274afa3509a46333725ca5e5316f066041844605287fd938a7dab7b0e0997aa0313b4abd0a75ce762693ee5ff6609668a6647bea |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1458602318\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 03e22c2c7fac1c656989f09f4cc95210 |
| SHA1 | 29bc3b3b1591f0ca90bcef44dd9544bf22f8a473 |
| SHA256 | 8b8542733de04faf87d8b6dc3a2e474a61a4ecebb9ea83b8ffc892f31c119210 |
| SHA512 | 399324036f93b3513d7453c4eb403ec018ce4d7a4f9767de0d4e72d869e00c3d2963c73e5a9f42bbfa4f0261d6b8c85244e024a22d24be9959e5babbc448ddec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 7430ed620867a07c3ede4596bbf41169 |
| SHA1 | bc3a7e53dd362fe0e6f3c9f3c862cc7f581186cf |
| SHA256 | 5e324500280220bcc97ab11bed22d55eac47b143fbc97eaf54398ef7482e824a |
| SHA512 | 53bc7c58f90569221606427a6c6fe9915698b3e7bb165a525c5ec41369fb62a5d3bf59bc67c8654959e68959d6074e337fd84c2a543974a7af6d80fe4a3b2466 |
C:\Users\Admin\Downloads\Unconfirmed 439379.~
| MD5 | 4e19e70399076ab58d1160d0fa2664ec |
| SHA1 | e7ca7e0f1895c6bf60a14d6fbb0ccd4fb10a3134 |
| SHA256 | b9ee60f31be0b7dc3f814c8abbc7caacb6a3e1dc7eb1504b8e831dd42277f8d8 |
| SHA512 | f6338b52cb5a80d960e6b1ec72a28538614782a75d0270cb89e911160c0a0e8e3a4d0f93fb902c70c37cc5f4da0529043776e2c0b59287096f976addb7e584d8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | eef4d6b897ad4e3b1a2a79dca9314fe2 |
| SHA1 | 8b675d3cd5a21fdce36e12ea98f4b16a17ecda67 |
| SHA256 | 74f7ba8e3239a6fe44ce7fbe921991eb6c0ee201b0881c63b07bad43a6b971e6 |
| SHA512 | 32901bed7e7b98e87c349e460213be805f34a2a97733b439285ec0f3c7e291b8af787f2ace0080d6676e99bb1c40ad6191fda3aabe1d8dd5b891021b897ac7da |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | b6a627f51cfe3ea963fde3d791c2817c |
| SHA1 | 6dfd4a50bb83c17665ec705503e49fa651c762b7 |
| SHA256 | 6b18b23cf1c0c8ca58e07d8f90558472bc531dda1abfcee073e83cb46ae3e77c |
| SHA512 | 1640e5a7d6b715a757a1b6fbd387340e19046d11f67eba51955ade7515cb2c88a56ee9ea5f668a1601b6f26586faaac5f9f24910ef9db2624fdb0a5eecd1a394 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | 8103cc082664d470ba5972cd72025ebf |
| SHA1 | 999ba3571d61901fe00ee8f5196587e355c168ea |
| SHA256 | ca2b734b3a571383676875a17260c3fc60bd9d1b4f2c5aae4c994b8bcc49828c |
| SHA512 | 28414cc313219b5111898c8c6367d1f83a03291a32f2363b0afd2f88d00c2b4263721bb57682849ef8d5952c1eca14b11da51862196c1b0b70fff7f75e9e580e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\58940c10-55a5-486d-9572-56b37e955b72.tmp
| MD5 | 2a2cfbe9e614c2dc8ffca066043e07c9 |
| SHA1 | 6f4b0e45bd84238d298ee2fcca60fb8f0e2cb14e |
| SHA256 | fc9cde01208a16ce51e199c974a4c57c4f6c9c415d33ffb550f9b5f77507a644 |
| SHA512 | 57952b53221ff928d13f60c58314ed6c0891f7fbb52ade56bfcf8a6a6511f0cbd0b1bbd7c91ab8619d7c064e9b477e6d2b15dede723f10621ae2bac0a0e865f3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 55b77fea7df8ac5bb056c42282f6aa74 |
| SHA1 | 0eb657b2448d40c808dc11206e9375158680bc69 |
| SHA256 | 6e65346430e3dcae021edbe48f2f7a97eb12a1bcb460fae5f124157a351ee9fc |
| SHA512 | 2b9314e602038e6795d25ddbe80e6b501f3bfe019098484cfff77569441b996c1ca27aa16ca9f107fb04a1fc1a490f5b00da6731b8dbe574642adbdb81a60acd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 975ff6b02fe86402b9545b9a293016a9 |
| SHA1 | 855c26e8c14d783e5569aa9f5f8f61957243be56 |
| SHA256 | e0c61e4cdb42533a051899c4de7eeb50a2c614039704b4bc77bd2266c03680db |
| SHA512 | ad73588ce123c3d414115746fd491f4fe46cff5bf250e577b1063c0b71c0f521ec604af6d41deca31d309cbe7b60f39a6c6661f32dff4496e7facf820f8d6bbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1bc1419c9253c21abeaa1357bd3f2eaf |
| SHA1 | aedaff7b6be71c36564d10767923f275654ff343 |
| SHA256 | b38f20cfa30abe7fd399a3d6b346236d56163ebb5c7cf6bc00533d715f1c7289 |
| SHA512 | 18c0c1928a0f362e1f3c395f89bcbcf12bf15e4e6948377cea1db137e6c07bc81ebd6b858bf162920b0ebf285ea588319866b8b7b2856ac63d79b5466c33f0e6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\ee0728e346456ad7_0
| MD5 | c0f12d4a0b58d2eab3c05210c8515ce7 |
| SHA1 | 7331e3b2d84b5bfb479ee8e7aee832b16996831a |
| SHA256 | 8a92ad93f6e01aa2a86db4566e508d7e7ef7c57a89c0d3f9248b7b4b53c9a289 |
| SHA512 | e9e0a50791f083ae83c092c80f959a4b9e9c8b94667b16a0b5e27ce4cbc8776fdfc77aa4364ff46947c46f257da7c8c2c955bbfa96b5aad131d9e02dad035597 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_872191792\manifest.json
| MD5 | b0081117533a778faa0e45ac4609a5f4 |
| SHA1 | 68a08b5412b75fbe547073399f023d168d638125 |
| SHA256 | 848e8d63c8e1f7378f55b4791e8dc60d491d7238b77a1b27e57b4df922701f4b |
| SHA512 | cc5caec4b4b47263efd08025bacec1e181e835f83e1e7edf77bacc991d2ca7d90732d80c0981062b2a6fba6011ebb61a403591dd1a7475337f7f5e49a4ecd97c |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\7z.dll
| MD5 | 4da585f081e096a43a574f4f4167947e |
| SHA1 | 38c81c6deae0e6d35c64c060b26271413a176a49 |
| SHA256 | 623e628393bc4b8131c1f4302b195429dfa67e890d3325ceaa56940660052b1b |
| SHA512 | 0fe168bf1661691dbaa103e478dd7e46b476db094bf1938bf1ad12ddb8a8f371bf611ff504d2eb3ac319862444cc64a27ebee8735aa3752aa32a399b09427243 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00004a
| MD5 | 025c67a0703a8dabdcf0339a3913c78d |
| SHA1 | f0be153b2e42ec9a0742ca3c850213e9af0b8bb0 |
| SHA256 | 5a25dc4bf661f7a5020b9420bb9f4cbae3492847c54e3413d37c9934cc06711f |
| SHA512 | 192e13223f9bf363f35642af64273a1e8cda0f98b5e53296a74331a5e1942f99fa6a72ada3c10df80c59159ce4fd760e253aaa98d7d97beb9511fe14cd98bc2c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000053
| MD5 | 351abd831ef165b0d53a677732d916a7 |
| SHA1 | 0a3b58e32b4c96222f95965b983c1883866d5923 |
| SHA256 | 74cad18795868a3a77256e6a1bce43e5761782e7c72efd85d578d6d91888d5fe |
| SHA512 | 1b11ef517b4a4fe5f8404e2318c5d7e583dfcac5a2a0d9ec9efdc75786b15262058a25bed41b9a291767aeb7147fbf01440bf618a1cf4778ba90d34cc825ce18 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | c209aa92bca3d1175474eb0f40d753a1 |
| SHA1 | d44bf6effe0cd483a1871c25c867b3ff2fa80da6 |
| SHA256 | 3be345d3ff45bd408436abb93b8c678f6603bfbafcd9a0991e55b8e0adad9514 |
| SHA512 | 7955f3fb94d47abcd1154f1d0a418884f9cae1c170d8f83df9b61d53a22131923d6e148af6da78c4fda5267e84b7a391f67f09299d91994f894f95279526ab66 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_788690434\manifest.json
| MD5 | adb45b8125bedfcd51b4121e6e91c7c5 |
| SHA1 | 880e19f493484107beb040c6c829a6247db3f663 |
| SHA256 | 9383ba8c3d352e8fd0f12ad7acc66964dc6fc11277c024d6eefde0bd8986f424 |
| SHA512 | 8bff4458ccf1f6fa4a45e43ff02f89c458114209b26e4ae6ac3337a88dfaedb7435e77d96fcd94d3c29fb341be55a13d48a6cc47c9389e6874cf0652cc8eb16b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\yandex_payments_autofill_popup\component\23.12.20.0\popup_config.json
| MD5 | bc733993188cbb21a81e932fc69f0c1a |
| SHA1 | d90b12a0c1e1be4abbea27bd7c820fcff7406f41 |
| SHA256 | aa6e9e04e1fb6d3bf665dc19511817708629d428e55b33170ec142a7233a88b1 |
| SHA512 | 825cd2a869ce40e1053f745f5e42d398f373e3b3bcca484f88fa64ca76ee95074a5f7a0e62c6768de157d33a6795744e05f501b96f7bcba039177c0f6f800ef9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\yandex_payments_autofill_popup\component\23.12.20.0\logosv2.yprt
| MD5 | 1d41750213afd92544be52dbc3b3c894 |
| SHA1 | 8b1cf6ba3247e2ef5f15d8e8b121977d28d22b2f |
| SHA256 | 4bf3b7eda9cb76188d2a14daff85cc7a3acc8a865c493601d51e2c31e03e048d |
| SHA512 | 6b793210b4363d69285fff86ae85521871c4c014bec07c1f96c971dc8e2d9508ed1d753d0470cef08760288b63b39974c653d3ef8cf80022b819757f4feca96c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | f4d0344bd6d5dd72e7c4ddd9095b031b |
| SHA1 | 782639858a086d07bbf8fc18adc8ff969c15ada3 |
| SHA256 | 289d468998b315fa243eacb178dc0df4e358f49efc084fa1b92d245990e02069 |
| SHA512 | 55b5d65f4f105e8e6a71de1963e97849d4275272d1310aa59f5f07585d05fa9250548d6c6152eaf7d05a4baf631025e6be2af5664f6c5f2529eb21a6c4bfe800 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 9b67be98c719ec2e74782281d447abbb |
| SHA1 | 043c5e10fa016873dc14451ad8c231654efc157e |
| SHA256 | a6133d5bcf27d64d1d101824d200df47b2344a2662bb9b66fd68e6393670a240 |
| SHA512 | e75e7e2b4300008beb7ad0ba08f2f36621224a3e1e3de5e56ed06e23770eed4b74a168337fff53cc5883e8407b3ae81d6b28882d15ef6732d861bf9e12b6544c |
C:\Users\Admin\Downloads\Unconfirmed 572327.~
| MD5 | f0cb04ad4c15fba31532eb922fa6de6f |
| SHA1 | 097d5c12eae63ba6f9e7791aa4d65c6dddb4bce9 |
| SHA256 | 91068efbef44f8ceedbbbdfeea8959633c4ecc9100c3ba08b2603d7c5d59ac22 |
| SHA512 | 5ada7baa49edc7ad430f1e242b0fb648018b25dda7466059b2c963f95881de0be867e0237fc4fca997ad420c2c6a42c39db0a9e0242c58ac02b6a575388f0848 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.28\mscordaccore.dll
| MD5 | 3143ffcfcc9818e0cd47cb9a980d2169 |
| SHA1 | 72f1932fda377d3d71cb10f314fd946fab2ea77a |
| SHA256 | b7fb9547e4359f6c116bd0dbe36a8ed05b7a490720f5a0d9013284be36b590b7 |
| SHA512 | 904800d157eb010e7d17210f5797409fea005eed46fbf209bca454768b28f74ff3ff468eaad2cfd3642155d4978326274331a0a4e2c701dd7017e56ddfe5424b |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\MBAMService.exe
| MD5 | 31804b530a429b25e5763de3e7e5238b |
| SHA1 | 4d8eb7342a2bad8318ac51a02b7b55f978178422 |
| SHA256 | 1541c57f87f24610dff7a77af7e932992ef574d16ef3c5e7007255776951ee3a |
| SHA512 | efb6d78ad79c6edd8378640d2e6082320936b20462279ace63b127602009b06cc7097c822706cdbdbf9603e33372bfb5c8492c0319030a687589def37ba3c416 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json
| MD5 | d94cf983fba9ab1bb8a6cb3ad4a48f50 |
| SHA1 | 04855d8b7a76b7ec74633043ef9986d4500ca63c |
| SHA256 | 1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a |
| SHA512 | 09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\dbclspkg\MBAMCoreV5.dll
| MD5 | 0ccbda151fcaab529e1eeb788d353311 |
| SHA1 | 0b33fbce5034670fbd1e3a4aeac452f2a2ae16eb |
| SHA256 | 2a6ac5a8677bd1b410420183169b9ca9ec87dbb78ce0f11ebac2bfa022df7c70 |
| SHA512 | 1bf9b8849b27491ecadfb4caf4e61926f9a0a8479c247a2281ba2d7c1ae0587251330ee29cc053630047e279ef6b52d3a125e21144b9688f1328f101bfc3c2e9 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | 5e0e2d584de048ec8e1d96a8402b9074 |
| SHA1 | bc939970e17845f19b5487ebc0f1962aa4f5a756 |
| SHA256 | 2b7b5bc2a6db622fd284281cd712081dc0a8c2650ac55133a96d2a719306f41a |
| SHA512 | 8481bc8a5a7188e3d242f426d9daee162ed372101327ef6c452bdabb64cc3b5c38814715705d8341303a3ae1b377e6a0c77b8e0d7258376f563af8f9d21131f9 |
C:\Windows\Temp\MBInstallTemp33a504c233f511ef99906e89720fda0c\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
| MD5 | 23f1360ae0e948d300f0f62b53200093 |
| SHA1 | e44fd6f0248e0a02525ee67664d83b535d9cb7d3 |
| SHA256 | 40dfe0689b744e0812ce857f7221ff85431ca37315d9b4f75ca40892af5870da |
| SHA512 | 6e34d2546626736aa26b369a86745bdb9816138244fba3d5b5e29de4585cf4e66d52c35b5c5a577f252b62a137e340dd9de36c08a06f5395baec5a726ffb5222 |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | c75e58e20ee6aa037b02db7c0fb96c6f |
| SHA1 | 164d12ef06d7932f91d0f41cc7c9a306d8b90ff1 |
| SHA256 | fd2aa8af915bd9573aa678b8af2810567b7259b5458ca8a33d55ea29907ca55d |
| SHA512 | 2ede9925a9f33dbfb0622ee9ba509c540728cb2be94b153942175427718bd4b374812883998862168e3fc63c44a2a9a6a26631fb2770150693d152fa4da68bf8 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | dbee8e7bbcba63adfa242c00f228afb0 |
| SHA1 | 6aae8d9e4053cb52a2f1b6847e65ec6335dbc0fc |
| SHA256 | c01415842abaa4bb6ada941a44c132a4a41c55097fb7e931decd04e8b5d6d380 |
| SHA512 | 1e82896df024fe6a2390e415bcf8dd92f71125639daebed99e115bd9ac219b5667201d29c6b2390a2fcd505c3780ba112ddfca128137b665da0cfdbd4d63f038 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | e3bed29d538f72ee6210d0e1bf54e2d0 |
| SHA1 | 970bffdb75bd5f6073db54df16b6ebf591498df8 |
| SHA256 | 3bd2fa4b015f59daac679f35459c99d4ed4497f3420d3047077be29b8e4782d0 |
| SHA512 | 9ddc2fccc0e95c1dc4e8ebb54662096ef7aaca3fdcef2de44fd32a75e4042a2bfd617a098eb99b684c2871eb8d0efc3767d0004c305acff15ee3d97f32b01b81 |
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
| MD5 | 46f875f1fe3d6063b390e3a170c90e50 |
| SHA1 | 62b901749a6e3964040f9af5ddb9a684936f6c30 |
| SHA256 | 1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec |
| SHA512 | fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557 |
memory/4448-6633-0x0000000000090000-0x00000000016B7000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Tablo
| MD5 | 2afa956341331f4dd825580841c6d366 |
| SHA1 | 25bd11c14d0455cd548d09d91f6b377ac8dcc69e |
| SHA256 | ea4b918dcf1cdb55944b3c6636f56bf17099d9be61b3d1239c7369cc1ccedfc0 |
| SHA512 | e092c98ed3d4b8386b019c90315cef5f9808dad626b5c3fcce6be1019732c912a8997c0dc9051a7bf953fe9ed0d28929df0c086e8af4fe8f2aea457dbb91f7bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\neuroedit\24.6.24.0\_metadata\yandex\verified_contents.json
| MD5 | 3134d59c293a968b89f7a4f43b48d592 |
| SHA1 | a68472b86d0db453012fd81dae5e0e7a038ed62d |
| SHA256 | 497420490539f0d802f7b49667e154b9978f614e6eb59a6cf7ad7f3b0daab247 |
| SHA512 | 9fa12e07eee8c6292957e2679c8b256b58fe8fd4f19ef741b73e0047c4f4106c00426e15e50d421c5e0ac5409f7cb1d9144b6d3c096c08e40994e8f4e6f839df |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\neuroedit\24.6.24.0\config
| MD5 | d215c62f1ff65afd2cd28fe8d7ae3ad3 |
| SHA1 | e615851a7dd8c356aaba53ec87d6e9d2cf2771e1 |
| SHA256 | e442e6c6e14b910942b4e6f8d9420db13bb478f30d30bd53b7f87b007b1e9ee9 |
| SHA512 | 62d97990d76d9f5c0329e8ba5fd0a1f7e065a0d09f41b294560bfe1ffa63ad1b18ba284455dd5baa68cbf6d86eb1022740b5c24041c2704125434499d13d3066 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_970700512\manifest.json
| MD5 | f778ae37d62abe52bef6cf0941ce323f |
| SHA1 | a675c897fed47dd8ea617fa09a7210196d9bdd88 |
| SHA256 | 4b4c105aa6388014ba46c22875626eb1b6fecba383f1dcfdc247d1c443b7e83b |
| SHA512 | f6a1cc3bafceaedf8f73a741423fc06bfb8dfc377584b47d472d18657ff624c53d99de21797780cd19b78a639d2fcbc43f173129fe4b917fecbad3324aeb4751 |
C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf
| MD5 | 5d1917024b228efbeab3c696e663873e |
| SHA1 | cec5e88c2481d323ec366c18024d61a117f01b21 |
| SHA256 | 4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8 |
| SHA512 | 14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a |
C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.cat
| MD5 | 8abff1fbf08d70c1681a9b20384dbbf9 |
| SHA1 | c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6 |
| SHA256 | 9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658 |
| SHA512 | 37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f |
C:\Windows\System32\DriverStore\Temp\{fc0d9710-8430-474a-a3f0-a9a0731d56b1}\mbtun.sys
| MD5 | 83d4fba999eb8b34047c38fabef60243 |
| SHA1 | 25731b57e9968282610f337bc6d769aa26af4938 |
| SHA256 | 6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c |
| SHA512 | 47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | d0050e00bb76dbf53696785fdabdaf1f |
| SHA1 | d7a044e578e93a008b2c0a89008b606556b109f9 |
| SHA256 | 5d2bf652aceb2b68aefdbdbf53572dc0b38a9c513556f0c92d9f8fddd0950a3c |
| SHA512 | c70b445c82182fc6675a4ad52f11d6e0ac7a878dc87e4f98638565f2a242754f3bb7f4ce08598c9127dc231e6ba241ce1dc9b700788a6ea5fd3cc6fa1d221338 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | a2f8ab3467e2c8c07b6c220ddee7dbac |
| SHA1 | ec3f3bac51d85abc3a2a3a09288bf7b2ebfa4c88 |
| SHA256 | 5753adb8585f8cbe1734e038912b65d8f2d48c2b2a497a882e950d3c70b988c9 |
| SHA512 | e9d9df8f53ac337cd4d14e3ef251bc8beaf2abe8bde8aba1b77e10c66660da2e39a782ba99b8fca961f69b98e6890a0c3f668779b8a41db1438a6a012f8a20ba |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 6aeefa4893da8ddf28b45ad703e05524 |
| SHA1 | 9dffb3c13fe876264c1872b3c1fd22f8d304a803 |
| SHA256 | 6de3c345aea09bedb5bb44884af22ce076891fa2551bf2cdb302ef97b853385f |
| SHA512 | 65e4f77885c75f05356ace909d3e7d73becc38ee8bdeb0351af57d2818064cd46b05cf9fe18a3b42d36aa8f9c76e7ac03e8123dcb067170b27afced3a36bee1a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 5e93141ab6781456258d2107da5e08c8 |
| SHA1 | 97801639d6d74ac74958fe6692b7e020498c9312 |
| SHA256 | df24b050609d1ddb49e9ec4d67104c8d79ef7a8ccfd7d569f2523b21ecb67e75 |
| SHA512 | ee366bfd601a4d27f6f3a4e7d400401f91928749bf25d03d374025387684d97f010b6fdea46ec4ecfb897addde565c72f5dd6e45f21029f827b37db25bcf3721 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 63361d365c4ed74c6bfde4a0bdfc4dc6 |
| SHA1 | db9ecff13d16ac8a45b1b725a5ddd94db97eee32 |
| SHA256 | 376efc225c4765507aaffddb21f35a3ad071ca8477be6a029fe4c8f402d5281a |
| SHA512 | 13c9adce11510db3b6ed9f83f360e837ce4afedaaedc70cc92573085b9a9ca25a346091a87b67970a7a57b6909f9b02e9b509a682897c4c1ca398e6129572ff5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | bff1e2296f90e0fc486bf779d76a2cc4 |
| SHA1 | b89b57d6b0210d1a7ec0d4b6c1a89f619ef7ff11 |
| SHA256 | 60b0876a9b38e45593d1a4eea359608f80d304341cefcce3ac83af9ff287f05e |
| SHA512 | 3e33d634b829d9143c425fdd2562ee4985ebddb6e5d9ef1e379b00dbd95a3e1da0b0f227769f37eb415587174fa242fd6c7aa5896b8872e580ae1c77f4028326 |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | 0cbc6098f690a2b51177f51b005b5731 |
| SHA1 | a60aff1e78e7282da282b61498d4a721b0b7a367 |
| SHA256 | bdd8b7eeb9650f2b322c1cf13f478ba53033f22d9b5abaa781938284ac9f0b0b |
| SHA512 | b6d4e725044500b121a014aef8b72f38167469aef79daad7f27a186a8324409c55bb282c7243ae3bf13d7d4ef15d383dd70f02959494c68e42cfb33fd788ec51 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | ac880a689e4561b9d4cb896c4dae1634 |
| SHA1 | 11f41ebaf1bc92e4357bff508a6fbddef446dac6 |
| SHA256 | 56845bc76a580e13a7597a5020e05ce1ffd49494ca02aa2402b45f92f63ed92f |
| SHA512 | a52fe8bb1091bdd9aa63a2991fd17d79e2072f34f94eb649c98cfb1aa6f518aa6253dd4c14aae308e3da706789932a619a2418175a679ad3d434f15a25deb771 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | e32567a2c89afdc0f52fc056e3df7fae |
| SHA1 | 688f86c082915cc369714ab0c642370b3b2f8036 |
| SHA256 | 02bf8b9f8179bd374f7f425c16977955c1765745f195c692deb33d1d01f8b7c9 |
| SHA512 | 7f097f337ffcc357798ceea5a46dc455a347b5a5fecc06a8909fb803efe3ef360a6902e1becb0bcd33a8eeafd6c5d34ff3ccf9975248f8e21f0b24ebea0ea4df |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 0c5340ce86d603145f7af32533c42e96 |
| SHA1 | 7e9c0307b4675209f240d955ce5d477a8b56a9d2 |
| SHA256 | e82433c668a0df4a32469fc1083652d3fe9302093ede1e53ca58c6a3bb0cd241 |
| SHA512 | e8534e7e9ad63ff27f4057afd6a00c5dac2390c90b7fc0c053774cfa04f8a43d00b161a2278c7075c1642bffa5a623010dc2c745d10b4ff7e5f618ccb5116eab |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | d410f4e79ee7b2320d303826772f9e74 |
| SHA1 | 8ba186ca70d33a15647eec931d718a9a8e6d5b72 |
| SHA256 | 06b3c6a6adc9bd68204d469e0a1df78748ead0be39ba84cff302f2969d743d16 |
| SHA512 | 3baa212a2bf5e5a254fd286e0d6e9d080bcbcfaa42470af4d5cfb7a5ca6e6a663c2919e5c2024931e29c2f8ea880e823be42f38cb79e30bc7b5c4961a9ade32b |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | 3804f87087cccb0b35d446676b423ae9 |
| SHA1 | 4463b5d4fa3cbaa41c7323a60e62019f6f923e25 |
| SHA256 | 4d08e4b82964d74ff57058324551b1c0038d61c07919bfa0c5ef56adef4cf3b7 |
| SHA512 | 19feb8d2c53417158b01375ceb08b3f144e185551953444514621ab2318e1e265923f60096d406a93ae541a9f2126525c68244a903f146003999c7d3dbd22e5e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | 365b76f0b1f87e99d3a02249af03be1f |
| SHA1 | 8856461d7480a61350545fb0fb0123a41be42ef9 |
| SHA256 | 48c2c77d1e5ff385cc6fbc8d487196c4d9b2b728ea8b328daeb1fa6c8fb552cc |
| SHA512 | 8651cedc6b3e8e45c10f68603b8fe7b8fa96ac2a93386f20a7ed892360ac98e8843b34b10552a14242d4eb57bfe5cd6c8cffc3b1eba5e429b29d4c16f83a0590 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | 484fad2ebc63e56ea05a278f5852f072 |
| SHA1 | 5b40b61ab222b0cf1ada5a928ea4bb6d4e3669bc |
| SHA256 | f9d58d6bddd03b67d7a1125737b0e2cc05dc007d70c2d15cc9daeb478bf7c8e7 |
| SHA512 | 6ea478f9b58c5e5fa5056df6f179d3db987f0fc6dd1c562bc1da04d5a158d0d62789f1a23adbf3f4d6dc5e0eba46f0671be8ca1484c2c0f7fbcf8b30b45f85b8 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | 68fcb05b981a9c846e2ff8f2d24e3c0f |
| SHA1 | 75b2c28fed98c6b468170659ac3019c1dfe100b1 |
| SHA256 | 734ae7dbee6e614f1ea948a1531c6a515d7d728b2220a92f773c556b64dad212 |
| SHA512 | a038f9201f37b6e3380f5a22d1b82434b6011a3590dd7186ecea2b45648b85eb5c5f79c376fecd2eac75d1278aa9da6fffeabae254443590949d67ae82b7d430 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | 69ac80ec518ddfcb3428c91e1064f4ec |
| SHA1 | 0d28ef92f3b27a70dffaa780999dfdfca078de1f |
| SHA256 | 9345fe4378ab8bc156b8e87d59f76f5dbde8f2a554941d5697c1c5d7bab508d9 |
| SHA512 | 6e91f24aae10fe9f872a9ac7c62a8ef86f9ceae7ef47d06d38d355f31d874d00a36527c08682b28ff4bd31040bfa5b2738ebc3dd732b74a01a0e764c549134ea |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | 2498cef0de1c6bb0886b9bfc18c0f94a |
| SHA1 | c3ff934a610e3259fee57aa1f5cddd9059be0898 |
| SHA256 | fa6be786109d895223d5b8efdfafda1c16a719d7f827c8c0a1afd22a4b186369 |
| SHA512 | fb5c99a92956d1822b1ffd2ac0fc68cf02ce73ad2b6f38e713c6d368d29c8a343b4570f05ef82a08049188fe63e0653501fd1d585302a05f85b740207317783f |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | d051cc125a75063b57b7f8df0ab7c71b |
| SHA1 | c0b0f56a30f5072f1121a70809d152b014d8943f |
| SHA256 | f6670d2bd29f8e1b028e71e263b77a377797a1cd52380079d57c2908bea38fa1 |
| SHA512 | 5cce6a21e420aa12acc73878106d958cb806c25048f9101d7a3b0cb196ac1fc0c81f52796d8b922b9bd4c8283aac860ed18bebbf914916c4683ceeb14dd1f583 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | d806b3d9414d09ae0455b0fcf9792f0a |
| SHA1 | ff482981eb8446276df306d85e9f381840a958f0 |
| SHA256 | cb8bda25b18c39d609c2bdad1d2fe7ca6f46adbc6eb6e4577c521b2f2d45f86a |
| SHA512 | 644c07f0042404717c46e33cedc5b63b198501402cae40dde5668f212a57e0f7ed1f30fd198fc3ded4b4dbbed242ddd756813e5a0c4b100af09e188049eaf5b1 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | f802ae578c7837e45a8bbdca7e957496 |
| SHA1 | 38754970ba2ef287b6fdf79827795b947a9b6b4d |
| SHA256 | 5582e488d79a39cb9309ae47a5aa5ecc5a1ea0c238b2b2d06c86232d6ce5547b |
| SHA512 | 9b097abeafe0d59ed9650f18e877b408eda63c7ec7c28741498f142b10000b2ea5d5f393361886ba98359169195f2aceeee45ff752aa3c334d0b0cc8b6811395 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | ad5afe7fe3eac12a647f73aeb3b578bf |
| SHA1 | 29c482e6b9dd129309224b51297bff65c8914119 |
| SHA256 | 7d2c7bc745e07d54f1c26c06d7438eb40ec6f5d17dfa15928b67d447f4c63747 |
| SHA512 | 5be9f8384cc22bb7d69d8e532e7025675db16777b2d01ca1819a6e3d8c7daaaaa23d842d338d55d74eb9973e230a8f9a11ce7524667fee09b18fbdcb5a49289f |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | ffe5a249402aecd1d0b141012ef5b3cf |
| SHA1 | 9fe9b21390d35a0f82097fddaf1ee18e91fd2f2d |
| SHA256 | 1acc1c8c918e0ac6cdb4fc41d96339959d42a71947a02f573686ee091606ac57 |
| SHA512 | 1f7427472ca3f8a9abf06d761595fadca59b77ccea93477e6d71546a1385d654817cb356585dc05499ef87f61c504511399620852e95a46601f31fc6fa05f2d7 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 956b145931bec84ebc422b5d1d333c49 |
| SHA1 | 9264cc2ae8c856f84f1d0888f67aea01cdc3e056 |
| SHA256 | c726b443321a75311e22b53417556d60aa479bbd11deb2308f38b5ad6542d8d3 |
| SHA512 | fb9632e708cdae81f4b8c0e39fed2309ef810ca3e7e1045cf51e358d7fdb5f77d4888e95bdd627bfa525a8014f4bd6e1fbc74a7d50e6a91a970021bf1491c57c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | 6dec583b32d35b10b33f9c22f84b42bc |
| SHA1 | 8691e274bae4520df69fc42a493d917f80807b1d |
| SHA256 | fd60298f767f6c1c4c625154421f5796dac15e3c21f4f61f4d61246e734c7637 |
| SHA512 | c2c54adf928632608bc1528bc27d6a076c45dd666d503cd2f271dee59c112f9d8695357280d563cebf19cb89540ce1f0c92c043b6ae58621df8c03224a70f330 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1118d772df1e66491cd72e91c81fe5b3 |
| SHA1 | 7a303f0bac9df32006a2ec9ddecc334ec038681b |
| SHA256 | 1081edc588ff5527c8e00d26338b214f100e5e9f4a212c5ec206f18f38f670e5 |
| SHA512 | 72b8d02e55989e260e21015f7df9e5e2499f6b3a14af8cf2d0f2c149ee09362717762761631953eb6d0e50496fc0cd7cf224cf233e39333bc494643d4c055bfa |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | ee35a4fd80c5656794efb78e53e9dbe9 |
| SHA1 | 34abd7fc8baf6d33bc658d0e6248187fee6541bc |
| SHA256 | 34e8bc66a71f4bf1c3d153c47eb24aca37010b27181a5b05f7e0eb6c66dafde9 |
| SHA512 | 63c1c65e1c17d8328a872ba555c977816f63143750677fc0b43ad113e0903e09a39f8ea9d6041e577748c9c10aa72cf4c6e1d0978934cb2aa70c3bbde2b0145b |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 38c486d07992a9a20fbcad9a9f6fb118 |
| SHA1 | 4d8d25dc6e060437692cc223ca501400ee97b1e1 |
| SHA256 | ed0fd5c77e267dece3c545a45b3da58ababd2c64ac8928a95c17d3b96323fb9b |
| SHA512 | 5bba7cb3dd7d5c3aeb48ec989672d82b19267e6afc98c87eb6ce111c970de6ea6d61978d63a1137cf30b33add3ffe4d219a038fe82b49a8058a3621d3105501a |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | 4cb061c124f1ebd6d062bc396a6e63df |
| SHA1 | f2fdf072c76b5654b43ca4529326ff0cc550a442 |
| SHA256 | bdec72ffa81cf841ecf472c241591722a71753ad43d5f3fa01c5cf999cc10926 |
| SHA512 | f76e0a5eede032a7e829a52ae87263a92121c22bedcc34c46a24994609f308368221621babfd7e578e8908070dbfc4286c545d3588a0fdd3803e996de2567c46 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 60aec775ac4ad0a7c8de95997e59d539 |
| SHA1 | 2245ca8e88ae925089eb62d2593f1c94880686ba |
| SHA256 | 0959e176dd4a09dff0d329803c87428202721e83b77760e7e5994ec73328914e |
| SHA512 | dd57799df9f50f80dabe6f812cf6e011ea560c3eedf23c9593c484679722004cda2af5c80336f83270cc9b664bdf2530d88ed31484fb802f8827103eb8ef3426 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | dcdb366acb03752667c221eb86aebf3d |
| SHA1 | cb6bd62b1673a6b3f6a427cd93738668f85735b4 |
| SHA256 | 204012a45f3fd618bb19bb5f27d9da1b8aa9bf00f7ae74ffe6c10805e51cc350 |
| SHA512 | 005417d7236366b381e7f2d3a2af4b7302006b792a9f26271a04538f0d2316483017a5b3f3d9f9d6bdef71d3d6949b0c54749ca33fa9d6761e3cf4d4b9d3c236 |
C:\Windows\System32\drivers\mbamswissarmy.sys
| MD5 | 4b2cc2d3ebf42659ea5e6e63584e1b76 |
| SHA1 | 0042da8151f2e10a31ecceb60795eb428316e820 |
| SHA256 | 3db4366ccb9d94062388000926c060e2524c7d3ee4b6b7c7cf06f909f747fc6c |
| SHA512 | 804d64d346b3dbb1ce3095a5d0fa7acc5da0bf832c458e557dac486559fe53144f15f08c444fea84a01471fd5981e68801a809b143c56b5b63e3e16de9db0d98 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | ac1fc815d0eea670ce5ddf8ce20b96eb |
| SHA1 | 9429df93b8f7d261a05ff15b93c112b0b43871cd |
| SHA256 | 31a4c2b103aec5e334341c65fbe01969b208021d1e300b3ea1a06aeae598e506 |
| SHA512 | 21b04ee98dc28d354e2a31c582bc6d9e0beef59444958d4e73cbd275bb3aca1945cbab8236f872c9b1a81322e2d94b31bd89efe34f9abdbbbb9cf078e15c8d59 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 070570b999f79c1daaa437a1c3e1dc65 |
| SHA1 | 0bad720370467eaaa707b452a7dbcd9ace4a56e1 |
| SHA256 | a65bdc1d7bfe02b394a3164955ae18fea9f6c480dc2361cd5e6f16250d9198e6 |
| SHA512 | 6c47954b5da7d961ee65d01ab40b0aa65715c8c9a06b9fe5d0155eb165c1f4890eb60c33b8f846904f1292ebdce557796d7d00a749abc555defd3365b750ca9a |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | f1f74a39522176214da1e7784f859f79 |
| SHA1 | 7b24de81c06de7030de33d94fd16c54f79074cf7 |
| SHA256 | 84ab431e388eb7af556ff983993588bd41c7b31dc2733e7622bfab1c6ef2d920 |
| SHA512 | ae1bf10c2706e2bc4eac5a2e786f68e07d9f0b8cf733e8b89586cf5d3bfc795d1d34114ccdd99f6e140d29bec576b002bda3d5cf242b11cb3919a06980a0dbb5 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | a60287c86e5ec9193acfae05f026adfd |
| SHA1 | 3c47f47df9a510144b4ef4db25a0fcacd17c3710 |
| SHA256 | d9c7b4e6cb106797b7655c1fb75b3a5ee3bdd6791d4963a7f65e0c17d4c185a3 |
| SHA512 | 51700833e5915308d8ebf7ca4d6201f4e35007dc8f1ad59075718abed45d01f6fa651ac211938feb03892f3c0951334935655c21bfb5308da8c97d678678a9c6 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | cee5d5df36bed2d3ab8c451f8d2e4750 |
| SHA1 | c823325c5665856a472048fa132113a81eaea562 |
| SHA256 | 4af39f71cc788d6a3dba46b0f7fefac8d5a1543dcb650d60d002d4498720c984 |
| SHA512 | c804100ab382199994a172d2d0c5185c8ddf5fafbcecf2f13f98f8aac2ac5096a8cd73e48ce80502118ac1f4630dc8cf777c27110a971a30527e7c905624b8c8 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | a301b21ae3c069ab934a7d28c719c02e |
| SHA1 | 656d5e99e6c219da98138b26b30311a897e406b6 |
| SHA256 | f074bc8e5061a9d9f49b25751d5ceff6af2a41994a74378d7eac9980fd83e3d5 |
| SHA512 | 63072644f28ae9e040b3b3c0ba37162c64752a14b3f4bd1fe2c4f104ffe636ad5a771b3d16e85aebe562aacb777adb2426dd54bfe067d73ce1b0d33db3febdae |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 50071755723a21cd37f3177ae411c0e3 |
| SHA1 | 0230312e77a6fe036b34270437487e836fed0a25 |
| SHA256 | ca8362ac9a4a8fa6e655af2e42e9b19c77371c17de8e0df220ab37d261d0cfb7 |
| SHA512 | ac45c938740146f0d8f99d79c67569fde952c205103425ca3368312fd081295e641e75f91efa5c278f8078af58e44143e285e804c0bc8d7d2e9f9c0b39be4a86 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json
| MD5 | 8352d8c73e2f5ffd56fff7cbfc364583 |
| SHA1 | da9b2ca5688e0f7b5ea5bf88765ae96c045f3166 |
| SHA256 | adba87dc5da5091c666d6d38dee51aa36aba8d860baeb4e21d9c5be64c9622aa |
| SHA512 | 69da42e54d709312c059466dc6d5bc0751d7fa9561ca3bb3cf51936b014c805ff5a60eeba54dd6f34b10681072210b9d6f31fed9fabef4fce01cd8c2a8ec9b93 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | 39a000f7b0309f9a42aab711a0fae883 |
| SHA1 | 90d8c808016fe8b138dd6fcf55e252ea63c9aa69 |
| SHA256 | e3e07fe1fd1c1e347514111e81e6ce281346d7488a71392a2ae919c6e5dcfe13 |
| SHA512 | 9f60a27a837ee2dfe0e8f8b5c19d1c13a3f98e46e2b2833d48cfef9a9283adc9c7e34f147f646e80bbd7393284b265ea6d5617a492cb688ec01a015474d5da23 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 549a9e323731d1a620d1bcd9450c919e |
| SHA1 | b2d9982a3b69bae75209578c9bd1a06aa89c446b |
| SHA256 | d459146b2f57d50b898276749d037da07bafe56ea020d0e62b7e6c4066fa06e4 |
| SHA512 | 08a65420ec8930961af05a8b93b815f5c316337a70f720787d6b5f61e666cf1e9a89d6b30b41dde8e8e33accdb520c95474a60765151ac227c2534ce2d4333a9 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 31ad8f6faee605b58e6b571fd598ac45 |
| SHA1 | 128ce408b6ed95293cc307c74b55f26818b8acac |
| SHA256 | 71ebd34913c5228f3542b589d8dcf856810425fc9c4dc36f9b6b2aca1f5ff21f |
| SHA512 | a24b8ecb94a2edf5931e26663a6d0e042755de9583efdd79ae6f14e0f700cc581165dda15c553f0b2111c0b5c73d07fffc039a34e89ce2ecd79b5bb72d5c8842 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 740b5ae807c40967e29e4b5f32f34491 |
| SHA1 | 5f829fe68fe25a94967727192e8a2704e111a74e |
| SHA256 | 167573158581e861f2fe86ee55f7708997291d8303ed17c9b4c3a36a1ab4cd9a |
| SHA512 | be35bdd67a9f44d7cba252a3695bcb87f1416e1b8d91e9ce17f0d46208c038af0a20d3c31db692890e5fec63fd3403290217988ba1c3515003035b2552a302a2 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 8fe371a707c4ef3a048b9ab01d8f96ec |
| SHA1 | 84bd4d3152247bb25baf6e030d0127520fa0a00b |
| SHA256 | 1e736790782c0ce0475608cf8bf3c30eeec3a73cc54e4507a16ca4b1d208b1fa |
| SHA512 | 81f05dcfa3ccf2f00d38488ffc67bd590b226fe9371128f30c6dc3cfb7b2e2407e7d734512d62d1adc10c08f99ada8b744bcaece9ace3918db2d44d79f59ada0 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | cefa4e054aaaf6afab4e7eee00d3b3d9 |
| SHA1 | 182cf790bcc6f5516e8f551134f0d0c7e4e2f97c |
| SHA256 | 8f0258c2ff2fdb2b7f34b9162e45ce482e4fba74b084cfdc6da6266721ede95e |
| SHA512 | 7d43d12ea98da9a52115c6478e66fdb524c8c7b76a8a7241d2a63c893b6d354e35c33ca7005b77a3e6a3c46322f7066be9cb0c1005f1c4e8782d496770ce345b |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 152df61d48f70f31d9cd6e8f78342e25 |
| SHA1 | 7aff8c6b5d9a23f906d14dc54effd4882a23f828 |
| SHA256 | 96521a706787d0efe8cdbcc55062128cc9a2b3a3a1cd931ff575f0bfbad18589 |
| SHA512 | e49d54b2bc9e84cb6ec769f7fa71cfa5fffbae1070da2c70f9c1f4fc5c4bdaadb96351b88e30ae9b590736dc678a01d01c7f51b142f0a335ca4a959dafced368 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 9db749b1ea5c66441474a5ec9d61d091 |
| SHA1 | bb88283ef174ca612accd41d373f8cc9794225df |
| SHA256 | f35ff0b875e6bc92acde0aa6e954f49b105bbe6bf8d10b5cf3fc9951290e5aea |
| SHA512 | 5d22a1ab766741ae6f6aa3a6c8e260b1d2344ce3db66f466677c137ed6cdc161a96257595cbb9943dae7356b09ead711d77861e365bba6dba342a6a57f58f1b9 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 85a93a3c6c803a60b5b04041f7053d5b |
| SHA1 | 67e6758ad39e18109fdb624eb62eedeb5d708fff |
| SHA256 | 44778c5b58b8864f2d9429a1fb9b7516bb59b562503d23e3b67d6c66e84698ce |
| SHA512 | 3423632ed1e41face53b55e39da0cb387f76b2f541256511c699c95ea695ca90909e0f13bd80daa037d8c3403e15ef8202896de80c6bc1c3118ee35b57072225 |
C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
| MD5 | d289d84c0406750cef937bdcdbd32740 |
| SHA1 | 89a8a040a62bc0d2c2809177773f6a10bb83fae9 |
| SHA256 | e21d1060a4a2ad8d0cc781d0ec252b497d96915b648fbc9d1ab46ab750c8d00d |
| SHA512 | c8abdac9756ba299ecd3285a134219ccc222acc9f005a71eae85fd815a93b17b8857ac1e446a8122755e8702a39b76c13df962ba79f45855c752e3347311e09b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\images\passman.svg
| MD5 | 8e8139c10d25c08a14e12743155b3ad3 |
| SHA1 | 9a82c5e35be8627cfd04752244f25f645babf899 |
| SHA256 | aff48837d10f9910c4b31d78f451fe1aeb8ceee7f815dd276713b6fd714e358f |
| SHA512 | 343c05d3e1cd8f2c13e08fe06e75d40f17eb34dc69a8fae715b48a1c01fd85e5dbe22e68e213e7f81fa823785c07926ca478ecedc2ad2212d6e45d09e45987f6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\images\master-password.svg
| MD5 | 3927482ffa72dbe0936f5941bda020ee |
| SHA1 | 287cb2a28fe25c694adea6e16af5f85b1198d9e4 |
| SHA256 | a98b3b44346adf4c2f943fd2494f31cc0b9ade91c7576040826b98d5834652ef |
| SHA512 | 68bfcada6f46b243f212ee68816dd76a97fc859bfc42f9b09ae4bb79ac9413b83132ce95e171fbae074879cf20855c4b2102a0d7966bfc34e30e643ddd8b7e20 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\promo_config.json
| MD5 | 45b706f76509ff79df20417fa49c3394 |
| SHA1 | 436c6df3aa1d7e03e7ffd741b95037f5cab601ec |
| SHA256 | b69a56818b593a19c36955b4b034b7390f2ba4c767e3028aada9486c95c07c04 |
| SHA512 | f8af15304e7429971fb71c8982b3ec25aa35820e36b79e7adacb94f1bd39a919b50d9ef65d175b84dbff5cf1f98df9067b41bc81a180af58a68728cc254ccfa9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\InternalPromo\22.9.21.0\_metadata\yandex\verified_contents.json
| MD5 | f36bbf1bbf7604eb8aaa377231ea911a |
| SHA1 | 741ee49a7fa822a2e6dbe7cc667d6a376054532e |
| SHA256 | b5165ca6b10ada34f571f075918895d7afbda6476300bc7f4f917fb32fa715c6 |
| SHA512 | 0524366a2e598ee291dba05716bf59dbc4166a452a47b2cfca8672d30a3184a14b0aa9b10c319d1bf46aa204ab5dacda9365a29f74acee3d00d06c28683ee6dd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_990869364\manifest.json
| MD5 | 39bf038c38380deaaad6a9b8c8d67b08 |
| SHA1 | 8f5916e53be27a1d3239c69a3ff22b5425ae354e |
| SHA256 | d755ccd850b4ebd9c3ca0ff82e61eb036943dea91319914f7cadcd9b766e8305 |
| SHA512 | 0e5095017386d4f4b4122a23bc80636966da1ef2bec86cbe7d5ecaf995a97276cf0e7edfafd09c80721b17c713d9365c7cf826a8ba4c2e6244c922ab32abd603 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | 56945c5d74c2c06a3f18f501380e10f4 |
| SHA1 | 687607964ddea4bc8146701283e2f81f3a8075a9 |
| SHA256 | 2274b49c5583ac9f498206edebc94d1fe5bc1c0c99f86f33cfae4b767de8bcfa |
| SHA512 | ea521b3b4c51b8ceb165468361065cb8588068cda528c60d858e0e14b174bab9be9fceee0a1d51785ed7ea5847833374f12cc7019015c866fff7048ce67b475d |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 94445125eaa50ae6f262ef250d9b9861 |
| SHA1 | c57606a07b7adf75ec99f8348853cb5e488f9c65 |
| SHA256 | 6a455eacb9d4af03baa2f43de4c4e3df62bba177391b43435e6acb92db25c88b |
| SHA512 | 5ba2c795ecbc120867ca9072182eed3807aa14ccd20a46911049b6f6cb621d57bc6b22927389deb5885ea39c35f896ab6a1576de2a18e58575217c3990aa1537 |
memory/4448-8012-0x0000000000090000-0x00000000016B7000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1403988593\2020_2_1.json
| MD5 | 3ea541491b8e412fd6e7be3058f3e651 |
| SHA1 | 1c1f6e440c0bcbf4dcebfba9d5881f1fe957f1d3 |
| SHA256 | b3a705dad69a19e25c633530a83787223ada6066ef2ed1708b15dafbb643fb4c |
| SHA512 | eac95b21209118d989e90894660dab64a1e840f3e0735627062843c8989337fe485845ff3f3ed3718138b6d63793cb4dabbbf169e1f288b3c21f1c7651ca99cd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1403988593\manifest.json
| MD5 | e81b9b90daf8f265537e800b50933ba6 |
| SHA1 | 367cf60b4766851fd92b4cd4b6ccbfd02d3ab2c0 |
| SHA256 | 4b884808ffdac54221f6802cebbe00878939daa1ef59d697284a9fc08550b214 |
| SHA512 | 24520c09085694c624bbad81121b6420fc1fe0ac0e349cbe3e5650250c0387cf6c2450e48c97885f753acdda00268946397a4ec3103e95641008c7283b2f4a6b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\YandexOfflineSpellchecker\21.3.10.0\offline_spellchecker_model.arch
| MD5 | 74dc47e56e74d947fd0248cfb7fa2d0b |
| SHA1 | f7b0998560465e423ee1e99113609c602fe4c9cb |
| SHA256 | 0b6ab7a17ae5faa8fbffb11938c634e7e4f0a9d79835d227a9b4d8f26f606f5f |
| SHA512 | 3b1e4184119bcc80e0058a01dfe290c7f22d7d2731f954feba23ff7a8b7c885ad139d626f8bd9032ad08a203084043ba42d7586b3700dc5c87cba1991e8fbc5a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 70013ba1a5e3e55c1ad209d92fd5101a |
| SHA1 | cdd63249f6c7251e11e09f269c5a016452c8d336 |
| SHA256 | c4d727c49765b13681283352327fb4f2f94dedde88ab9cdd8121a8e2308974e3 |
| SHA512 | ff3a02fcd07e1597c947bc952683381607f57f2a471070c5bfdc67831dc4b22e7a89a6084ee951a653b1032ac2921d189b172a609db3406aff6b773d84c22d5e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | b061f7ab980fa59438625ed34490845b |
| SHA1 | 499241e30d8faea38a9cab6f0d44c512e6bad33d |
| SHA256 | f31a98935622db0377ecf131e4010429f35ff6ad561cca211dab962568565e62 |
| SHA512 | deb7af4c85f04b0a020d31d13a8dcf74176c7ddaf378d4d50f0489dc80d27fa48d085d502df5e919a29a0c401f31625bb8835ae65dea23bbe212ded7de80de4b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1121078399\manifest.json
| MD5 | b03bbe6f9c3847f82d7a2eabdd31d2fb |
| SHA1 | 3891a99295ed1fcf221a39ecfba9dbae5251460e |
| SHA256 | 8dd1393dead0426492156cc7284fe6f97a710132937d8d7d8570b0d4ec1b0bb4 |
| SHA512 | 0b0b151c3ded7b4ddd1717a09db31d5f003d476efb6f66689f37e9f746784bc37f000fdfd6c3a9f3f9fc8e38a5f072bd73a97b36ac52cadd0889de825ae290ac |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_200342775\manifest.json
| MD5 | 6c252d30449c846bbacb9f4dfaf91c0c |
| SHA1 | 47167aebd834f3d2e53df30932f7d1f8f71f7969 |
| SHA256 | c542497729c6b000ca836790767055d752db766c4d0a7e820010f37e1deec010 |
| SHA512 | 8ada876da447e75fb638a71a3d305e040d1354631f13b8d75a58197c5dd61a71874775125143ba6c5d02e991ee61ab7076602c9684ff92a1dac7c62d083fca95 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\TLSGOSTCertificateRevocation\22.7.21.0\crl-set
| MD5 | 5145c8911244791d70b3c5a20bd8263f |
| SHA1 | 17c8728784ac9fe7f898798d1706e697f38c06a2 |
| SHA256 | 4053eb994c8b8d57e5cd4c84b5da498b2cb21b5f4edeb6eabea3c0e8fb35b789 |
| SHA512 | ee47e826496293dd102b3097c0ed065dbf8c9fa0e99f9a1245c7691511ab9c9332334746bc5e121d3a4abe818bade332bd39f9b18d6794762bd75f7c536e01e5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | ec0108accff40771fa739cf850fe4e43 |
| SHA1 | 97c5747f09076fd1419264ce8758347043cf9c5b |
| SHA256 | a7dc885a334cb6f7c1dd9a503b6513495a7165550ffb8ad24a34b880c6102c26 |
| SHA512 | bdfe87a1f7a9606c13cdfda1027dc78ecd1a0909a739d1ef06a77e3ac93e42de0972302220a1ef1251b0e6df0dd66a90a523ad3b95875835b12cdc45f4aa0cf6 |
memory/4448-8326-0x0000000000090000-0x00000000016B7000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_729750481\manifest.json
| MD5 | 47b06636b47696b370927a257adb98aa |
| SHA1 | f4a17f5393bb270b5f7346d54e1bf5a98274fafb |
| SHA256 | 85866d57538954514761f28ff3492b4fc59bbbcbc86743b212081dc8dd0510d4 |
| SHA512 | c604dcb74c5fd3e1c8792740afaba0006ceef76dae04e6315809a3da64b6b6c4c82f23026ec2ff6fd1267964552745b5d638adac076dad155e393ad916f8354b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\CertificateRevocation\8878\crl-set
| MD5 | c42992179c08834060766b641c160e8e |
| SHA1 | f80040b8edd04b97c2927a17f62881b15ef54eb8 |
| SHA256 | 7dc8a1550de57ef1011a26e24721101ba2decf79264d73fad557ec71abc82425 |
| SHA512 | 5caad95f396bfa4870e620baeea581f1d0365345139d73b22be74a3e4a65532cf5976e9cf60cfce141b53eb1676fe34ad851cffe85543a3dbd755b61883c34b5 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | ab6f9e24b2c37d651cac40a0e9e8bdb1 |
| SHA1 | 565f88043b41185f5fa0a77d365e317c2513fbd0 |
| SHA256 | ecbf55973beb18ed776569f627dbb7e6c395b686178fd14405d9d16b8895fb66 |
| SHA512 | 3f8ab591279e5e32faa6b685c7ef46bde3c3868bcb259fd0c0290848f9a6098fbc30d9216f90bf404746eba25cb52e78b4d33982c7f101839a2948923a521af8 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 5cc987d43bfb052887612ca77228e61f |
| SHA1 | 0838a9a38dc2af2c9a40d924d84eeaf19ceddfc5 |
| SHA256 | c77718ee8e742e675b6d8a975be3d72719e44e56f9bc10f9c1537dba38130c46 |
| SHA512 | c45b357cc5082dd10f22e8360f409baa29a552169bf142a83bebd82d0e7a28f7c41c2d02910efa6db6a9e750b5bd1e3c1144c8d8e35645cac1077fc6f95be213 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | 5a9717e1385703e8f06b27aa10a69e87 |
| SHA1 | 84ee67a9167b5eb6560711b9871de98898ad07a5 |
| SHA256 | 47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4 |
| SHA512 | dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 2a0bea88ce233b8d841d56df26195e06 |
| SHA1 | 889af4a1f2b77423d5557c8ba7980e5d25e74647 |
| SHA256 | 6116b30ab6f4bf5f0e8eca78bc67890e7aacc6c74fbb4a15a93af44bb34f2636 |
| SHA512 | c3d2620e3e1c19b63bacd578cbe55d52242dd01fc3ba5a90d0d001f8cab105a123959f0b18a8e6e71b4dc97d7995e832c8cd2d3693d808c8a81c98499cc63fd2 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json.bak
| MD5 | 6ee719207507850ea10431e25927b055 |
| SHA1 | 3ef1d91e3f38013a38bba0cb779395cb438c7337 |
| SHA256 | 99298be80faa6a0bfa48927bf19d3a4bd11a25eecc93bf312381efd44f5a4498 |
| SHA512 | 4ccd61fe60e402b1e78595a5afe9dc72c4fcc0d2d35ad5b5fa3d1a1158ab935587bda43400521ecc899c7294ad5e07c1a97523a984f5166ecd6889998f20db8c |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 396dce0010860f628bf80cbe140af012 |
| SHA1 | 5a4323fab655912368bea94cb04a7857f461cd0b |
| SHA256 | 929fe075aac609c525ea6b998abdf0eb69e296c0c2f846d0184dc43f9dc0c2c9 |
| SHA512 | df258ea7bda074ba01a66a057bf4966ca801219f3b0c81934672506662a4c72e96f5e08655cbd042de1468302ec297452b49d4cb37b20d37a04f8cf15144cb58 |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | fa04b35d15f3da4ddfd25f13dbf28330 |
| SHA1 | bb43c3eaed102219ab633d3cef8c793ce004902f |
| SHA256 | be4ed78c0faa7c94d997057e56919236ac8f64cc787ba68d68ef16ebe8eee976 |
| SHA512 | e6b3b8844b2411adf8b5a68866022283fb02c65804fb96bc2c4fefee437d543acddebf472c65c65f6797263d41075d933d8da592fcca0e7b816ebc007c20e4bf |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | f32ab2b27e9a7c7c6fc17fe9e86675e5 |
| SHA1 | 9cc357b09d5775118c712a67527320c9bdc09090 |
| SHA256 | 1c8ba92d631dbe235e850f40393d5497a20f9b40e686b439a029609c1e87e871 |
| SHA512 | 9fbf18e86fba17fef521ec1c4955b456076dd760d1c26f39124dc496e7f31e174e1862427a51045b42ddeaaae4c43da774fd4a331201e0e05a47210edde9b73b |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | ec138ff737b7a1a56dadc6cc5800e08b |
| SHA1 | 22bf06abf54ef122ec3bdbbf0d16e55012486a88 |
| SHA256 | 740580131681771bd009c1a27358800c2d893b7fa971d678456b3f501acb2be2 |
| SHA512 | 2a4e93f8fdbb1ed7e1d207febe08bcee083e5c48681663a7000cceb8d521e926f86bec5af08f6f3b178610a0f7bd370030008dace8375fa8aec39d9f0f711ef0 |
C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log
| MD5 | c49e2b8ede87d2d0b2a71905acefeb10 |
| SHA1 | ab3a9e66be0f02c1b5455155efe5512b5a82a7ae |
| SHA256 | 1388a18e26f81be1d6a5e3b95ac2545d16805cff6948be6b0b299e0cca50b635 |
| SHA512 | 16e158f15bca36fe53a921d214c509ca5cd2ce58c6eaf78d1bbf3c49d5f905337279e75e888c0bdc32440cef6202d6cb19401e427d15339630ce32beb2d4ffc2 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf
| MD5 | 358bb9bf66f2e514310dc22e4e3a4dc5 |
| SHA1 | 87bfc1398e6756273eee909a0dfb4ef18b38d17c |
| SHA256 | ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17 |
| SHA512 | 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | 9c4bec17ba2add58348045dbc762ab67 |
| SHA1 | b00ed0ca3634a93a23f70e79bda67c945dc915b6 |
| SHA256 | 9c3b11ba1d4e462d9470fa0b50a61fde9f00cf4adfafd8e8b19f1e8af369cdd6 |
| SHA512 | 6aab0e3d3c189c18ea6540d1736b64a518958c62e1cb0a2874826f6cfd76e3a06fdbd28ae0b81e2fc8fc20601d00d804d86fe9887ab6919dd8090a696fb52b31 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 2c36e9d569b709dd3db63d51ce563ae2 |
| SHA1 | e94ace165ab3109657f82c151cdc793abb5aceec |
| SHA256 | 52182d0e056cea3d2626ea624ae112ec790d7f7365d392e8013b5c9a2d13433b |
| SHA512 | 12a7dd638a697038d114ae7a705db62e309f2a24e69ce9d5eed9be53161e5f8d79165536634c43ddb8284624e94a5fa830a07e12ec07f0c0d2e184a763109b84 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat
| MD5 | cffd7ecf8765733aa7a2c36ca5f1eac0 |
| SHA1 | 549b0974cf92676a7589466a3ee29e1dd45afa6d |
| SHA256 | 89c561a58d649d5f29fe1c576ca46245780369845df32045a64739b4056d8bb3 |
| SHA512 | 47006f07c3270f358ce67c235739ebaa17b8fbd9a05da9f05a079322a003f8e6d704d3c5353e1a186df74b1bd6438526f6701a0c173563d676846c0f0f230be6 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | ec2a55b01c2b68d3f25672d0c2cb5fd2 |
| SHA1 | 4b55537a2e5e682d9a01edf68b6bce9860053194 |
| SHA256 | cd6afd874431c2fb57e18b83324e2a9307f6c405a57710c0e34c2e89e7490729 |
| SHA512 | 46943fb55b2ea3a4f612f92b2f5bd889069086de572900d9c2a894675166e016ec800ff1e029c867a927609bcfb3ffd828c808d3d14271cc578a5acb931b0172 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 11386db21c8be52b4da56c5bda871936 |
| SHA1 | 9d2e551409845199bbe1334f84b33e06e55db784 |
| SHA256 | 47dd1cfa073c55156cb9e60ee16126e48de9363a032c377eedb50b7fcb66287f |
| SHA512 | 7242b3b1e8083a36ccfde67652b5ace90b00339b13f2ee048bb750e37d10ba686c6006ed9bbd139b7db753850c65deb5f1a97ca09f507b226b17abdfd167c457 |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll
| MD5 | 52c4aa7e428e86445b8e529ef93e8549 |
| SHA1 | 72508ba29ff3becbbe9668e95efa8748ce69aa3f |
| SHA256 | 6050d13b465417dd38cc6e533f391781054d6d04533baed631c4ef4cea9c7f63 |
| SHA512 | f30c6902de6128afbaaed58b7d07e1a0a674f0650d02a1b98138892abcab0da36a08baa8ca0aba53f801f91323916e4076bda54d6c2dc44fdad8ab571b4575f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | f96eb647c0137e414e44a6f4e012e942 |
| SHA1 | a68a5fa899586642dc280329e5b2da09cd81e075 |
| SHA256 | 87911b419e24bafc616852d530d83a89cb48af08d9560cf3e04140bc3faab9f5 |
| SHA512 | 4ecb31a25c56334991959f5aaf67414fbd6fc018b3ba11ed721e2e858f5f77a4e4b094f5e5935931b44b8d53310fe4fae21301f1e7363734412025adb0079fb4 |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe
| MD5 | f32a21bb599377682a6ed7daf0230b2f |
| SHA1 | 82bf2720e64b24eaa63a009fc7592cc73c7cb823 |
| SHA256 | de9e116467266b0e7d0cd4fd318f41b841487a1fe125b437f211c801ac8cedfe |
| SHA512 | 54760cd4d0ee368b9729c48ee04c3655f8f61d8c9b1a2be74b5b6bbc3ffe6a71886dab023d1033e1d94f9ce8e499f326459590428ca29b6db0b75438f2d81fdc |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 528789d223c66d837ec3a22c0c8eebac |
| SHA1 | cb62f82c4fa1b06a699b27ee56fb499eba261a9e |
| SHA256 | 8e796ed13282ffb4f202819258f33662ced2f6b1fe0ffb85e44a5004b3caf88a |
| SHA512 | 5865db24f073b8258c495fa47e6ca79ae3ea092da837c99b7017ba034574619e3131c4bf807a228df52a347856ce5d0bc1f494ecbdd512df2f1f2e05b4ea0c1d |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 9093319aae2a786850ed1478825c2a6a |
| SHA1 | 7207e892a8340feacb11137874d4bf6fa62d29b7 |
| SHA256 | 5cab96528c5a325932d260869bafd7b598048b8aba8bd221da0cb6a6ae7a1a56 |
| SHA512 | 6a90603a14a821fec4a7674d5cb4bea9432812b8f4abd2543a77c670b5e0324a55df7fd23b8ac2dea1169a1a814f864ce9c23200df055b9441f0cbc95ec9a1d2 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 74c0d7345d29c7e1ae8c109f2bf92193 |
| SHA1 | 4cfed1a16dfd43bf92860e39a3ea1703da3a9a8e |
| SHA256 | 4ce04540b24bb6ef6f873024116fdc03b3833e14b59ff6c3e14be48a822100cf |
| SHA512 | 143b7dc83e92db45608ca69b5827af1c3c264fe390c70e4e51db15d2562eb749a9cf419e78ef852d3d381ec75ac13609a00b42c8ae0c331af057be831be8a3cb |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 97aa82d90d4dcde02dffe6d6e01ec9b4 |
| SHA1 | b3abab7636986dc3b1bb53db96efb407035b941d |
| SHA256 | c641f66a31e8746df210991fd09e965b4d2fc092112ee6fd93bb71928614540e |
| SHA512 | c5c88ba8368479e0254bdd6854257248be1a00707c955f3dc81a5439400418164b83d45a544fcbb3d822daf7e6e4963c860aa6fd645402fcb9220c1f46124a9f |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | 7ec33c052afd81a7eb453f3a4a581c15 |
| SHA1 | b1589c853cc11e3842e89bab21b3b6c746ecae29 |
| SHA256 | d2ff36638e2efbebf663186bbc59bb128ddfc1023bed2c20d4803495b410c6a8 |
| SHA512 | 7b68f05947ee9b899b82283fc3bed115e2ac2ea1fd2ccc39c87dab2687321d247d25c4a2cf396063d7871957727ec85b40c45d373ac5a9edb181530fa4761526 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | a3969608e1939a70e79e0baa135c6788 |
| SHA1 | b2ecc7474e8ebb47efa0f10e569b6714c6a5f6f0 |
| SHA256 | 6599104d413a220c858cdeffb986baf2c24a0c8bb1e037c3edbd0a043e56a436 |
| SHA512 | c80763c00a4a4aa92ec0bafdb1441a3b407ec98f3d791f6d556560ea0b1eaf562b8826cf2e2cdfe0a2c990b9874f21f1075cd113ecd4012f1d0ab2bf8c012c10 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 953ae979d7bf4b5ce130f291945f2b6e |
| SHA1 | f68bde880aed6c9645cc2ca348283fcb3a39e12d |
| SHA256 | 04d354817446651620e3aabb5809982c66f1fdca6efdf9c617f9c8d86a89b4a1 |
| SHA512 | aae072a2526e49606b606515bf17d9bae19276a47ffcc64384c486fe5f501ab4b9b55b101b88f9cd5f02036d0bef3b024bd789918afc6ae892c3f2d63c50d492 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000038
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | ec75f22a8f3296ad66e141347fa31781 |
| SHA1 | ddfb4d9fdf9b42572cd9801f1517be199d9a3995 |
| SHA256 | 1974ff320b861f171268b47dece12ef6e33268fc90a419572f437122b11367fb |
| SHA512 | d3348c78b9380985874673c360a75d0e358a44f57e577762cf53404277cb7295a3ab464a3a2e76e016226556ccd83823d5d5b4d0125343d9935cd4a1b9490428 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | 2280e0e4c8efa0f5fc1c10980425f5cf |
| SHA1 | 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23 |
| SHA256 | b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74 |
| SHA512 | b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 8e823d05ae750e75394aaae803f2ea10 |
| SHA1 | 7bb90597040a4d589f6e6a34ab975ef191408176 |
| SHA256 | a03b9554c194d538b41f5937dc41d2c2aae2e195c29dfdf3dcf8cbb119838735 |
| SHA512 | 3e9382c2bc83929884c50c10a88a1e610e6add7d9312bf6014aff9aec7a6ce2a7fed10b77aa6d3a1b1c7a701670832fd80ac28d12e0c740dfe85f8bbd690ea19 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_00003b
| MD5 | 7565aae1b8065e71e02f074a5d40b541 |
| SHA1 | 3d176290fa822fe8b93cde7b10dfff4923735867 |
| SHA256 | 2d8353f13c1e7dce1c9edddb3e477c4b1d6f1549d6f08fc917238b9dba53cbdf |
| SHA512 | 4993e424df14bd6ee5086a568cc9d82186a70e5c1b593c1f8273c3008a8539ed137a0ea7a79d7880b8279f1684722b712f4ded005ef29e664ad66260ce0a2c73 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 113e213914c40631aedef185984c5629 |
| SHA1 | 57bf886bfe1e4d765ea43e4c91709a5c4a9a024a |
| SHA256 | d314cea3ba19c49342763fca6b64a33f12d730a8fa531ed9f7e75675035ba004 |
| SHA512 | 76d7286963f28430d8a9bc3b59adf209b5fceb6a5248b7be54c60fff0b931ba2cf46a779f7e66008baa0853ad6ce55a4b9dd56e33574230d1e2588f7679630b8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 93593366ac288ae2c2bf7718089dda20 |
| SHA1 | 41a1b940719af065d85eb484971e60eaaec70478 |
| SHA256 | c1b55fa5371dff5861de6d0f5c53746e987a8c82443dc9c22a725bbeaffe3a93 |
| SHA512 | 711c1a7ec41dd4df3f58c83d2948e741cf8b91df5220a68e92ec500d540f3beec25ec43a3ba618bf6b59ce8eb60fb1dd7d62902e0df0b20eadee71f2096934fd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | cda48af44172ccebd1c9380cbe54fea6 |
| SHA1 | 1d342938f5379361a148f5668242d3f83cd1628e |
| SHA256 | 814707571ac91a9e262ca5fc00af5c84f21b00b5c32cb621a1089dac07267963 |
| SHA512 | 18741d0f912d7c08196c0ac1fe62ec7aa49b6254064296184e9d57dc673edf394e17d1b6a5f0ee12558421181cc086fc08059a8b1e84a80e52c04a0cb15cdae5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 89e1c825487cfb6db2bffdeb6d6eba5c |
| SHA1 | d74c0c30db6a14e172b55fdde61e240db54b3cea |
| SHA256 | a8e9d969107dbe6fecf66903aee1159f226bf2b75dfe9fdc708d0a2fe2c7a6a8 |
| SHA512 | 256f8a2d3de9bff4ecbb8799503bdce26a21aafecc79ca44c6a7cf601e2e27ae3316b25b6522c814a043c094485a778a1c3686a0e845474e3c2b10bb36dc1257 |
C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
| MD5 | 3bc4d2bb173c005c678da34697c17d99 |
| SHA1 | 2e07b4f3af7dc82d8f7a5fdc920578f6e908a0cf |
| SHA256 | fbcfade08f8d2617b6e9f2e279f81ce3b5e1fc0cce5bcfd927cde1335114f6da |
| SHA512 | 36864cef0ba96899d1c9ce088ae931b10461f1360a21fe8791b61acbd6ff1b30786a0f6745eac6acbdcfbcd3f05347aa1aa05fdaaf9e36e8fd0da3768ae78a17 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | fa0469b071e6339cbd1a1c7555a4cd45 |
| SHA1 | 2e00fb1a3553b6f751b1a1799d0a953805cf63c4 |
| SHA256 | 479a43154c143d0dce1e75f3db738ab5e854f135ae5e94e579d0a5bb4d3520bb |
| SHA512 | 304a690fdaeaa1792ce327872b412fe81f511b5cc9ee1c730efa4995fc9e42dcb080dab268971a8273c92d75f6286af82ea98e260330cabb897e19ad8fef9efe |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\expapply64.dll
| MD5 | 76a6c5124f8e0472dd9d78e5b554715b |
| SHA1 | 88ab77c04430441874354508fd79636bb94d8719 |
| SHA256 | d23706f8f1c3fa18e909fe028d612d56df7cd4f9ad0c3a2b521cb58e49f3925d |
| SHA512 | 35189cc2bf342e9c6e33fd036f19667398ac53c5583c9614db77fb54aadf9ac0d4b96a3e5f41ec7e8e7f3fe745ae71490bdcf0638d7410b12121e7a4312fae9e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\version.dat
| MD5 | 4c5f248e7de666e8e3c7cd147d397717 |
| SHA1 | 9be8c25b654c93e178a3687c352069feffc7efa9 |
| SHA256 | 7b66b5d4247f504645d87ae88a77501c89014b09c566595c367ac22877bf6b82 |
| SHA512 | 31d32845a9cb21e0e79cd439495f56adbbe48718231886e81d95940ef0fd41818a4c4cc9b68e7e56d2073a140fdff290b57fbc287158d395b36a689577166b1f |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D20.tmp
| MD5 | 699dd61122d91e80abdfcc396ce0ec10 |
| SHA1 | 7b23a6562e78e1d4be2a16fc7044bdcea724855e |
| SHA256 | f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1 |
| SHA512 | 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | de954e1b5ce1ee84b3fc149ea2640371 |
| SHA1 | fbebe7fb38d8d6ef36b256a021060e5e77f5360b |
| SHA256 | 58f59626643a02dee3d42a89cba8e2ebbd86937b79d2b7c1abe0e8ea6680b036 |
| SHA512 | c6d13e86a66b3cd2a8cbe151fc1abd8e35135aadeee605ce0f4791e64601d0547eaa8c4be99da6190c47563d92c354b1ca03593d6b7d36c923d1c1e0aac2bbd0 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D28.tmp
| MD5 | a7b7470c347f84365ffe1b2072b4f95c |
| SHA1 | 57a96f6fb326ba65b7f7016242132b3f9464c7a3 |
| SHA256 | af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a |
| SHA512 | 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D31.tmp
| MD5 | 804b9539f7be4ece92993dc95c8486f5 |
| SHA1 | ec3ca8f8d3cd2f68f676ad831f3f736d9c64895c |
| SHA256 | 76d0da51c2ed6ce4de34f0f703af564cbefd54766572a36b5a45494a88479e0b |
| SHA512 | 146c3b2a0416ac19b29a281e3fc3a9c4c5d6bdfc45444c2619f8f91beb0bdd615b26d5bd73f0537a4158f81b5eb3b9b4605b3e2000425f38eeeb94aa8b1a49f2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\gpu_configs_overrides\097888c7-3994-4e81-9ec7-e87338f1bb2f.tmp
| MD5 | 3eb37ca928adc5adeec3eb4e0430c656 |
| SHA1 | 32cbc61b2546a921ea788f9ef3e7c57cfbeac07c |
| SHA256 | 63a87d252d41adfd73e94dd41c859249f1c3992853d977a82da87f505b75a4ac |
| SHA512 | af656685f5840d7d2b4ba6fd95a785e93b9a9b158ee064214f24e7658bb3c06748ced10d37e4cde648a44654a641d631e36668fd67f9998091e6aa93f7b74b64 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D32.tmp
| MD5 | 3b337c2d41069b0a1e43e30f891c3813 |
| SHA1 | ebee2827b5cb153cbbb51c9718da1549fa80fc5c |
| SHA256 | c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7 |
| SHA512 | fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D42.tmp
| MD5 | b5d0f85e7c820db76ef2f4535552f03c |
| SHA1 | 91eff42f542175a41549bc966e9b249b65743951 |
| SHA256 | 3d6d6e7a6f4729a7a416165beabda8a281afff082ebb538df29e8f03e1a4741c |
| SHA512 | 5246ebeaf84a0486ff5adb2083f60465fc68393d50af05d17f704d08229ce948860018cbe880c40d5700154c3e61fc735c451044f85e03d78568d60de80752f7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 10db37bb6c4ac1e14c594d466aaf00aa |
| SHA1 | 054e0fd2ea4e78750ac51bb7d61fa4dbaa1cdf44 |
| SHA256 | c00d22255f49f0e5033c47f6dedd6a0a5c175d992f87b18bbaaf4dd814717de4 |
| SHA512 | c11af6d3512a6363e3ee759d049623b3560d9ca4a1d0a9454a55e376985fd3181903711e8f1c594ebd3cec754382fac6029d6802b5a35ccaa9597a2e3c79778c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 6ab98778b28de3f4b9dbd8c6200051be |
| SHA1 | e919e404c73e973ea8ff80c3ac3a165e70df026d |
| SHA256 | a7c5e9f590df26cc16b9274ea91d60621bce8d8c25c299e5d13d5c1d670990bb |
| SHA512 | b46cd4f7ac528a78eddf51306477c6d27cd89b0bb08ebb182a79fdbfd55e36faefc347ee7c63eebfc04e171a9d1fdba204b7b576170806408db70f4bab56200f |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D78.tmp
| MD5 | 607039b9e741f29a5996d255ae7ea39f |
| SHA1 | 9ea6ef007bee59e05dd9dd994da2a56a8675a021 |
| SHA256 | be81804da3077e93880b506e3f3061403ce6bf9ce50b9c0fcc63bb50b4352369 |
| SHA512 | 0766c98228f6ccc907674e3b9cebe64eee234138b8d3f00848433388ad609fa38d17a961227e683e92241b163aa30cf06708a458f2bc4d3704d5aa7a7182ca50 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b1d736a78e9f725ccf043eec6d509692 |
| SHA1 | b7a3619642aa2bdf5f9602adddd310878a072763 |
| SHA256 | 59860cc73d33f569dc053d40f0a679d66de7894d829e8d81d649723459e0efeb |
| SHA512 | 67a0873298dcf08d87a89fae052b076bd93be194e9b9580c3b5c67aa185c19cbf99438cfc11630dcc90e53b2cc6eeb0532e60102260e6c84b5c567432fecfc2a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2c7f9035dcb4cb2946266e4a5e32435c |
| SHA1 | d74a2a947c1d2703a7cd5047359ba765156b479d |
| SHA256 | f31ac09bae0603463488ac4cb6541e96b89eedb1fc7c0bcd514073ce90b7f682 |
| SHA512 | 8ffedb208851b51aa7212c82cebdcc228eaf4cd263e3c539a32046dabd157b8a280a48e4c9fbec9ffe4d947421367ce41833ac4633833fb0936095c0347d8faa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 1036cdb132ba4cb3be08300e2a590fe5 |
| SHA1 | b9a7b101af6eadff1234282623cb7e15d94ecfea |
| SHA256 | 6912b60ea4e2c230606208213adfa34ce2a7ff5e077afe56dfca27efe3c83ead |
| SHA512 | 7ce9343de4cd9821e3a88b7cbcae3b6c5f97f419a9cb07d5909d7a8903d9d45491f21012288ccdc71006367e8339a8458baa7a489ea281d48952f136211010e5 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D8E.tmp
| MD5 | 54dde63178e5f043852e1c1b5cde0c4b |
| SHA1 | a4b6b1d4e265bd2b2693fbd9e75a2fc35078e9bd |
| SHA256 | f95a10c990529409e7abbc9b9ca64e87728dd75008161537d58117cbc0e80f9d |
| SHA512 | 995d33b9a1b4d25cd183925031cffa7a64e0a1bcd3eb65ae9b7e65e87033cd790be48cd927e6fa56e7c5e7e70f524dccc665beddb51c004101e3d4d9d7874b45 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | c10da8cb7cb1b8ba092ea8efc16fbe5f |
| SHA1 | 8c186dc61fb15c50592669e209095d0e07e0d1c1 |
| SHA256 | 56044f175105fd5a24733a9e9a998e3b964381a1a74ad6b32ca1f26b57097182 |
| SHA512 | 73ccbb6ea3b77a4069536403a9d41bcec7f0c3f86b504f9114421ec0b2719aac9f1bc8c1201776f7dd3c82d0f0eb1531121607c6d83e5e1d67afa2f38692eb8c |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 63a8ff139eed8ef4e1a78f48705a86d7 |
| SHA1 | 1a180e12efd8c9a5aa56608a982b4f0ec95802f5 |
| SHA256 | 10de788783293e5b3cf5065126bb105b4532417aa1d283d2666fd4022c511be4 |
| SHA512 | eca9b9f052c98024bda8723428d397ef9df390d172b73c64759e0ca99b67ff9f419bc539c671993134467a1e04fad95efb3eb03c46318600bb9ed3fbbe3b1737 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 6161e4e3eec9879825d4442ad1841b52 |
| SHA1 | d590f901982fb028ec66011c1484124f93363946 |
| SHA256 | d87a3100f7626e30e703af960cb5c92ac1e903f69073d3f515c864fd90931b3b |
| SHA512 | c2f163e042d9b3b7ca43043f3c27e57a18b09065e11d22823239c48b516b1c9d52431d43674086e70d26a6fc2707cd39f1ecbf12538f617b49746aa2fbe8c01d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 27a81febf11ac9ade11e7cf282621852 |
| SHA1 | bc70d1ef15d504dee9734ea684ac1c5d6b9e2524 |
| SHA256 | f0f81ef30630c2c00732f96cfb156bb8952be6288b75a4fe5dbdef0cce0fcd6b |
| SHA512 | 00da22d032dbe51f6df96d415a7453b978df2b8b54f70f52e5f5efdd1c1b8489a0a8ae9a71717776bc335eb0bd1c7708767bc47e8f6793854233b3405fdfac35 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 6a9d79459591d674c88e4baf649d845c |
| SHA1 | c290cee909b2a01ac769db9d601b47b2c777ac6e |
| SHA256 | 22d97ad84217b5830c7481da2296437bf70c85af3fb18dc627a45d2f3b42bb7c |
| SHA512 | 6f3d9c26f56eb460d647cf02f8acb86ee1a24d197322ac26c20fafe920f5b2741d7c044afd76ddcebb5b1392f0c01b710cce3f892e7a516129c6aca41ea25462 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 187bcf764f9d2f684dd2b5c8a441179b |
| SHA1 | bbdaf1d88b9190576a453b9e030f013e1b67d8c1 |
| SHA256 | bdc7e7cb7973ab0b7c15331fa4a5decdde95ad2195d17a97939ae4f41aafa527 |
| SHA512 | 92f796c0b43f9bbb9c00e0832aadc5525b942eeac5fadb29570f5f49b06c8b1ebcfe51367b320c7913aa0e9a104347647e7f93066afad56a1b2a45f3770e8ba8 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | ae7a2276eb912f2be447d0278b95045a |
| SHA1 | b717682f5e9c6fd4268993515600381e2f5e29f7 |
| SHA256 | 1d1b3a2e65ae9ea7f417a54caf055e66777295764d5ae35dd2f546b3d459814f |
| SHA512 | fd9c997b7e85b468acced79a9c910c9b726c8323434cb4516f56767e52fd5d3a5ca34b64becb156909a96cd1983f82cbcce2de11aa3f19124fc5e3cd18d06309 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_177353798\manifest.json
| MD5 | 72c9bf7fff57d09fd69597bec1020616 |
| SHA1 | 98f2a30051a03945be3c1706cfea8c4807a19266 |
| SHA256 | 8e79a67ed0a1885c2ae7aa4e102dbe944d86fb80bc7261683fe442022f11bbb7 |
| SHA512 | 3a4b2a2fe361b6855e6608399e585d4c3b6de933bb2ef5fe1f077f43abe5c08fd8ee1cb7d8b6af238c36a6538f43d1ae64caa558df8d7d1186be7fc1062bcdcf |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | e0ba20916b1a114230a3765029e32381 |
| SHA1 | 2796a3bb892c47467e3d7d52d14a7c6e0d92c31c |
| SHA256 | b99440701c9d406c4eafc75ead2d132a3e90856a91a4c8b77aa3e8c2a1859a9d |
| SHA512 | 8736ad2d6f942590ab1de662a4c3499ba31df52544a04f37db28ac054688c2248ea05b2114391c3f26c682467e5b1a11d3808ea37e86ad7aeb8215377ea6f7ac |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | f12a6c6982547dc25e40f7489f4650d4 |
| SHA1 | 7714a4a4e10f321412bc494ae2feeb5931ca2160 |
| SHA256 | 40b23329ea599314ec3e8083212a9eb7f3722b1918179dea276ca4fd7082cd6a |
| SHA512 | 2b151e94ab9a1768c2d0cad070913fe4f8f0fd1495d67f28c19307984d4ed245d5a7200bbe37e7752e094bb4bf1ce8e2b677cc38575e669f42b88d8ca58bbd1e |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\894d6df6-33f5-11ef-9272-6e89720fda0c.json
| MD5 | 2627ecf780f8bc4a44bd6b4ce2891ba1 |
| SHA1 | 6ffa5d5d2e1b9da17df72ccdf1623a21fda27e6e |
| SHA256 | 90fe0f93e1d6a3080daa7c4d96218214a5f643dbe83851ec31e96c72a21a90f3 |
| SHA512 | e2d95b654dbe8405a5ddcc4d76acbbeb4c2b86f687e763c00fcb62f11aa14c6689ce2b6f7507c1e1fe07773a94e3dfa7788aac2f41894f7436415691f5c72f35 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 67d5f1dfbbc4ee59dfde2567875cc2f2 |
| SHA1 | a9d4b1e995e06ebe7fc51d698af6d9619b566887 |
| SHA256 | 8438dd9e9b5ed0dbb518fe3e5690e7d1eb3630a6c0542a66af0a1f71208c0d36 |
| SHA512 | 9ed070f43cf74aad394b53edcc744384e41351321fdb11275753044a07272811771985c14b3cf29909a25f240f22f590e68163c5d111404a50befee22fd2bb5b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000071
| MD5 | 081c4aa5292d279891a28a6520fdc047 |
| SHA1 | c3dbb6c15f3555487c7b327f4f62235ddb568b84 |
| SHA256 | 12cc87773068d1cd7105463287447561740be1cf4caefd563d0664da1f5f995f |
| SHA512 | 9a78ec4c2709c9f1b7e12fd9105552b1b5a2b033507de0c876d9a55d31678e6b81cec20e01cf0a9e536b013cdb862816601a79ce0a2bb92cb860d267501c0b69 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 4fb71ebcbee57d03c27a4dd23ebec919 |
| SHA1 | b891b30b33591c4897ddb7493f7a004066f477a8 |
| SHA256 | 50622eded19b185d355dc8118284009a1ec5c359533302ca72083f293daf595a |
| SHA512 | c8f455c1ded2a11c265cf536445bc61e331c5180dd8829ef043363de34dc9f1897c6c410c7957698d3aa32447d4fed315c70b802e0f1e64c9fdfb1405b4e084d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 97e1deaed5f74288c5327c51e978f6f6 |
| SHA1 | d970ace5afc1b990265b615b802871d1c967e4a8 |
| SHA256 | 3a765eaaa8328de50b4d96df145c701d09c2436afeeee745ff3c6d1f24efa661 |
| SHA512 | cf8ab4d6a0006b7deda3e3c75f6e38e935b9677b8ed533be7b6fce0012705a373d2208a271fb4b610fd6bc300169b41654c9c0fa4cc14e999c4f345bf81f43a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6002b3.TMP
| MD5 | fd0d2264512c8b557abd40ef4d769501 |
| SHA1 | ffa6f71b7f3db178c0f452cb05e837f058f5e8a3 |
| SHA256 | 00d685aef4701f4c8e108a64c11479a9d4ce3f4e22feee23488abba28d061c1b |
| SHA512 | 4bfc2e03687a00e470f28a1d574b8fbe953c29f4310b115e5988a90837a3d2ce5fe36a3e8eef769ba2964b881b41e5b244f32b3aa521b5ebe416d8953c05b9ac |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4e5aa175d706845187f39ac79c75572f |
| SHA1 | 18c15b7d665207fa194238619d62a8a71867fd07 |
| SHA256 | 3ce55a81993ceeb1411b4796866bbc5a180c53a26d8f2fb3416382cffdf7ca5d |
| SHA512 | 5c8fed5f3142117357aaa9ed4c60f0bd9d53042e98ece9d6002d5786855bae7e2de8fd0a4233e046fc11d4d5bfbd25ca210c340a0662cc336f7f30b4782dc2d3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 65606829d2310bd5c2046376b91e287c |
| SHA1 | e0f96f078e50499ab8f9b53506557783ef70c466 |
| SHA256 | 9319d2ac7f7ae653ea30925da0545919d257313c7a292910fe9506841d536ae1 |
| SHA512 | f3d7c20c7786792e3c99995be88105bbfffaa1f5e876ffbaa1cb9e8f5bb212d5c1728d659740deaac38bb0e38d023a82852c0cf0c84f6ad112e30402858c3c80 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | b9d7d4f042b80a955dbdc0af86e275d3 |
| SHA1 | 3d976a4b638253a6750917773ba381eed570ea80 |
| SHA256 | 997791ccc858650e045f58a51bb1f726d0b9b032fc653844ea33d6165ce59e6e |
| SHA512 | 8b2762f227c5d5477692f046cf8b645b52d4fe4710efdfd76c4a24bcae106b2db1ea90e8606674f6e9fbfc4e833138672ea00dacc000b285627a18cbd21b9618 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 619d4987b00b0460cf5fae7b97bdbf6e |
| SHA1 | a4e04a7cf0b7bf7e0bc37fbda307f6334b34da7b |
| SHA256 | 62d3cddd819ad537ad499a74a074a8ceed0b8e8b000ccb082813df9d240054ea |
| SHA512 | f9d4068c4a3bddf7ca11da8faa7ff6c2bada78ebdfaeb96572b9c1bca49310af9bdf4461df3cc12b10ae38b7dda52dae912a723ae19e8d73056a7d6fbe39bf01 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 83e0b8b157158916a2fdbe6a8933187d |
| SHA1 | 3580858299f81ed5b1974754c06fcdb251444673 |
| SHA256 | 8ce73984fd93e26fa1f3ee7fb68bc3d92d6570a8d006fcc3bddd840b1336d185 |
| SHA512 | 63d9ac23b649c83f38a25430db91435d72b738c3a00eb5287abffd8f9751095258ef0b1580adf033f04743cfb296b65a8e51a8e7082f124a90f117b953492734 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 52103898a725fdbafa3540836e7c9131 |
| SHA1 | 613da2c4633776f6d69b04c3f2edcb8a161e36ee |
| SHA256 | 3f064147e9523c2c611b3705131b6cd33c51b4c09ee1958f9c8f561af76a1917 |
| SHA512 | b711aa53d993b559141349d10b5c066f9ac306328bfbd2335653599d76b0b77d0bc53d9d72fb8afc9eac19ea171d6f5a306f5087bef5044f896de3e53b04560f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e57b65a218e1b42d18c9859cc0d1853c |
| SHA1 | ab509d1b0c07ddf559fe51372973f16c4e61f7c8 |
| SHA256 | d18b4a99cd30da5e9031db1735337834e4b775a13aaa2e2cedd10ca932a5254a |
| SHA512 | 90d490be8ca0d6811e87df6efe4588a6c958f1d62dc1a6dd3fba220ac3a82bf7ef388047ec968f7061a600bf54a39663a83d781f5ef5cbfa8323634e26ae5ea4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\694a568b-7bfd-499a-885e-e7d80cef22ab\index-dir\the-real-index
| MD5 | 8cb844257d77c2599ab23b23fa849127 |
| SHA1 | 64ac196815bd4876c1d513c1ee53429971208fbd |
| SHA256 | c97389b4781e417607eb461150fac25dc34c95a7bf127183b36c00f4ff2f6c3c |
| SHA512 | 78045e36eb15c18f942e86b64c733218b0f70e9170dbc63e0cfe94a5a69370a6a27f42a64c22e44a3fdd9a1f101755a19d6cf91b91d92243e02fa18cc55fb125 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\694a568b-7bfd-499a-885e-e7d80cef22ab\index-dir\the-real-index~RFe60e301.TMP
| MD5 | 71413218f203cdef611f784537cc0af8 |
| SHA1 | 78098db85068b707e52ae9e379899f5878b4aab3 |
| SHA256 | 5deab0e00b220957e4e1301507861004fa6d4d4795d27de80b442552270f8db8 |
| SHA512 | cfc24ffa7e3a847a3b643f1a1744b4a2666e5d18047b6aa25f616187ee7adff78acd027c828afa40e377f6b42f69a80cc1fbce279a291143f73424028c613ac9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\index.txt
| MD5 | 68e93981915a34a8a1fec8372b991602 |
| SHA1 | 2dbb54779226d7eea221029dc3ac6f9d858074cb |
| SHA256 | 1d13a5271c3a0321e97f2c552906847c3688200a0699d06c6732ccf55a887624 |
| SHA512 | a129bb39ffd864445b0b76f498d1658d6443e1a02453a7d13c23596732058c54e092be8c4f43561274b3a36829021bb67542e43ae71d3a1e45604f92e2d6af74 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\22ee7b7fbc3651a8210f1437e98696bddb902f99\index.txt~RFe60e340.TMP
| MD5 | 652380ce409e5437265367d2c1b8c852 |
| SHA1 | 47809f5ea7035eea6ec8fd30bc3d26d3f3c8a49c |
| SHA256 | 6c3af1d846155c9a9efa28b444a0fbfeb4ee2a3c9cecfe5a85313a1ed0d233c1 |
| SHA512 | 1dc1eedad178b5d53b7d4c6cfe7bfe5d022df95c5b67577b5831f996cfb21f14ecc76959bb85b58f9dc054d0a574e46138faffc6c448b9dd80c2bd3a3d723e91 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000081
| MD5 | df14665f460474a948ef6f3ca958f319 |
| SHA1 | 78acca6b4ca9499ba20a2341060e9e62d1365a0c |
| SHA256 | e1351a972cfc2b3cee94b36da7a2d25d94e86166685a084a7f8fc1f3e578270e |
| SHA512 | 8a6bbf19d0a305b4617604e34491fea97b0d5d88b6bc7ed635daa1fd7c580fe5aaa799eaa298c949bf4cb69d8d415c0e823b6128476008e527c130a26cf59cc2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 97d40f2173f887a4febe8518961587eb |
| SHA1 | 08c71b1ac318c9b09e95368d19a8b5e5a2346d05 |
| SHA256 | 30625a1ffdff558769320305b3ff35f727ce816ef00c2a96f8210d8603d62a46 |
| SHA512 | 8b8ee1c1e4f368ff0440e81a6175fe1ea9bc9e52a666cda9ac8c46f4b7d73269277f3b068e3b41be4b331f6be0d379a081b69b7eb5ffd2ed2512123b8b21904a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | c7bc255c467ef359b90e1aca60e9e02d |
| SHA1 | 96bd843e65b43298983fcd30f40f9da5bc86120a |
| SHA256 | fe2441c4c1e259ef95e54c4252a667684c8d31cab197698cdd002f76e4186925 |
| SHA512 | a22f277f27892621db4726ed9b062eda9c90ebdc3b3fd2c47701382318132bc488d05cd154b5fba9411299296fc1088615f26a412f3bbcab176b4ef09aa2f1e1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 774b055bed8870f5fc1a9b661ea36f4b |
| SHA1 | f46a6e1b776a43afbc7e97fb3a618f49ae8cc49e |
| SHA256 | 9e7a6deec49735a983581e5745defc68de16c360c7660f78a5ab417ff41b18ef |
| SHA512 | 16314c2fcc8de8550ff18abfa0f6a4cd5ad7ce3159992dc114e1ac0b57c42ba7f472cb34eaa8c37ce8e4ae75746c67fd400362ed31f6d6f2d9f0879b0263ac72 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 8a865e444583947952e7c84ee545b06a |
| SHA1 | 9601d9d959377b0b8f95ff1fad8e9d280002ea13 |
| SHA256 | ad6446e2d04ba49f32b4520c1351d9af2a5986e577022c6f489d97a240d2b888 |
| SHA512 | 3a44c1adc202d390329ddfb3e26744f9c913c16238d3d5404bbc566a10ec7cb979fb2097f845d40192acdf78281d211116528e4378838f4642b929dc32a03fcb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms
| MD5 | 5c7a41b221b1aa2e463cf7ec599a376c |
| SHA1 | ee5ae6561f1dd76fbd8d31785628d3fab42f771a |
| SHA256 | 08a7a4c32c98465e15a1b8525f86ce787424e5c028a309f053937f602f05ca2d |
| SHA512 | ba1b5b6c30887baf721d5581c35c65d234fad134662292984fc060498c530faeb2a81f51bca6c108caa29fdcae8b624e223fb9b5389a9ec61798b649c59b6cf0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms
| MD5 | aad375963af215cddfe62f9b235004d8 |
| SHA1 | 5ab258f00481d3226f07df5244e9d9c02e3ba4ea |
| SHA256 | 1b075db1c88f3a2d371aa505e46118a2387fcf89cfa60e660f07e3c369e7ced4 |
| SHA512 | 4bf441d8370724e978218822131768258e632329a6762d43a8b8e49e75a537ef424f257ef0f86928a59e3f703c7dfd923263a18f0a9aff33a737e6c76e850deb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 86c4ec6ae58876b42c90646c0c75036c |
| SHA1 | e04dde40c75995aee4b618939b8a18ba9cf742c2 |
| SHA256 | 843844e595196a0ddbd71d3c310d4e9d10d24c24f258dba8e094523b5a4fdc1f |
| SHA512 | d69825890cef3bd0b5843df88b11c2a2dfb1179d394ada57a7a31895085fd4c9cf0efe2cba393439a185e8434ce0bf3e7725d99851f5a758634bbbe74a8983fd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 4108bb351aea663cb733a7dd3b121225 |
| SHA1 | aa3962bc2819def7ff312b20d872867465c76201 |
| SHA256 | 8d057f06972d0f4c5fd7b4510593d6d4b0931e0b4eaa5d5fa937f43adaadf93b |
| SHA512 | 4dac8635b109f3dd6d15e58be809762f9113e8578053fe546cb5ce3416983deef349e58c7efef1b37e4c3507a018dc7e0996d187ff538ad3b395c9e5790e779d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 8ed457d78903a255e1be85c2c1b5e68c |
| SHA1 | 745f321fa087de4e430631cb4f7a7e3b0b214877 |
| SHA256 | df5675872faf9a674a17e0aa2d0ca6531f61c60ca8b9ae705255e76e645d63a4 |
| SHA512 | 707eb0b79f2b9cc298c8c75164749fa95cd87ecf76c86205af636048cbc099d98c4962d3bfd55c536ba39f50e269521941e5a7ddd4eedc5d4bf37b550d23b281 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_597436417\manifest.json
| MD5 | 5f8ddd9c965a31ca00e216b06120d1b3 |
| SHA1 | 6e191c28d4d27704147b5b1af4710f4540e7d4b1 |
| SHA256 | e240a5ed41d122a9be044dc98070ca34791b0e7b44f216fc546fdea1789da58c |
| SHA512 | 05f6b64fc7d43247753a60ab74797024a9fe6c478cb5bda9f35daad716806ac52b9f6ea0f323afcaece4e02c915fdada35d72ac359335dac3ceea5e1239131c9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_000072
| MD5 | 4801be8e10d90b7f116bd5c0317aecad |
| SHA1 | 7aa7b575011fe38f6e33fbec98e8c92fb1b26957 |
| SHA256 | 925fe993dba774b69b734410aad20f58a2c95eccaf7f0662abcc2e61530e105c |
| SHA512 | 069f2aa0e6957a0287753abe91df33b88e87d20879e8054a4896f19382fb3db0dad7676931e1571aa3697f466d01b139c22ec1cfacc12ed3598a14d3ec68e512 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 418d2e0aed75038cee257c676e7c3bc9 |
| SHA1 | d477f076c93d92a6660ae466f4ef220f4556e674 |
| SHA256 | 47aab3c42f7e03fb0c71c899905ee1a8fe6984e341af15030c01f865072a6dc1 |
| SHA512 | f28d9c1d21ef661be94579b04a91febe89c8e3c826ff9de30835ca6f7843cbc949c8cf7d5d4ecf1f8e4dcfe846d30c0005e19a002e3479aba29d5e88f64b23ce |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 9526d6ddf8d390f57cc4bf4786c0f8d6 |
| SHA1 | c424469a6fe0fe351ad6fb09df7bd80386fbd202 |
| SHA256 | 68a8f26511716e95accd97c2b86526a62e07e07829cd70ac3cf2882be3e69216 |
| SHA512 | d77910d1bd889e59e29c33cd832bdf46ad1722d2f54603159c2f5723906db5658bf905972946a5adfa3fc6b7d7cf2a44aa4aab6fb9512718aa7a3e370a7e762c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | bd8f24fe14149bac7c828535e227e54f |
| SHA1 | cb3653b760c92a21f400f2d494e889525ff2b9e3 |
| SHA256 | 9d98f5d40ddafb795712bec68e9e0b2163a7839e36ae65c6aeb1e08e9a85c115 |
| SHA512 | 7663765650a52b96351ed12d1b29adcec58cdc12a85b7da94eb4d7b6ac789c906385aa57e821972995290cedf6273897b896000088e7ddbb11e2b88fd4b4eeb1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 3d957d212cf325f14213adda1c605dc0 |
| SHA1 | b5db4d834db00eba72acd35b73c995a44d9e763c |
| SHA256 | 0d73783a150f8b6c2a230a1376ab0e8ee0f7985684e8dd629aa0eae95533f8ba |
| SHA512 | e7364c25a93962e1ad9940f4eee3588c3530a69386d968b2fce855a108227e1f01a25f914b0c43a681242109e4fd098fa01e6e5df337106e1390c9a70e64ab78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | d490e3465e1708a052cc1501bab029ba |
| SHA1 | fc6b4007092b84e3b53b876f5b278a06a06d4596 |
| SHA256 | 0944210059ee39fb2a063625a89a30cf91be8f89ebede9680bf690090bbc6047 |
| SHA512 | 9a3a3f6d5b3e9349421600d0860aaf3b84d7da2c1c75baf2dfd7a8267fd28f23bd0d219d662037605a9c8ec80dde70ab42f4e0f5407b2839d396e2624e9c90cb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\d0e8caaa10047fd8_0
| MD5 | 248a88a4d1d6c0fa39528a5be77e288c |
| SHA1 | f5d4accc4a33af426cb9798845b0e87871e52ad9 |
| SHA256 | 181f0d9df443550d4d0947ec9cc8cf10a16e91d04af26fccf753b80d73569db4 |
| SHA512 | 9340865d60407661ba10cc04ef11911527b68f4081281e86d0a3ac1050a2ca0b5a12b1188fdb732b62f4228bc5e1fcfd9362aad1dea5d995f0d753fc46f6504a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\LOG
| MD5 | a31a0c66ab904d53b4d3efac7df95823 |
| SHA1 | b9ff3043bbdbc11e994489775e987e8a50093174 |
| SHA256 | 6af97d271ef5d87396ec053a6e578150f3bef65708e2783d25b7a463f85c7e60 |
| SHA512 | c3a923162d72d317e2853a3f22839c0b4a1cb7a74dd07b50c1d3a10b16e4a14e337ed82b1960a8bf37bc270298b3e9302899bf3b0925e6797884c718db0ada83 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\7f994acb70d815c3_0
| MD5 | 341dc0d5f687b950d97de7c08158c47d |
| SHA1 | 103499e2ef49939fa05f02b49c2fdc59f97a9c3b |
| SHA256 | 1cf60ab7899cb6ac3b12775766cb19f407c34cd26d65d89b821fef0eca88f7ef |
| SHA512 | dec2b0e21d1fbfa997d83fc6a2dc9080b6917123bb06631885e40dbae7a7a58070ec1bba16a8ac0f794dc6b2b3e9c9f71c934bd43761c65f81183745be14432c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 9c75fb805b1c98687eaf07bd0f298cd9 |
| SHA1 | 730dc9a2e22834b9bb11ede62466ef5588d49b50 |
| SHA256 | 690444f79635c7f2013b9f3535a67296261d40a93b10a02dae8f8e35908e7e97 |
| SHA512 | 24c0b1b546c868c779a7c228ced36e89129524e99ca6f7c00798cf83522e9baeee0ce9307de64679048dae8dc489ac815f31e0af4dc861b0b276f6ece6744960 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 40ecff6470a7336a6242e77e5a7f4a38 |
| SHA1 | 6ed4a3d98129071d78dc76d4e02e27c5f3c0c386 |
| SHA256 | e068a590852057c9b85bf58ceab5f28adf5b898f4ffea586da371a0bebff6a65 |
| SHA512 | 7e0841279c0a89ce3884a77902a13cf05f41c9871536ce056017adee3b5e62e8b750762e3967eacbc16bc7c4f594036466781f910539cdb0a632138df6056729 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 4e0a3fe4b83692f38c7c4a1e8c2514a0 |
| SHA1 | 7b90da444fc02071ac44ac533086e24c61eb1ea1 |
| SHA256 | 2852608dedbcc9ce47145b05798c301890237516b8a5140db0d5764ffda3bdcc |
| SHA512 | 878d67a9db9c8ae70e20d2cae73263266c8777adfad0be94f7921b3b1724f3c14bcb41b81803b0a692cc792cf08fd8ca32538dc9914c1293ee167336617eabc3 |
C:\Users\Admin\Downloads\Unconfirmed 779299.~
| MD5 | 6c33b4937c5ed3f19f44cda1a9fe0bfc |
| SHA1 | 09ac5309b4d112d7cdb275572c28e3513748ad8c |
| SHA256 | 54336cd4f4608903b1f89a43ca88f65c2f209f4512a5201cebd2b38ddc855f24 |
| SHA512 | de2d46289164c77e7e5815d011164b48fe3e7394228a4ac2dd97b58a9ec68e306e7d18b18c45913fda9b80fed47607ea7600004e5fdffcda5b1362e71ad68056 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\e78d6f93-8ed1-4d4f-a42e-ab1a2faf9cec.tmp
| MD5 | 94c60e6704b5dd11a139f2ffebde9135 |
| SHA1 | cd89f1cf9428a3eab554a3eb9ff6ca869e5bc368 |
| SHA256 | 106bf123359d03963b1df1011fb8560aaf1c5e811de775dce1d8a53758a69102 |
| SHA512 | 586bf326eae890379fcc7ad60e0a70384d069898aea46da32baf6bd60854df97b461019beaf17744ba3dfc0e70eb75970b977c30f035d296ae89763605d4ff6d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\65a9c93e-9291-4f8c-8d39-581087e282c1.tmp
| MD5 | dfeea73e421c76deb18d5ca0800dccf2 |
| SHA1 | 0497eba0b24d0f4500faad5ae96dbebab9c64608 |
| SHA256 | 8158dc0569972c10056f507cf9e72f4946600ce163c4c659a610480585cd4935 |
| SHA512 | 23ddc9f28314d4cf3b05d88b9e0b6fd69f9804f5e9c3f7703258ff2c5786721061321379fde53e21048d3c7cce1ff71e2872d48dcc580d059397fa0692335630 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\file_rating\tmp\2d597405-39d9-4b4c-95d1-76cb1d4b067f.tmp
| MD5 | 1d55cfae27355963f91f998f1094f6bf |
| SHA1 | aaeb1984f127187e192c0b2ff5e6c9ff608f4388 |
| SHA256 | 0c5105877c4f67e97eef59faafc2bf687bdcbf600c8fe80901dda65f5b7daf57 |
| SHA512 | f71ab8017c94a07545733ad45dd2ca7eff899b2746edaf3bbab2c6e509329b5eb660bdeeca8c0bb779f2ea82e2fc883b1f8dbcb67472a00f030bc269c823e04b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 60f82bbb0344565fb4c46e17109f966c |
| SHA1 | 0d0764e836a06db3c3d99ae4a9d6122886855c06 |
| SHA256 | 65f798f1b1f9897a0b799b442425f2fb5bcbf3a7ad8d27c93c22fe114599cce6 |
| SHA512 | aa81899c609672fdce8c40245c6b0eecf68f3bbf0880cb36d5716e9f5b300dc9bc6d617ce8ccfa154575a12a9117868bb2f8a52a236de0ca62332f49a6c02f8e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 87f6828cf4fba85716a514e1c7764310 |
| SHA1 | 3b7d22e84303d7afe11a14bb1ff69c9650d7bcea |
| SHA256 | 0bad1ad8bf367833209d7829ca63b72f76aa47a0ee3c38d9433b71491a5a440f |
| SHA512 | a2f2a72c362120ff3c5d4a41731233f3924a8c9804d90424ac1bf65a19b568c1c8d802d5a47415fec3b7d101b8b88ec6a1bf16627d78889f2ddfdb21c6c8e76f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | db5c107d6e47c55bf8d284307359f018 |
| SHA1 | 198cf2287f6a5a61ea81012bdabf367696bb6ec1 |
| SHA256 | ea7e2d4f46d222da66373fe1f7d151034b26ed68a75fb5b1f1e2ec65e4ada9ea |
| SHA512 | 9e4d1ad608ed484249c5c57ee94cea89522115a93fe0a226da28d6fbba459f065803db71e6e1922c6dc9a19315ec4fee1a5d6ba9b9d26447baa2812df687f5b8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.4_13363905152363152
| MD5 | 39d4a761d50ad514999eea1ff5bd9e5a |
| SHA1 | c0be8d5cd3484aa9feae61bfa9dfa347a8ff8e70 |
| SHA256 | 35152247ed880659da9648369ebaad0b67087b6c6a04e6b274bb42eb15275c0e |
| SHA512 | e9012a91b75ec50978528e81c3b9819ad416f842e36998c15280b2b0f0e16f8659be678f28f165bf2283486755d853e29356846b38f1f7c44d87a6c68b77a177 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.5_13363905152363152
| MD5 | 1d91014060766350430a35691aaa5bdd |
| SHA1 | 2721ad31dbb737ea14fe3735cc49a3c86d0e9de7 |
| SHA256 | cb4a469b64347de6b0ebb52db4f6e8cc81365cd9da695929400105320ec5aa68 |
| SHA512 | 7083b70126eaf90ac63394a6da8857c116a629e1db37700e2d5f90ad24bcdb5b88c2fdfa43e8cae986c32c9d39c1b0d51ad3208abc88888543dfcbb1e8c049cc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.8_13363905152494152
| MD5 | 5346d6fcff33ae661fe74d8823af3ae6 |
| SHA1 | 802da373279ca944a6b8c53f4ee9e0e3bdfa06ec |
| SHA256 | ad121aeadcada100c977346d050b1abbc0c3cea3159d90868c79a9f9ca7f4b49 |
| SHA512 | f9f5f9f8697b12570d5f19e8aa9ff9d24c306de81ed4c3a300ab639830771b88833d39fc36a5d93167595cf00b81fdc99e9c51fe863449afb559796f43bddaad |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.4_13363905152495152
| MD5 | 04987bf6f001583f2c35b4445514467e |
| SHA1 | 335bd88220817392e7770fc16acf0c79c75cf87a |
| SHA256 | 78f7f85fe47ad6d3c541d95409ed93dfbdadf5204905b8e292e8bdec8a00b968 |
| SHA512 | 2e6a89f66531e6fe906228df8a698a11e0c4ed02f88a71977f9071109dcd93b0b0bd1799c28b388892b4c253227d91de58c8820c39c35cad7e499d1a5688e1f8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.5_13363905152495152
| MD5 | e62c99b9a9839fca11d98fb7b0f015c4 |
| SHA1 | 50d215d1364a7a8362d55f11cc5c23f129203d78 |
| SHA256 | ecea89fd66b8487005ad9aa0d40c714b3d7148bbabe5683b4be43d9a312b1006 |
| SHA512 | ac91edd9410ec7fbad3516ad62457638d838618a228595c40c7343a932ccfb3a7de1ba7f0c6653ea42e943dfbbcbbaf795a08f3915cd54d3d0eaaff2fc8851d1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.6_13363905152495152
| MD5 | c0ddecf6068358bb8a92211b0144b6d2 |
| SHA1 | e435a499f92e43f771f29b09e7babedd4a93b1af |
| SHA256 | c5cb58a43aaff8065b3e1b9ace826046bcd891f74dace62d6466c9835cdd1d85 |
| SHA512 | 7980a39e18201419468605384dbafe7d8c52e2dfa63407ad5cf2795d3a1347338af9d4efe0c9ea18aa5755e3a88e4eb5fd3256121152186ee21473fbd59eeb57 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | d1fd0ee9a32077370562187b9468c22f |
| SHA1 | dee473d116cbd80cf1c88ffc718848fc46fb00ec |
| SHA256 | 572834fcdc67a8cf67d5fcf2cca4a8316263a51ca32dc08416d331aff8868578 |
| SHA512 | 29ff4d612d606303d80a5e989e95d8da40ea9a56b3bb185787de3754911d17f955da39b4fff4de28895e9bafc5ae2ed6912501e63c196378ed0337d89cc62179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | cdb09be2bffb7759d54d38d7a6e54e50 |
| SHA1 | cd12903844da0d242a1b1294c0af9f886a0bb437 |
| SHA256 | 5199e4def8914fec473d8389b41d987795d392eeebc4a335bbc70f0be61ae104 |
| SHA512 | 97c842cd6b970807e5034908d9991a77b84cdd8d082e9262ad14da7dae7f6437bde537610143a6fb27fec90dba3ccf93a8cc16f74ad654f6c03a06ff527c67d4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\IndexedDB\https_wormhole.app_0.indexeddb.leveldb\000003.log
| MD5 | 5b053de2d9246876050ce4d028a21eb0 |
| SHA1 | 4c5ab4b5b3bf94093822d9d71230cc112dee2d61 |
| SHA256 | 0fbf8692a20922788c89dd99cba8b6dba92a794784ae65303c6f52994871b020 |
| SHA512 | dc9dfcd051a0a323ca95f883836b366a5bba6fe046dde5c56d9d7439571b40d93d94681be3c67e932e28785fed2b4fdb4aeca39db7a4a314f9b641864f8108f1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms
| MD5 | c07e3a3b90d97698a5e91ee9800ca17b |
| SHA1 | b89d1671747a70f7a5f4b78d2dc2bbd143adc0b9 |
| SHA256 | 6a93e892daaaf6db3fe0fd628108400cd64d2cc0f3f55d2ba1fd5e8aa2417904 |
| SHA512 | 7c0b28cc17b91f0b7683da0fa869a5bf25fea4462f02f827d8cc25d2365138be3fa1415b31acadc8a35812b444989dbe47df6d379e8f2ac6fc1e9ae3d7d15fe5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 7d23cbffa8a5c5bd38322f914754e063 |
| SHA1 | 8fa08a43cca63d876abab9002aca8adc20bb8aea |
| SHA256 | a2a4d73554ed3eb0338501ea317a412a1328f9a16f32323f2e3c69f9d5f2dfc2 |
| SHA512 | e43c33c5a7a5504c4dffc1db2ec664996690feb1763a82b56af0e15cb4d0a1c8e73f6845bbf93c8b6727bccff137829e0b62975800221383c3223e0dfd479e00 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 065539ee12a61a1c14a5917f4b63359b |
| SHA1 | 109b4df0ab915984af584159ad8e95d80e7c8c29 |
| SHA256 | 53c731ad3ee64eea5bd5e2ef9e70c4b3c345176425f833f726d9daddc70e8181 |
| SHA512 | 26aa0a84ec95f26b41f0f014d70e6c270890c664c172ebcf47cb876a55d8fbb225adb14b713ebcf5e22eaaca8b843d36a7ba21ee61b74c5db9594692c7ca4568 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\c2a6daa3-6e3b-41e1-9dac-6cdae66cdc66.tmp
| MD5 | e3ea374c893f17344300f4d97b7d3d67 |
| SHA1 | b76de9f3bcc4cfe9294a973ba59ebe7c44a2a6ee |
| SHA256 | 214e4b3a40eef1ee383f6d2f334bd18cde297de628065f56612bfb8ded603086 |
| SHA512 | 0e955c69ee00b0c9a29ea71b19f16d9d6fbf12fba3a670a9fb5339f31d4563273166c632b9b435ae26da021bb773024528d6a005b38ee75281b34cb5b5d40676 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 6f159da927fc0b07b507a46aa9186e60 |
| SHA1 | 4efaeb59eeed35d730ed1f03da2a905271cbc8e4 |
| SHA256 | 0212b52f95772006d1e52be31f8ee5185558a5a09310a998b6763cdab2d22c4a |
| SHA512 | d20d8a00bb119c1369f21a40e6c87923a7d297cd1d59152fa964ccf1881c80b235cba1ec7d660cbcc9d97f35e33516ec8505f4da03424c34bbfbfdfc8b6ab300 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\HostFeatures\24.5.20.0\HostFeatures.cfg
| MD5 | c08e46f24a09c3dfbd90bafec92ddd2d |
| SHA1 | 21d0a9ab95356c5e8fe00ec8f1bc18aac0593d24 |
| SHA256 | 76c854822c8f86cc775868c7d5d437fae12d42965d02bd8ac8bf47ee8cb0a699 |
| SHA512 | 6f72b2d4cb21779c7a4fbec386f24ccfd86e69aa4f3e771bd21e7322e3bd1f390953ff76c0f172476ff849f33282d577d8f6e8977579b09938f401b841c04150 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_1539304296\manifest.json
| MD5 | 90a2987146df8c0e2ca40290da874497 |
| SHA1 | fce65ab426306a4b88cce3ad325f9ae69ffbee98 |
| SHA256 | 8be59dae3ff3c367bbbeaed115882296970e12dffb27dc429dabacc91958672e |
| SHA512 | a982cf7ec1ae08e87fc3accfd838a0980aef979fe4d130cec3f410fb27c8ba257874e4d85b5f3f82ffeba315771d96b92a45c413629c0eb0e91157963c570109 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | b7098180b5171261d344b5af42d4f0e3 |
| SHA1 | ae0cd4dec2bc5d7db7509857abf7d1c170f88375 |
| SHA256 | 4543d91796fcc59d45bebb3e6a8e962ac51219e01a8b2ebed7832c0284f52762 |
| SHA512 | 2725e3190c73005cb3573d79d86f4e66ba3a2f81ecf65b621ce43cf119c7d36a8df9ad8ea17e079cd80a0cdb420e6ffbf34a3eee55e747c2b3f03f00ff4ab524 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 658c225025514432aac9c35b76f9f393 |
| SHA1 | bc3f6230da23c36614225d0ea951095d599f22da |
| SHA256 | b5ee531a6e5ca1da5f378de6fa3df260e490a22044753f1ba302764141fc1c7a |
| SHA512 | e7979624437f98415cfa2f8d8ec72405fcaa99554e4001203d11752f6674a4dece5a265c1b17cdb5562110129915580a3008262b28a418f8a2e0a7e34cc777c0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 6d406ee6373fd69bf62f9af494dc588a |
| SHA1 | 1a7f2f414eb30d82a98d6135859b90b7b0d202f0 |
| SHA256 | 51a8af8c6e8a679fa9c445e873761d689f6f5fc247e2c8c46f83511636241eec |
| SHA512 | 165e4dda466829b375353e29dc7ad744d600e9240a45f4912aaf777913e98864d87096dba86b28c29760776f4cc55610836ee64daf60108b0fccc0d14bfe1e4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 7514e3d01cc9d842bd40b3de80ffb010 |
| SHA1 | 83371b9165b06c49105222b853a7e046a9a4dacd |
| SHA256 | e55ea95cb730591dbc9550ab962de8e9391e88cd9a74a6ae032957800cb7e95d |
| SHA512 | 3cd238218395aee56258b8c254433081c9efe7d832b74d65017e7e4afef98374a019a04b83400683863cb59f6d99f185680d2b69043f1d2362cc7a7053b941cf |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b9b738e57e9bddff.customDestinations-ms
| MD5 | 520f4be3473e1a02903ebfb530381548 |
| SHA1 | 0269f12498b1c0505db3f11aa53bff0d317339a4 |
| SHA256 | 7b94c04a354ad0516fcf5a8c6cb8ac22d2e224c9e9f337a4e39872b3ccd0c10b |
| SHA512 | f9e4d5a923e3e75f702c90d59da1005fae85cb08eda19c21ef62cb45450ebba6e9099e583fad0b98ca3d9312ee6b89222d84cd83cbb11fbf40ea6062bc4c8d3f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | ab837d856aa739cd11e84710a1e5315e |
| SHA1 | 5e8ec7ae49f30afd1aa94b839def0e0ebe55a52d |
| SHA256 | cd903ee4cf3ffa821476ce04541c83c47d39100ef36ce449722598f4254c4234 |
| SHA512 | 37b943259ff5ff414fcf85f45ff5596904d17342cc83a02b372586cfb6772c0de4f3a55a0c49639310ab4fdbf477eb2ccf8a45a80bdae580ca71c6cd0b38b3b3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 37087ed2a8e9f9d5b101e8cb584517c1 |
| SHA1 | d50a171c9347bf0078d9b88e56a5f71d5942b06e |
| SHA256 | 3ddbb4935000ac664c448a6f6e596334c9023c243a3ddfde85cb8e2acfb7e607 |
| SHA512 | 0877e25d97e621ce5b62e643faf0e746cc0ebfdb3f52a16d8a95822f6ef2ed4c4f517329c92080121d0a68b672921ea2d2c0dc2a8cec95f939909a149ab8f53e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9d40c6eb64ac74cf62b0b9d42e73e40b |
| SHA1 | da87f8c9c720098a0197df1b54da4b4a0bce492c |
| SHA256 | d2d6228c3a7a341388a33b7b2e897c0e14864ad3a22a1d1fece8e21b9cbd86d0 |
| SHA512 | 2b74a9792ff648672c0e9241bee316913152211873346fcd04e48487598a6ec922218a5d23815cd41f8844929fcc06ab20353b4e0a252ce9942b5b0dc0fb7bb5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | f22f81245c029897ea4416c53609fc68 |
| SHA1 | 52f8c0514b5d8c612a0fa57fe1f91637669cfcbc |
| SHA256 | dfee67daf4a1c58bd402431ab255bf4f8e5513296dcd5fcd7cba1c1d3c814d09 |
| SHA512 | 4a7a44419a7e78f1bb96529d6c4ce264f19823f998a2750d39b6f9cc3b18ad1030bc3c7a1e1bddfe44682e4f47a821c7b95a7d0a31eea0c667a9dc57308203d0 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\894d6df6-33f5-11ef-9272-6e89720fda0c.json
| MD5 | cfba84a7e44f3faa3a712338ec60c748 |
| SHA1 | 0a02fd4c221a94183ca6dee8d35771e3aa7dd916 |
| SHA256 | 30b0805afd1285d95cfa72c3c509829049c0bc6cb2bc0e7a37c7aa0120d86d7b |
| SHA512 | d40ea0d8708d5a96e8ba1c511a234e9d2e0263efbbc8a0766217eff07477409d7f15cacee6be9e22b12476086b85ad3a4b91201b3a64dcfd659cda0942db272b |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 66464249b7502ea36a19b54fe665952e |
| SHA1 | 5a104e62b82a37ea7934738ae6a719c8a120a0b7 |
| SHA256 | 26ad9014058ae571a14351ea09f424a49db4ed2e8cfb0e1c97660254afec097d |
| SHA512 | 07a84d3b65acfbeef55fb2db05e59f6c6cb6aaa6b5dbac148c055691bcf7bcbff395db14e3c9e52c805c796c432fec3eb728f6a6e2c7a0d6481f1dc18b87e9c7 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | e2d05f4ecba29211a7c0ed1d04d27ec7 |
| SHA1 | 15fb5ee35b246413b1f243c6b28c655e6a1f7c80 |
| SHA256 | 3890070367bff4f5578e98235214c4b06ee03efa3138f5af3cfc03fc79be2aae |
| SHA512 | df6cc936467325429cdcc3650b241bc8eb688839facd0e0a314556de0a1dacfe254ec9b4b8015efd4965de6fdfabea6d6924601518fe69da30d1b8902e21ff70 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b744a15d0f664c70bcfa1d92d0541e61 |
| SHA1 | ffef67ac8db0d07566733b5e13c7c0e05b45828c |
| SHA256 | 9280c2def7301efa21d5ebac34faa8edaad3ad20958cd6f79d575ad7d23e21c1 |
| SHA512 | 53e74e506823946910a6f5e348a576a84dd466371ae2061ce71b3654f6254cd3f85d21304a149eadd1c487f616d429ea134db478471e24f5ae29b4011801322b |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 011d6d97f3fb1b2f050d128e0b20ce59 |
| SHA1 | d5cbaf22bc37c767bcb8ab343a3f26f3071d24cb |
| SHA256 | 698524832e77dd816472bb80902374d162504706f556310d78a3d12449bfdced |
| SHA512 | f58b9e2a24872978a4a81ca2ce69f299c601a39c3400e44403e398cde8534810b5ea189a47789b95c9cbbfdcacbef8810b3d75d8afe5a59358f46d64ed52fb7d |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\ddf3629c-33f6-11ef-b012-6e89720fda0c.json
| MD5 | ec303e4697a0f4799544bb31170d2ac4 |
| SHA1 | 2f92c4ef2df87cf94dc6d430b2ee830a8ff1ad0e |
| SHA256 | 65a89acf2bb3684a6dada8b28146131ba8ddbae612076ef41d7ad362d428d7e8 |
| SHA512 | 3fcbbbb3012f23caad795eabb938671ad84b1a770a20a3617479dd444330348c8aa1ac02fb9e8283be9205ae9aa24a2bcbfa1cf9e7f78b4c34724e3b51738a67 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 9d221beebba00c888eeb04a3a9dd330f |
| SHA1 | 11c906a26370397eea7593c777ebe9b21aa54e6c |
| SHA256 | 65c23fb12c39e010945b57969d85368cdb9c847b6126000502b3e9b48c029095 |
| SHA512 | 2fd7eb48c382e15b26ce7e78d818557e717da9a859cd0e6d66c7514d5b044819b9fc595163ecdd635db2fbec12f003c037d101aa5ce075f4bf03cd14f3245f78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\f_0000d0
| MD5 | 151fb811968eaf8efb840908b89dc9d4 |
| SHA1 | 7ec811009fd9b0e6d92d12d78b002275f2f1bee1 |
| SHA256 | 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed |
| SHA512 | 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 9a76dc45d9b3681c781ee0c6c18adbab |
| SHA1 | d6f6a6a5ecb1a816f42661e3c7c6301cb89b2f36 |
| SHA256 | 194fb305756f92e06153ccb2985596e6c9cfe2823b00779ca5975639f152be7a |
| SHA512 | 0df734a593e441a12e212c5a0e2fdfeeabc80ee1d0fe3b642e82c903c9aa2ac256d62e6ce1349405739a5d8face076abfc3071c1f3dec254bbb7db16085fea9f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5de318737d34cab1afd54fde35ef34ac |
| SHA1 | 987d6d5cc50f4080bc564aa16543513010252f87 |
| SHA256 | 2adc863be133808ace7a4373e285f88f66b462190743f0477527dcbd92afbbde |
| SHA512 | 046f9da2a8f83000c940183edee2cf0076ab8600201e3054a8ea0b0b89eb5d3e5a012949f156ccba16d6b7ef358509f17b5199242e9112335e95ce9d2c224892 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | b41aa26ca58cab7455d4f1d6288e5d0a |
| SHA1 | 83989639a7c35404978dad5aa47bd5085dc92753 |
| SHA256 | 4fc8a24273ebf3e25794cd5e3d1ca53735b238d3ad1331e058cdca5c187c8a7d |
| SHA512 | e918f29e902ee9b56444bf04b24a4855ead63612c74114b674e8f0f642aa49850f3737409652bee3ebfe1de7d494aff9c340b61983f9f9c286b5318b2f5eb711 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 37fa2c63ae326e01dc2e7e6c1ac2badd |
| SHA1 | 48a2e08f46fd0989c0d0558dde51a1b2bb6a4bf4 |
| SHA256 | e41b1dc8bcd5268693fa7f50242d057250433ac4fdbf8ac06392cd33490f547a |
| SHA512 | 09fb78f6ce5c755d4453fd59657fe17f67dc951923e6af8295356436c8659b9dc0967b4cbf6c2534cf3af6e709d2812081db761dda4f2b92aaeda70c3f70a188 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexUrlInfos.store.7_13363905453491151
| MD5 | dd5f0370ca0de734ecf8b799c8cbec79 |
| SHA1 | 08a288fa5a8f669d4bdf0ef1a4734ca4782645de |
| SHA256 | 1f32f4c78048955e425a2223e3bc8a8e927eacbe859f3650913ac38d31664b6a |
| SHA512 | a3674dcafe8eca15023b6e443c1d0e280a8a73d52e0eb4123b39ead527aa5199f03311cea733ec48b59cd48aeee60af520e27914a0a1ea802579c97a7de58be9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Safe Browsing\YandexAllUrls.store.8_13363905453409151
| MD5 | e5516abb736368cd806da87493dbfcc8 |
| SHA1 | 86e254669be545f0a475fa9f0ddb918a04e8854d |
| SHA256 | b5dcd0fbe39fcbfd36a5d197e07c97f2baa7cfd0a7e1f60583e7537940e0b5d3 |
| SHA512 | 1d84008c5835a0d887a417a23e4a038fe890998e69195686c17c6a16588f29e53ed52dee224613671dc02012760c5239ed4130bb37e4fa5a5ed0629ffd559a9c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 29c404f252453e56b5884f9d712124d6 |
| SHA1 | c88a53ed6532f02d9854085fc9b1d4dec13f4172 |
| SHA256 | 7d71f76b2aaf17ea7699caacc6fe5bedb21718fbae4c48e2964fbea1bf3b3cde |
| SHA512 | 9ea0807d2b3404ff612f38c5688e7c2ccba344b933fa015a36be17afe794a781646c49e217741c29bd465efbb65de80f9b2c9efba8b466e2a96a2ef3e0c4f637 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | f6784e2905a6c1d55bf58bb40ab22a22 |
| SHA1 | e6d6f139f34c40f7f1df427568268eb6e43998ac |
| SHA256 | 6641fadc8325863f66cd1b38474008237149e736cde7cc44876b27203f1c80a3 |
| SHA512 | ffb525cc396844101e3a4f48520d7d7a0875fb95e147b711946b566da9f7605a7f824bf265fe14ef4eafa220283550ed61718ee76308cb17d50988bb2b972514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_822940501\manifest.json
| MD5 | 63b6f1511a4ebc568a3ed95c7c16d313 |
| SHA1 | 5106343c81af64fa4ab6fddce6becafaf06450ed |
| SHA256 | f0e20ca0688e825d2a55ef03f43b81f07090d81206b81b402430449901b3486e |
| SHA512 | 302f348b6407bac650639f0d9748927cf2e2832202bc164e2dcef59320ff6e18e286ba5896c696def7c1367313d86c7d583db5a0b676a6e0cac4296702bff7eb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\client_model.bin
| MD5 | 75b609b50d0bce489b22bfb9fd6db19b |
| SHA1 | 4be619d3e4d5b6eaef8c7f655600601bf2914183 |
| SHA256 | 5c16b8a50e14c7216714aa2bc86799c269acdfe887e2f29e25d8c2c7fe236867 |
| SHA512 | 61b393812bdcc494ce9f8b9557504a7de9d47dbe976022cd64b588bde472fb2b62402203be0fe672d50bafbbacff3b559b2d73e278410849971bb5bfadd5211b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\yandex_scorer.bin
| MD5 | 1e774db10a3a3dea8719717872208b12 |
| SHA1 | 8973e81c816134240e426b0f288bdc2f91e31eeb |
| SHA256 | fd7cbbced5011e27ca5134c0bea242e283178e489cdd0e00f63deeed13409d14 |
| SHA512 | c2613daa851a215cce77c7d72811e2afdcd21d5892c9f87192b44bb30b02851755686e90ee033aecabb5c111b589d8480bf172fe77ed8209dedd3b8fe43346bf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_902976373\manifest.json
| MD5 | 4af2280f14c12e89f35d29f18dd17b9c |
| SHA1 | 165d1f7e3eaafa8a8be8e3bf55cc7727995d1dd8 |
| SHA256 | 33bbfcc282de256684e76356fee33e67cecd17525019862301ab43fe5302ba47 |
| SHA512 | 855af11397ba47e31217a77b8131b6ebe79e25dc1b540b1133b192d0464f980606c98c4086c06f442eedf6efecaf3c375eb136bb392a63a77c7e31b7e3a2623d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Subresource Filter\Unindexed Rules\24.3.4.1\Filtering Rules
| MD5 | 9bfebfaa983825e8c45d33198a991843 |
| SHA1 | d5ab5f77ae09d82d179c1b9e9ef677fb8b57a897 |
| SHA256 | c4fa39cca738be39593d42cf9d6d7e422de01040652868869ba132b7882b7a6e |
| SHA512 | b5a6921da789026dd7fbab57c20dd7c76af8d04409b3b8b2417d1dabb6382be47a0f1333dae884680707af77671d03a4937e752735fa98dccf956fc08dc373f4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\Temp\chrome_Unpacker_BeginUnzipping2612_910834400\manifest.json
| MD5 | 0d5e980744ecbfd72916e0d0ec70d83a |
| SHA1 | 2bdd16987cdc0953f12d5effbc09a12a53a70002 |
| SHA256 | 2cc2b573d8f7a551f6836b550d7056a828eb1c631b089f76a167e8a29b98cf69 |
| SHA512 | 8526d3ad7a08e33b1d5cb1484a119ea36199c22a7abc6cc949ff2462b09b3199b84ebcd1594af33514f0bf653d648eeef612f5f7111f939ae88e54018daf3f78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\CustomRootPKIMetadata\24.6.20.0\ct_config.pb
| MD5 | f25ce071f4814b0048150f5f05c55f76 |
| SHA1 | ef75e68e24f2275b8989e012817a37373af7fba5 |
| SHA256 | e8a39806d73f9a7710bd2ae25e8414357be702067133a0a0d92fb22ed1131270 |
| SHA512 | 16e4dfbf513fe4ef256c5bfad48398b7930c52c4bbf97f86b622d9b9f531b53372e748a6392424aa649b171f0a83b1b380c11cc64aa202c0a4c5d6d713689baf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 4d95500a3a4c68c2341f15814321dd61 |
| SHA1 | 2d370b676914d933915b26e075dd24e7cd5c64e4 |
| SHA256 | dcb7fa3abcb38b484634aa0dab57c77b929e16b41fba5cd73fa2ebaf7959300d |
| SHA512 | 4fd0c507f0b98f1fa26e77219b9e4cc9fd6b473e430705b1dee7cc82174d91de027aac0048fd5605c6a6cff06a0c4c50fe476d45570914ddf39458b45f7a970b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 0b4397b4634bffe20e0ea01b16ae6ced |
| SHA1 | 3234bb09de021ca7d02a33ddc3d50727a27db9e5 |
| SHA256 | 7a71254700446e817c3f9d03bba33cead929697009ea3e5c2897105f550f47fc |
| SHA512 | cd42274256f6380fbd338702797e51886367740ddf92f717af5bb421f86b6597776dfcb0e3d09f5e0c5fbe2cb3ced8c24c5c8b751b13eae7bc80146cd8bdd7fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ClientSidePhishing\24.5.14.0\visual_model.tflite
| MD5 | 57cec4137b614c87cb4e24a3d003a3e0 |
| SHA1 | 23eb4d3f4155395a74e9d534f97ff4c1908f5aac |
| SHA256 | 18f5384d58bcb1bba0bcd9e6a6781d1a6ac2cc280c330ecbab6cb7931b721552 |
| SHA512 | 4921de1edb2ecc8ca3a22823705194b902cfa471675f2d1ae8bf67d0c7b060a7c192e36ffca9f1a0d90ac2dbbdaf429ee1ec97e160eb00dc80b07000935304f3 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 8246c0f6170acf8f166ddc07f3c9a476 |
| SHA1 | ea093112101c8b7d11a005c114387f267d6ca077 |
| SHA256 | 61a3b428f5fa4ce5826386a350dbecdef936c109b11dee172877882936cb4c84 |
| SHA512 | eca593df3ffe6a732e9985cd94796d9d09b44f377458217ca26437c17191350102315a1e92ea2a85f2870a6a649f05ef44e912777bb0fa83b435ced982c1a248 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | af43267688bb04d43bcc74292b475706 |
| SHA1 | a72ddb905f57711d7fdbb423bfc9aaae2dd59356 |
| SHA256 | aef86b6608d3dc1073d21118bd730f6b25ae917da1fbdc38e5ffa9b02c7c9510 |
| SHA512 | af6f1813df11b9126e4dcf8da2e5c8c4b76a939c4d4caa8b833b6a06c897056dfa99adc265c33f551d6b2b7530331c9b10c6b5f1de4a042aee867459061ea931 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json.bak
| MD5 | 6d31d809c790779f872dea89635d18a5 |
| SHA1 | ba0066cadaa26349d179e35a0b61ab199ed37193 |
| SHA256 | db50016716ae77791b5bb08d1ffc11572e36526a8722523457c603a80b2e5b77 |
| SHA512 | 26f6e93f3c13cf88cc4f58ce6807638126883090851ffa47d92ba6d00b6804c36280d538df0e2656c430ad46ff7965a3afe694edb409373a8c49ab5eedb1db1b |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | b3039983ecdd7b26be3694a0602e1a38 |
| SHA1 | bb6ca1e3cebfa4bc9c6167dd66a45bb1737ca9ff |
| SHA256 | c1f1208ac22d7b2ca2bff940d5a73a4438d41a76fe73b7741fdcd42bb326d45c |
| SHA512 | 52490871b32b6901376b2334f9a4e027393d75f23716d3aff8827f9c455e97bac60360145945543db9623e523aaf59c59362e25481edf76e8e869381205e1fe7 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 46016ceb98aa52949bb37459dc5ad5bf |
| SHA1 | faef592f1366dd0636a0726480a65a4da9b54903 |
| SHA256 | 5b2e95bcc33364cb8f68111fa87fb06c6c0981907f6b69a4a5cfbbfc494a38a9 |
| SHA512 | 4137e174bbc3fcf77bcad831b130bba5885578043cf06be22b19933a8b82d66c16eca19c1e1b22bbdbea5b6ee255b7b3ce778199fb7b2e07e04f05cfc662d2ba |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 28ec3fe20d4ed6bd58b3f67eae2456e8 |
| SHA1 | 88d95a0f2bb95e3f8fad447f4d6bf725e0f41645 |
| SHA256 | 9d391942a65c1b52bd992e17a083cdebf6d93a480865109f6ee900e948966b0e |
| SHA512 | 13410c5c1950779c710a0961d1ba79e69c7faae96c7d8d8f1d8eae33f2aec38a540ca3ade26b52238d202280546a8aeb88c89bbb1086c396cbd830c6fd148668 |
C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log
| MD5 | 9af98d6a7b11744ac7ae7b8711d62da2 |
| SHA1 | b446af138fa1ad3a5b10b77f5b40502622d5c14e |
| SHA256 | 70a55f9919e687c6d0bfd7b48f664a32ed3ac43f77afa50b27bfb59d107c72cd |
| SHA512 | 1bcf4b383b0996cb2adaaaef77eb17d8f3b93c17f09d5a4d3e14c47563ec5f5620c78fdfc2eedcae8c6bc3318e72700fc84997c4cff201b2f3d5aa2d61dab523 |
C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json
| MD5 | 75b749af0fc54e681269009a258a6aed |
| SHA1 | 903fab87ddf4092f36c1c2f9dcc60d68c3e57858 |
| SHA256 | ef4980590cfa360ee65161d1259a7abfa7029ec0339aba32c857583262b99692 |
| SHA512 | 91522af36edc0373ca98497cb504156d2e7a65a406c3b6629d4ff9318abff7bbbabde285817a244397603e203029d00fdcc7eb9ca3b2e988fe82b5f690200ccd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\c48ad14d-e8b7-458d-bc29-6ed04d6a3b80.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | be12bbe544e30fb84b06c379c3385ea2 |
| SHA1 | 601d18a8fbcf71547c6cb57ad79c29f1bf20255f |
| SHA256 | 0f31e48bc513d383ae26df3f4b88f9785c5c7f5a4beef265b37426145b200237 |
| SHA512 | d9816a55d48e67bbc81af48bf9fc485d0561c21fd97e34034772e2b25dc0f6391e702a50b786d841c09a5c88ba988b4783efbbb95b6aadad78353a64c9d7eef9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | 6bb9629d6dd0593cbdb8b43e840d069b |
| SHA1 | bae01e4fcacbc233fa613a684c2720c72f1a74b7 |
| SHA256 | 91516d85342da640cca1c667eb0639f837faf2b952c1763a3e7052a97d00ac8b |
| SHA512 | f035bf8a70837b6bb51d0d58b23d7f6a555ddcbef7dae85a7a5ed2a4df64a9271cf75765244e6faf44b20c989074f78a326ae7983b39e8a0dd90e63a4cfbfe6c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | c99a58c044ab3933c3afe9fa3667085a |
| SHA1 | 50004094057e1e89e2baa5c02dd8d3768aae59d2 |
| SHA256 | 97b0f389624d6feffa30e22987457b8af093bc821a781658968aaff67220e81a |
| SHA512 | 461ac9a93adc349141f214907de7185bc437c5e2edd9a20819348b784d50b6beed4606ae2ec82a53d0656b6cccc13611f617a4d47b97bd6da5ddc83ecd6176a0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | 4ec2d728fba693b2ecd1357083ffe384 |
| SHA1 | ec64857a37c51669f5944eb0d433093a5f081721 |
| SHA256 | c3b40e60642ca557dbbd361d1462e429d8e3d9764f9b9b9a367497027a4d3dec |
| SHA512 | 2ef0efec9408e7d9fbe2392a4874f965b3125aaadb618ad2cb47e70a711e7863dd0fbd0b9c08c40027d72bdb4899c60a17eb1cea6060addf99277eb0c8659dbb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | a1433b54765b180e9f52b27fd2b6c238 |
| SHA1 | c4005d775922643ebd9797609a6f9abbde0e046a |
| SHA256 | f8df4ca0a3d0fcfb3c8414ac1fa0c936fb89db88e0193513e6310f9c4bb8892f |
| SHA512 | 5449b2d5a1d436b11ed6d5d5ca269ad2ba50920bc12aaf0bf5a57939ca973734187b0f7afc111580af98f6b510bfa01d19dea65bce14a57de3eff330e91746ee |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3564297ca1f139a837b9542d90503761 |
| SHA1 | a827c14770432b4244590c509b8b184489d07465 |
| SHA256 | 8c8641c67a95231f0b28f57a862ef652553a5bf5c88e55e192781e2f12ceaafb |
| SHA512 | 5c2ef9c6fb602072d16ad03f5fe82a9d7f0a09a723730908c2f6a8673128ad58e7c938875adc9db405ee5655b6f19f13d91d42bebc29d322ae6ec10f52e820f8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\7b2b37d8-a442-4a68-b4b0-003d2d2e012e\index-dir\the-real-index
| MD5 | 5ada5e4e0faf15a9d76fbc835bb3a12f |
| SHA1 | e7b9f6e5af98ac4331e72635b1e4488a24fc4a75 |
| SHA256 | 5487cbccab38bd35a74234e12bcd786b3dd52bc97de6b4ce6436c1a57c15eb91 |
| SHA512 | cfb50a7f8d3baabd790f38d9b429c71944eaf578f9bd5f2ff0973ca88efa2646f92fb36bd75feb6f31de20c724c267f10de5ad13c416d9cb01ea6e757d4306c0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 379fed7c42bc3888e5ed9989a494f845 |
| SHA1 | 71b526ddf836715e692981e227e066a02f180117 |
| SHA256 | ece253906f37863db843d04d955d91507cff5bca2952de03cdeaa0e7d7acf439 |
| SHA512 | f13c6510980229532ba39e200668b673751e0887e366c8ca2147e9dc9764652833e31927940a5f18d5c82cc76da20b341a302f910c29e8c18c84d8886a763da3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 89265fac4f1005fbfc16a314cb0e1f54 |
| SHA1 | b5a874f7ae61caaf2cdabcf4d69da4f979fae700 |
| SHA256 | d81d2766a5dc68c17db5adfd7c8d984695225447af328591923a9b9d18523c3b |
| SHA512 | 301047fddea1c616234d479e3731bf235eba1307598e02936519acde056395f9beacb2b20cc23d11e9ebbcef50ee352f75c27ed83a5b1abb13290227bb7262f6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0
| MD5 | 79a6c4f2795375583d50ccf771e07c02 |
| SHA1 | c3b9a72f700891657a8d34e8ffc25dff29eaf15c |
| SHA256 | ef2238fbc22b7052219ec00674a68991c83d79cd73c597da531453056a56d314 |
| SHA512 | fadfa970a09e4d74ff8d21a6eff59af847c98e240d76bdf5a3fa49d3abc84bd2b5464ec10b926ce742a30aa858cdd2bd582a8258b9c738458c186c9b5a219ec3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1
| MD5 | 9ed85cf3205388c17e0d642ec5e3586a |
| SHA1 | 12154ac011e8ca85fb0879ec830f739a4e0a5570 |
| SHA256 | 0118a4490f09b0cff1d1df8e0e323674f1dd3f5ddf15574f51d2d426dee1b4b5 |
| SHA512 | f9601fbbf9a9f86e38ebcc0494f587ebef28e0b2d58ac0a6ae606df797a321d13333adfd9913e6798ff3132f18e47609e0b7201434bc560a359a39b259c6d68e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6880f29c8c5ca1ac5fd30473c45087b6 |
| SHA1 | b043c9ad3f55df32544eed8d4f416a981ebd8bec |
| SHA256 | 7bc5af68b6ade7a7ec98f3541202d80f02e11653450fdd5fb4867515ef60b741 |
| SHA512 | c75dd408f0dce6fd9f8b5ca5fffa2fadd435e7dd653f9b4965b2dcdf4636433f4602cc548ebd0325b1236c62297e8cbf300ac7ba7253ed3c87e97857fa2c7f7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd0946b17d478191a8fbff6a1feb91bf |
| SHA1 | 3ab13351548d1b371b5f727296a84c52914cd86c |
| SHA256 | 70c01b67551b87250bb8003686266c0ba5819c70e421338df9fb37ebd401a149 |
| SHA512 | 8f3aa6e9e1a1d000a2d3901fe5b13018de0296a4c86430371d2a70518d519547de110297c4bea67846dc130996aa2999c339701d351db7fadf1a39ab3fbad0c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 630fb1f67be3c17ad8f26b5faff827e6 |
| SHA1 | 5c5dfbc28cda6e99169196f980d3d80237fde0b8 |
| SHA256 | 1df00c90aeb7cee5157b2448af0705ff04a01ae5a9df6f2bcff3b427d8370b6d |
| SHA512 | 5f85fe06b37d0adff44de01001d68c16ffb116b057d53460b4fd8b741fc7e736fb8da4d56d64c029272656effdaaad9e4de701ccca6c3b88d9a07fa94a5d6419 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | f22a763723b3cabf4b67627699acdd5e |
| SHA1 | c0685cb4416dbc09a32d9b3f3d785807eb53dee5 |
| SHA256 | b20b4d8808147486cce406dcad4a27153e6a9d6b0a6fc7aadae5db662ae893ab |
| SHA512 | 70ec6e06b446e4a0372ffcb4be9e8586764f51756cb156e367728c2528a395ce8cf0fefd04fb0f9cf8d26d6ec9766299771200320a06fbab4340a55fef5ee0e0 |