Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

c1804d79a9...14.exe

windows7-x64

8

c1804d79a9...14.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2024, 14:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe

  • Size

    10.8MB

  • MD5

    5925b9f09a7800a690ae7da8625a6477

  • SHA1

    57019b266f7ecaeeeb38add4feaca7beac3dcffc

  • SHA256

    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414

  • SHA512

    34903850cce477615d56a40377e286dd9ad045b518d0239433b4ed749e45955464fcbb12e6386443d91dbb3b51e53d9f134e9b2f8c17b59f824eb666668001e2

  • SSDEEP

    196608:+z601ktxfSSSJ7PbDdh0HtQba8z1sjzkAilU4I4:+j8S5J7PbDjOQba8psjzyz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    "C:\Users\Admin\AppData\Local\Temp\c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2088

Network

  • flag-us
    DNS
    api.browser.yandex.net
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.net
    IN A
    Response
    api.browser.yandex.net
    IN A
    213.180.193.234
  • flag-us
    DNS
    api.browser.yandex.ru
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    api.browser.yandex.ru
    IN A
    Response
    api.browser.yandex.ru
    IN A
    213.180.193.234
  • flag-us
    DNS
    download.cdn.yandex.net
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    download.cdn.yandex.net
    IN A
    Response
    download.cdn.yandex.net
    IN CNAME
    cdn.yandex.net
    cdn.yandex.net
    IN A
    5.45.205.245
    cdn.yandex.net
    IN A
    5.45.205.244
    cdn.yandex.net
    IN A
    5.45.205.242
    cdn.yandex.net
    IN A
    5.45.205.241
    cdn.yandex.net
    IN A
    5.45.205.243
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-resolution=1280x720,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-resolution=1280x720,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/* HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sat, 17 Aug 2024 14:54:56 GMT
    Set-Cookie: _yasc=IuM6s3Sv6MmO2CI3HCYUdBlT2hf38emb2yLreTeDWt4ofrKhh7T5r1cBl+w5zc0p; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:54:56 GMT; Secure
    Set-Cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:54:56 GMT
    Set-Cookie: is_gdpr_b=CNa0CBDhjQIYAQ==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:54:56 GMT
    Set-Cookie: _yasc=IGifEYGcG9baw2RKNA6WHHcEN6wfRHcD6SMRTIvuj0mMdHBj7ka3hhQyc4WLGfFn1g==; domain=.yandex.ru; path=/; expires=Tue, 15 Aug 2034 14:54:56 GMT; secure
    Set-Cookie: i=+fAFc140O40ZFnNVdrKUHrgxTw1loPux5Qhmvk/frosi4ySkReCrw2nWn635dimEwinHldLTPw61V0jkqR+fgumBAJc=; Expires=Mon, 17-Aug-2026 14:54:56 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
    Set-Cookie: yandexuid=2162745661723906496; Expires=Mon, 17-Aug-2026 14:54:56 GMT; Domain=.yandex.ru; Path=/; Secure
    Set-Cookie: yashr=7665265191723906496; Path=/; Domain=.yandex.ru; Expires=Sun, 17 Aug 2025 14:54:56 GMT; Secure; HttpOnly
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1723906496928996-15586454402215206461-lqyaggw5f5ml5s2c-BAL
  • flag-ru
    GET
    https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /content/get/experiments/browser.proto?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029 HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 564652
    Content-Type: application/octet-stream
    Date: Sat, 17 Aug 2024 14:54:53 GMT
    Last-Modified: Fri, 16 Aug 2024 18:15:59 GMT
    X-Country: gb
    X-Seed-Signature: MEQCIGFXjtEFQ56dGHkZwaTuwYnkIpY7xnhQ11MtS3EUWNNkAiAcBiJhGZOoijMVaTqautqsfrr155oXGuxjl1LeUsNcCg==
    X-Yandex-Req-Id: 1723906493067852-17861898297823564928-b272g2qbigkqjqln-BAL
    set-cookie: is_gdpr=1; Path=/; Domain=.yandex.net; Expires=Mon, 17 Aug 2026 14:54:53 GMT
    set-cookie: is_gdpr_b=CNa0CBDhjQIYAQ==; Path=/; Domain=.yandex.net; Expires=Mon, 17 Aug 2026 14:54:53 GMT
    set-cookie: _yasc=7d2JN8MxxpEXKJFhdX9OmrY8wWoSPjVmf5k7emXzAjUgfxHlGZBMIcVL3KgiQs7+wA==; domain=.yandex.net; path=/; expires=Tue, 15 Aug 2034 14:54:53 GMT; secure
  • flag-ru
    GET
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /ab/get?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029 HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Host: api.browser.yandex.net
    Cache-Control: no-cache
    Cookie: is_gdpr=1; is_gdpr_b=CNa0CBDhjQIYAQ==; _yasc=7d2JN8MxxpEXKJFhdX9OmrY8wWoSPjVmf5k7emXzAjUgfxHlGZBMIcVL3KgiQs7+wA==
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 1076760
    Content-Type: text/csv; charset=utf-8
    Date: Sat, 17 Aug 2024 14:54:54 GMT
    Etag: "0acdc83e84801a992d7562f6b5e30903"
    Last-Modified: Sat, 17 Aug 2024 14:54:54 GMT
    X-Seed-Signature: MEYCIQCUYf3J6CeWD3Vy4buu5qyJGHw7scBzwUROGXJE9Gi6UgIhAOI+Qf+tT8V/YuluEmDlkfH7a4xc8wzwcJftf3A5W3w+
    X-Yandex-Req-Id: 1723906494243743-11276538814194044908-b272g2qbigkqjqln-BAL
  • flag-ru
    GET
    https://download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    5.45.205.245:443
    Request
    GET /browser/win7/yandex/browser-setup.arc?from_installer=true HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Host: download.cdn.yandex.net
    Cache-Control: no-cache
    Response
    HTTP/1.1 302 Found
    Server: nginx/1.17.9
    Date: Sat, 17 Aug 2024 14:54:54 GMT
    Content-Length: 0
    Connection: keep-alive
    Keep-Alive: timeout=5
    Location: https://cachev2-ams02.cdn.yandex.net/download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true&lid=289
    X-Request-Id: 1723906494619217-2882066925948180979
    X-Strm-Request-Id: 1723906494619217-2882066925948180979
    X_h: strm-cacto-production-3.klg.yp-c.yandex.net
    Expires: Thu, 01 Jan 1970 00:00:01 GMT
    Cache-Control: no-cache
    Cache-Control: no-store,no-cache,must-revalidate
    Pragma: no-cache
  • flag-us
    DNS
    cachev2-ams02.cdn.yandex.net
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-ams02.cdn.yandex.net
    IN A
    Response
    cachev2-ams02.cdn.yandex.net
    IN A
    5.45.247.52
  • flag-us
    DNS
    cachev2-ams02.cdn.yandex.net
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-ams02.cdn.yandex.net
    IN A
  • flag-nl
    GET
    https://cachev2-ams02.cdn.yandex.net/download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true&lid=289
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    5.45.247.52:443
    Request
    GET /download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true&lid=289 HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Host: cachev2-ams02.cdn.yandex.net
    Cache-Control: no-cache
    Connection: Keep-Alive
    Cookie: is_gdpr=1; is_gdpr_b=CNa0CBDhjQIYAQ==; _yasc=7d2JN8MxxpEXKJFhdX9OmrY8wWoSPjVmf5k7emXzAjUgfxHlGZBMIcVL3KgiQs7+wA==
    Response
    HTTP/1.1 404 Not Found
    Server: nginx
    Date: Sat, 17 Aug 2024 14:55:04 GMT
    Content-Type: application/xml; charset=UTF-8
    Content-Length: 258
    Connection: keep-alive
    Keep-Alive: timeout=60
    Vary: Accept-Encoding
    X-Amz-Request-Id: 4c67e218a0445a55
    Access-Control-Allow-Origin: *
    X-Robots-Tag: noindex, noarchive, nofollow
    X-Strm-Log-Split: 6
    X_h: cachev2-ams02.cdn.yandex.net
    X-Strm-Request-Id: 4c67e218a0445a55
    X-Request-Id: 4c67e218a0445a55
    Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
    NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-stage=started,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-stage=started,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/* HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sat, 17 Aug 2024 14:55:00 GMT
    Set-Cookie: _yasc=C2NknMU2IbGBVRT1WE212RM2MOX32rb98WgON8Go6U6NRb/ijpemyGCRPHRhy7qhGA==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:00 GMT; Secure
    Set-Cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:00 GMT
    Set-Cookie: is_gdpr_b=CNa0CBDhjQIYAQ==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:00 GMT
    Set-Cookie: _yasc=cw5TryRxWUvagE2Hnxpmj4xyDxLGlShvdczvik/Mogd65la1BDce7ee//hndBsxT; domain=.yandex.ru; path=/; expires=Tue, 15 Aug 2034 14:55:00 GMT; secure
    Set-Cookie: i=dRvbMOlDTSjCd1Au4YqRJqM0lbSSvYj983asADTpN15W3lf90DmnU1RyLocJeSo3kiZy+puCB4m5Dw1lCBWKLypsKZk=; Expires=Mon, 17-Aug-2026 14:55:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
    Set-Cookie: yandexuid=8684020811723906500; Expires=Mon, 17-Aug-2026 14:55:00 GMT; Domain=.yandex.ru; Path=/; Secure
    Set-Cookie: yashr=1341371581723906500; Path=/; Domain=.yandex.ru; Expires=Sun, 17 Aug 2025 14:55:00 GMT; Secure; HttpOnly
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1723906500267486-17423275286486279689-rrhwxht3y4pmedgv-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-error=attempt_1_final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-stage=error,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-yandex_uid=6407802791722959901/*
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-error=attempt_1_final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-stage=error,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-yandex_uid=6407802791722959901/* HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sat, 17 Aug 2024 14:55:07 GMT
    Set-Cookie: _yasc=hMoTrAlA1GbBExxvuBtx1FBhWM77BVNvfNJwLsrPRPhZaa1ScE4svmi1k69KyOEBpw==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:07 GMT; Secure
    Set-Cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:07 GMT
    Set-Cookie: is_gdpr_b=CNa0CBDhjQIYAQ==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:07 GMT
    Set-Cookie: _yasc=52ydQAgC+GEc34KxIWPHEbkluiZ55s3ElAfyxBEN7Ib/OB7T+wN7/QwPXee37NCo; domain=.yandex.ru; path=/; expires=Tue, 15 Aug 2034 14:55:07 GMT; secure
    Set-Cookie: i=lYofFMBQAgu6JWmdJJ9KmYkk5CssRSDzDuUbOAw1+Pzde3O9GDALyTM9qEG2jg2GZ9JTW9D0O8P+RitD6BP26piDi3s=; Expires=Mon, 17-Aug-2026 14:55:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
    Set-Cookie: yandexuid=4044852191723906507; Expires=Mon, 17-Aug-2026 14:55:07 GMT; Domain=.yandex.ru; Path=/; Secure
    Set-Cookie: yashr=4921872861723906507; Path=/; Domain=.yandex.ru; Expires=Sun, 17 Aug 2025 14:55:07 GMT; Secure; HttpOnly
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1723906507491150-7200326949849444146-adzhl4iswld6kjal-BAL
  • flag-ru
    GET
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-downloaded_size=0,-error=final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-status=failed,-testids=,-total_size=0,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6407802791722959901/*
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    213.180.193.234:443
    Request
    GET /installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-downloaded_size=0,-error=final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-status=failed,-testids=,-total_size=0,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6407802791722959901/* HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser installer
    Host: api.browser.yandex.ru
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Cache-Control: no-cache
    Content-Length: 13
    Content-Type: text/javascript
    Date: Sat, 17 Aug 2024 14:55:11 GMT
    Set-Cookie: _yasc=1Mys/i1jXiOLYfa1+cf5nWt+6gYxxuvuo8s4ZZTmwDBmmc74SWgQbwknTXbvmj0NUQ==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:11 GMT; Secure
    Set-Cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:11 GMT
    Set-Cookie: is_gdpr_b=CNa0CBDhjQIYAQ==; Path=/; Domain=.yandex.ru; Expires=Mon, 17 Aug 2026 14:55:11 GMT
    Set-Cookie: _yasc=Tq9tPCe38c8ZBSYwiYDFGXLTCue1eS04kJrvu1whhLi5FP6kGwvEbImpGIgqzjMitQ==; domain=.yandex.ru; path=/; expires=Tue, 15 Aug 2034 14:55:11 GMT; secure
    Set-Cookie: i=ow/27LgyNRSaanzRj/gkrt81ZHpwuLVetZ+6tDPoqBVKt3/i539Wu/UuwUFyebqGuiFkNmDRjqvATCIVSoWqAC0NSJQ=; Expires=Mon, 17-Aug-2026 14:55:11 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
    Set-Cookie: yandexuid=6772825571723906511; Expires=Mon, 17-Aug-2026 14:55:11 GMT; Domain=.yandex.ru; Path=/; Secure
    Set-Cookie: yashr=3012452901723906511; Path=/; Domain=.yandex.ru; Expires=Sun, 17 Aug 2025 14:55:11 GMT; Secure; HttpOnly
    X-Content-Type-Options: nosniff
    X-Xss-Protection: 1; mode=block
    X-Yandex-Req-Id: 1723906511211534-15847422388393163177-orrnumt42b5qww3m-BAL
  • flag-ru
    GET
    https://download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    5.45.205.245:443
    Request
    GET /browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Host: download.cdn.yandex.net
    Cache-Control: no-cache
    Cookie: is_gdpr=1; is_gdpr_b=CNa0CBDhjQIYAQ==; _yasc=7d2JN8MxxpEXKJFhdX9OmrY8wWoSPjVmf5k7emXzAjUgfxHlGZBMIcVL3KgiQs7+wA==
    Response
    HTTP/1.1 302 Found
    Server: nginx/1.17.9
    Date: Sat, 17 Aug 2024 14:55:34 GMT
    Content-Length: 0
    Connection: keep-alive
    Keep-Alive: timeout=5
    Location: https://cachev2-ams21.cdn.yandex.net/download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true&lid=300
    X-Request-Id: 1723906534520324-6485290898476118606
    X-Strm-Request-Id: 1723906534520324-6485290898476118606
    X_h: strm-cacto-production-2.klg.yp-c.yandex.net
    Expires: Thu, 01 Jan 1970 00:00:01 GMT
    Cache-Control: no-cache
    Cache-Control: no-store,no-cache,must-revalidate
    Pragma: no-cache
  • flag-us
    DNS
    cachev2-ams21.cdn.yandex.net
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    8.8.8.8:53
    Request
    cachev2-ams21.cdn.yandex.net
    IN A
    Response
    cachev2-ams21.cdn.yandex.net
    IN A
    5.45.247.25
  • flag-nl
    GET
    https://cachev2-ams21.cdn.yandex.net/download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true&lid=300
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    Remote address:
    5.45.247.25:443
    Request
    GET /download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true&lid=300 HTTP/1.1
    Accept: */*
    Sec-CH-UA-Platform: "Windows"
    Sec-CH-UA-Platform-Version: "6.1.0"
    User-Agent: Yandex.Browser lite installer
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: is_gdpr=1; is_gdpr_b=CNa0CBDhjQIYAQ==; _yasc=7d2JN8MxxpEXKJFhdX9OmrY8wWoSPjVmf5k7emXzAjUgfxHlGZBMIcVL3KgiQs7+wA==
    Host: cachev2-ams21.cdn.yandex.net
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 17 Aug 2024 14:55:43 GMT
    Content-Type: application/octet-stream
    Content-Length: 178548912
    Connection: keep-alive
    Keep-Alive: timeout=60
    Etag: "76e95e7cc6c5f5c8d061ff18c92edb5a"
    Last-Modified: Wed, 14 Aug 2024 12:33:36 GMT
    X-Amz-Request-Id: e19ac3b93fd1afff
    Access-Control-Allow-Origin: *
    X-Robots-Tag: noindex, noarchive, nofollow
    X-Strm-Log-Split: 7
    X_h: cachev2-ams21.cdn.yandex.net
    X-Strm-Request-Id: e64bf13632b1189a
    X-Request-Id: e64bf13632b1189a
    Report-To: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
    NEL: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
    Accept-Ranges: bytes
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-resolution=1280x720,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    2.9kB
     6.5kB
     15
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=installer_started,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-dpi=100,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-resolution=1280x720,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    66.2kB
     1.7MB
     1151
    1374

    HTTP Request

    GET https://api.browser.yandex.net/content/get/experiments/browser.proto?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029

    HTTP Response

    200

    HTTP Request

    GET https://api.browser.yandex.net/ab/get?brand=yandex&partner=switch-browser&uid=E58439A0-7B07-4D6A-854E-A5BEDC7192D7&version=24.7.1.1029

    HTTP Response

    200
  • 5.45.205.245:443
    https://download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    1.2kB
     5.4kB
     14
    14

    HTTP Request

    GET https://download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true

    HTTP Response

    302
  • 5.45.247.52:443
    https://cachev2-ams02.cdn.yandex.net/download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true&lid=289
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    1.9kB
     7.5kB
     18
    16

    HTTP Request

    GET https://cachev2-ams02.cdn.yandex.net/download.cdn.yandex.net/browser/win7/yandex/browser-setup.arc?from_installer=true&lid=289

    HTTP Response

    404
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-stage=started,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    2.0kB
     7.4kB
     15
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-stage=started,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-yandex_uid=6407802791722959901/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-error=attempt_1_final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-stage=error,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-yandex_uid=6407802791722959901/*
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    1.8kB
     6.5kB
     14
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-error=attempt_1_final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-stage=error,-testids=,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-yandex_uid=6407802791722959901/*

    HTTP Response

    200
  • 213.180.193.234:443
    https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-downloaded_size=0,-error=final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-status=failed,-testids=,-total_size=0,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6407802791722959901/*
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    2.5kB
     7.4kB
     15
    12

    HTTP Request

    GET https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=download_attempt,-attempt_number=1,-banner_id=6301000000:SW_1cb8aabd4b0e,-brand_id=yandex,-browser_present=none,-downloaded_size=0,-error=final_query_info_404_0,-installer_type=lite,-launched=false,-lite_ver=24.7.1.1029,-old_style=0,-old_ver=,-partner_id=switch_browser,-redirect=cachev2_ams02.cdn.yandex.net,-status=failed,-testids=,-total_size=0,-ui=E58439A0_7B07_4D6A_854E_A5BEDC7192D7,-url=https%253A%252F%252Fdownload.cdn.yandex.net%252Fbrowser%252Fwin7%252Fyandex%252Fbrowser%252Dsetup.arc%253Ffrom_installer%253Dtrue,-x64=1,-yandex_uid=6407802791722959901/*

    HTTP Response

    200
  • 5.45.205.245:443
    https://download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    2.7kB
     5.1kB
     19
    18

    HTTP Request

    GET https://download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true

    HTTP Response

    302
  • 5.45.247.25:443
    https://cachev2-ams21.cdn.yandex.net/download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true&lid=300
    tls, http
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    113.0kB
     4.0MB
     2097
    2835

    HTTP Request

    GET https://cachev2-ams21.cdn.yandex.net/download.cdn.yandex.net/browser/switch-browser/24_7_1_1029_62121/browser-setup.arc?from_installer=true&lid=300

    HTTP Response

    200
  • 213.180.193.234:443
    api.browser.yandex.ru
    tls
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    2.1kB
     9.4kB
     16
    10
  • 5.45.205.245:443
    download.cdn.yandex.net
    tls
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    1.1kB
     6.0kB
     9
    7
  • 8.8.8.8:53
    api.browser.yandex.net
    dns
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    68 B
     84 B
     1
    1

    DNS Request

    api.browser.yandex.net

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    api.browser.yandex.ru
    dns
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    67 B
     83 B
     1
    1

    DNS Request

    api.browser.yandex.ru

    DNS Response

    213.180.193.234

  • 8.8.8.8:53
    download.cdn.yandex.net
    dns
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    69 B
     163 B
     1
    1

    DNS Request

    download.cdn.yandex.net

    DNS Response

    5.45.205.245
    5.45.205.244
    5.45.205.242
    5.45.205.241
    5.45.205.243

  • 8.8.8.8:53
    cachev2-ams02.cdn.yandex.net
    dns
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    148 B
     90 B
     2
    1

    DNS Request

    cachev2-ams02.cdn.yandex.net

    DNS Request

    cachev2-ams02.cdn.yandex.net

    DNS Response

    5.45.247.52

  • 8.8.8.8:53
    cachev2-ams21.cdn.yandex.net
    dns
    c1804d79a9c0a681e1cf2d818d161eb8e072cc7c6c27a433e4dac2d99015f414.exe
    74 B
     90 B
     1
    1

    DNS Request

    cachev2-ams21.cdn.yandex.net

    DNS Response

    5.45.247.25

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    6040e6d26b0ab701d3b16cc88cf3b8e7

    SHA1

    0a73f6b44f5b9e93f1e82a106ba5b80dc5a230b9

    SHA256

    c7183fdacfeaf3d8d734df4790f25a53d4ce6d0f035808743dd713a022c76b4b

    SHA512

    c17f48c335113d95e516f653e19f4f637336627f564838516b84c50332ed2412b18aeb53d0462496eb74ab7a4d58c4ecdd41154e8a7db80b5c51015bec73792a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    4b0c63bbf131da341acb10dd19d5ee06

    SHA1

    201c04b159bbfc71055d9985ff591103c7dfea37

    SHA256

    72ae598d5034e97c7b2b4b61e241c5df2d4e8ba69dd1f9c0b527aa6393320bcd

    SHA512

    2842045458d785e8e7cbea9c3f82b8734388dbc50a1eb3d3f92450aa7985b9becc287504c504a5b4a3eb9b431ce13f1bccc144cca6a3bc6ce8099ea1df7f6a39

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.