Analysis Overview
SHA256
ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde
Threat Level: Likely malicious
The file ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Checks computer location settings
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Drops file in System32 directory
Checks system information in the registry
Drops file in Program Files directory
Drops file in Windows directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Modifies system certificate store
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-25 21:14
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-25 21:14
Reported
2024-10-25 21:17
Platform
win7-20240903-en
Max time kernel
150s
Max time network
145s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UCP0HAMZ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\QMRBVA4P.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\28R2XPC1.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\TQH39BS5.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UCP0HAMZ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\VAKLWVV3.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\VI5WOZ4D.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\28R2XPC1.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\VAKLWVV3.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\TQH39BS5.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\QMRBVA4P.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\I6P0K6YJ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\I6P0K6YJ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\VI5WOZ4D.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2700_97829645\temp\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2700_97829645\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ybAD01.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir2700_97829645\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000f1ccc24261d16ed4c02e10a4d4e25ee97198b32366ee2052555e604e5919e886000000000e8000000002000020000000b22a070d982f2e66e8c1e9821593b0668ce66b2aab4bcefe332d85873c1dc5452000000099ba3d5f9d5f1e5049fbee4dd84839438d921ddfba5fdca26ef54e1d144303d84000000060d6339d7357196d3d2b7db295c240b1a5e9582678e9123c8cd0014f8197a37ef1681662d7b1ca9a75bef3a17e54d6b8272209ddb046f3bb29b9a14751789f19 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 305f8d1b2327db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "436052758" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2970D231-9316-11EF-A97E-EE9D5ADBD8E3} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000079fdb81b523d51a7ec81f0bebc2f30cfdf0dcddd881eeb2730bbce29f6065965000000000e8000000002000020000000b81f13b953361a8893a217089e07de56975a5634cf9777827130e83c5991f2d7900000009324c68def959953094a726c4ad610fa04cfb0b7c10e8c760d161a0e00cc1fd63c97355f677a829465fb24755f25917520d588e1830e8a86f421d6ef5e196b13d583fe435d54b4b07caf48f8aeaf2d79a2ad9e1436599ba78fb997c232d58b21732558505982cd2e6ec60e0c54a21c1be6c2d99cb58503757bde5778e6510943ea3063b7cc07a359fddeeab4a4b5b7b740000000ee164f8d7958157f782f81b4a85112579c15f26f61f33581451e248857f9b12faf35ffe0a396c85f6ec169df4c6ccfe317793998bfdb37a215134d9d92d4c532 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD}\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\ae-59-e5-63-ee-d8\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD}\WpadDecisionTime = 983cdb372327db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD}\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD}\WpadNetworkName = "Network 3" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\ae-59-e5-63-ee-d8\WpadDecisionTime = 983cdb372327db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\ae-59-e5-63-ee-d8 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\ae-59-e5-63-ee-d8\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD} | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{8DCF7C7F-6E45-4C7D-87E0-57267A3AB5FD}\ae-59-e5-63-ee-d8 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.shtml\ = "YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.xml | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBP.3QYOG4SOOGAMCVAKTLB45W7K4I\shell | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexJS.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexJPEG.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.webp | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexXML.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-134" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.tiff | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTIFF.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTIFF.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexJS.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.htm | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexSWF.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCRX.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-104" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexINFE.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-135" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexPDF.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.fb2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.crx\ = "YandexBrowser.crx" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.xhtml\ = "YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.xml\OpenWithProgids\YandexXML.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\https\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexFB2.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.webm\OpenWithProgids\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTXT.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.xml\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\yabrowser\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexXML.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-134" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\yabrowser\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexPDF.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.shtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.xhtml | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I\ = "Yandex Browser WEBM Document" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.epub\OpenWithProgids\YandexEPUB.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexGIF.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-107" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I\ = "Yandex Browser CSS Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTIFF.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.infected\OpenWithProgids\YandexINFE.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.webp\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.png\OpenWithProgids\YandexPNG.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.png\OpenWithProgids\YandexPNG.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexGIF.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-107" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.jpeg\OpenWithProgids\YandexJPEG.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\.htm\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\yabrowser\shell | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexCSS.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTIFF.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-119" | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTXT.3QYOG4SOOGAMCVAKTLB45W7K4I\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexWEBM.3QYOG4SOOGAMCVAKTLB45W7K4I\shell | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexFB2.3QYOG4SOOGAMCVAKTLB45W7K4I\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexTIFF.3QYOG4SOOGAMCVAKTLB45W7K4I | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_CLASSES\YandexHTML.3QYOG4SOOGAMCVAKTLB45W7K4I\shell | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe
"C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://yandex.com/legal/browser_agreement/?lang=en
C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe
"C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe" --parent-installer-process-id=1704 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\e3074628-7ba7-4459-93da-a28060499a6a.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=242716800 --progress-window=131534 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\29511878-d62e-4a0e-8720-c04c10c2f200.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\bbd8fc5f-a23c-48b6-9762-6e47c7bd0d93.tmp\" --verbose-logging"
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1776 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\ybAD01.tmp
"C:\Users\Admin\AppData\Local\Temp\ybAD01.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e3074628-7ba7-4459-93da-a28060499a6a.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=119 --install-start-time-no-uac=242841600 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242716800 --progress-window=131534 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\29511878-d62e-4a0e-8720-c04c10c2f200.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\bbd8fc5f-a23c-48b6-9762-6e47c7bd0d93.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e3074628-7ba7-4459-93da-a28060499a6a.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=119 --install-start-time-no-uac=242841600 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242716800 --progress-window=131534 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\29511878-d62e-4a0e-8720-c04c10c2f200.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\bbd8fc5f-a23c-48b6-9762-6e47c7bd0d93.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e3074628-7ba7-4459-93da-a28060499a6a.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=119 --install-start-time-no-uac=242841600 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242716800 --progress-window=131534 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\29511878-d62e-4a0e-8720-c04c10c2f200.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\bbd8fc5f-a23c-48b6-9762-6e47c7bd0d93.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=358767700
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2700 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x1a0,0x1a4,0x1a8,0x174,0x1ac,0x12eed30,0x12eed40,0x12eed4c
C:\Windows\TEMP\scoped_dir2700_97829645\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir2700_97829645\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2304 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x12c,0x130,0x134,0x100,0x138,0x5a3560,0x5a3570,0x5a357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=51FFC564_69EA_4D47_B566_867BABEB7BE1/*
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2700_607732039\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2700_607732039\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=131534 --ok-button-pressed-time=242716800 --install-start-time-no-uac=242841600
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=636 --annotation=metrics_client_id=9477e3bc9b6340268440385c02042b0b --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0xe4,0xe8,0xec,0xb8,0xf0,0x70db2a08,0x70db2a18,0x70db2a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --lang=en-US --service-sandbox-type=none --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1376 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --lang=en-US --service-sandbox-type=utility --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1564 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --lang=en-US --service-sandbox-type=audio --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2176 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2188 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2488 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --lang=en-US --service-sandbox-type=service --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2604 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --lang=en-US --service-sandbox-type=none --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2672 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,1066583727181785859,15417888899427872908,131072 --user-id=81954C68-C75F-4355-BE8D-CEEAEEAC8AB3 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1136 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.243:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-03.cdn.yandex.net | udp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.243:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.243:443 | download.cdn.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams17.cdn.yandex.net | udp |
| NL | 5.45.247.13:443 | cachev2-ams17.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.18.190.147:80 | crl.microsoft.com | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | cachev2-kiv-06.cdn.yandex.net | udp |
| FI | 5.45.192.146:443 | cachev2-kiv-06.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-02.cdn.yandex.net | udp |
| FI | 5.45.192.6:443 | cachev2-rad-02.cdn.yandex.net | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams18.cdn.yandex.net | udp |
| NL | 5.45.247.18:443 | cachev2-ams18.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 104.18.21.226:80 | crl.globalsign.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | aef7662e93a978d067f889ad4ed894dd |
| SHA1 | 0aab134cca9af23faf88282bc6c21d12f04b17f2 |
| SHA256 | b04ae2e9fd6aceebda17a745be8d46d5d03d86d82fdc497728eadf5c91ce5d99 |
| SHA512 | 22157ca517546f7441cdcd178ac3f2c5105f8570b087e9325fcfaa8c90d9011d1c48dc7883e44d3e0125047bfd3fd1166b7d2ba3aa35babcf4bae62cce5e63d0 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 7a5542ca7149e01905ed3fba17660eb0 |
| SHA1 | de7de54b4ccc1a10f184d42eacceff87ebeb5540 |
| SHA256 | c2d63d035e3dc34e74fcb981db099b0d1223995b705bbe85de8d9fc5e4429bab |
| SHA512 | 1d1f9dc5cf118f03c48a0a8128f5230d9c709a99f44d98a59f3e112bf398b15e74ecbd6f8ca86bd821d8dce2ba2687a03fa5520f92082ef80f05bc31933c34c3 |
C:\Users\Admin\AppData\Local\Temp\CabC2D4.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ec15826ab3514935cef3248992771dfa |
| SHA1 | 58e54d8a47522894d4adcf68341adbfe6e408822 |
| SHA256 | 2b686e117db8c133b1fc129e6d2c4cc24edfccae352471563214bd713dad6cc3 |
| SHA512 | 7f5e3bc800b818c055897ed622e59c96f7eb1e72de4cae2efcd55c92aef58f3f2f9ede46b8631474e040c48441bd9403483e69c9c2320642066c6fda9fb75b08 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 5ad4f0d51524f8e47b2bacd79dc88400 |
| SHA1 | 1fbc454c75277412dff1d2a63ffca7a8eec81a77 |
| SHA256 | da067212fcea84eab8d11be209f2089a5f70567cb707b4bfd10f7aa921fe3cfd |
| SHA512 | 98260370261f69825b84d97a9d69511f29ab33406e21c7820c99f4249271be3bf7b524279c468f6bcf1d6af0196919510722351ea6ea43ce1e10591d1f119666 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | ed93418bad7b9e116ea0163c40ee77c7 |
| SHA1 | 0bc029dc9502743101ddf9bab537da7df54c9e00 |
| SHA256 | 1e1b1b5f5789d2544025795285c39d38e46a15a2c5e0c481602d90345df45cf7 |
| SHA512 | ce57a26801d423933827d30a508cd80a5dc93dbf18ae4f5abddc7fc6354941e0a270718963497c7c7fbd5c9bbfc565dc484e1a5d08200fb0595d843b4bbd833c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 2275e316df725248691e93eea5598e6d |
| SHA1 | 9a4d2fb131e59526db7e8c0c0aa7b673562afd1e |
| SHA256 | 3fa5e4759d1aa1d2039f435ee55d36d360a8f54e92f747dd7fec2c4cdf5fac90 |
| SHA512 | 61417c300008cb414ed835fa565ac91a3c957f0ff7f96913a4310acf390e9e818f78d47e2d0e6056acef13368be4e4272fd5bec9456f4f8c34c7c636af7313e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | b20a2d2b881b6b0894850cc97d4ff2bb |
| SHA1 | c2740c7cc1abb613ca67c584790c6a0f0dcff27f |
| SHA256 | 40b95cf0a84813cdb7555af0ca2a2513e350aecc1120b12898df45fdc53ad8b4 |
| SHA512 | f5f7ff0fe457ec29b8a68ea4287ce863ae3a4d3225d324d524a299ab371121ecdfa5c7c3352e3f89edd309419cdd91263dc2f6327be8c9d2876388fbffd75b83 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 29258a09988453a845fc1574beddd385 |
| SHA1 | ef746151098e2242b3bc7e40d40a65ae6e9b408a |
| SHA256 | 2ec6579a42d70e3805cd74c5ff8ef63f3e4fa1e4edc7567461aed06f73f05225 |
| SHA512 | 41841d0a5fd6b4073f7e4b5cc1f1369ab4c08ad5b444385a9abac201e4acc6c88afa2aa8db240610b56f4c0a1fe05308dc88548ab9fda9d3557e390231a6c70f |
C:\Users\Admin\AppData\Local\Temp\TarCB3C.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\81B9B36F9ABC4DA631A4713EE66FAEC6_3127807E14AC026FFAE1EDED5FD0DA62
| MD5 | 77e5b8940259d7af2b205c67f7b08ad2 |
| SHA1 | ee10f52ad6193c73c8b57452a1b059ebb4e688f6 |
| SHA256 | e5425105bbf14933cd91f1d0a6e95b35ae92c76c63acb6d1198983d7f4aa0155 |
| SHA512 | 9c1ebf306fcf7d95a8ad213f39b16cdac0f839ea667fdeeec07fdbb74d3ab0ddc89a9d819b2d969e6ae0624ee27c299e4936e719806f63164aa16fa394bf9bb6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Y57749Q6.txt
| MD5 | ac11f1d37781938c602b7e75b8c6c197 |
| SHA1 | b2ee5a280e74fc1cb7337fc5c60e93d3db43508b |
| SHA256 | 364961724a54edc560a12a2e24251958d3c2337e5d3e678ba42e0c06d12ac1fa |
| SHA512 | b061b5c22c38261e7caab5ffd38b38f93a0acd981c3c041296be9c384fd2cd89e98ad88be1871db46cdbbf513e3c0cd3b8c62817ecd55aaeae059ad1b32ab440 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | ffb66c88c2d6b84524ef78e5773beb92 |
| SHA1 | 8599e701a2f1a942f0ac156e19c616434cd908c9 |
| SHA256 | b92d0d76ed25becc2aa4397afe84dc7e2770b24aeba463d6302c53d28f851e32 |
| SHA512 | 281112f1ddb23ac2cbff946a1687ce6f1b6ea6e57e39d5f4e8b73f8a56cda57e7c608d5a4ad81b587193867e88843cbc67d7de01f378be0cd2514b20a51efc8f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 76309ab3f5b2e6f53696167d025c0a4d |
| SHA1 | 5d0458779f0fc3ff8277a5a5bf579955dacc9a9b |
| SHA256 | c7ec0ba4ce989a5d604609c4d5f7515ec28134c6ebdfd6948a78f4c402b6dca9 |
| SHA512 | 012c93481e9ab0dcf1c687f2697de8c11b118e32d0e252d50bc639f0f162ca0207185c0c4ba717c7eecbf3a5ae638f5fa0eb06e644cc0140aba240018f2b9b77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 61ff8809c54f61d39d3a3b7775ee70e5 |
| SHA1 | 7a6f6ed461041bd121338dad5c480d26a8c23e9c |
| SHA256 | f0dca7754074176c7e68812a82bb70a36d3394c94314d486e4fc1b16741350b4 |
| SHA512 | c821150eeb89d6428d84144279f078f64bede58224f848973774c8308c733f0caa711c6f0a13bb1d6e121afd566a0d470e9b946d61401aa2adfc429e72cb3967 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 658aef23fbb6fef67ffd3181581214b8 |
| SHA1 | aa38485abaf6e5077a78bcb75867878c41b8557b |
| SHA256 | ff3b32580e25f540618f2b37ddfc9b919c6d28dff643386ce12c60aef6bb13ed |
| SHA512 | 5f9fc01b6ee5518952b7e954d77631e5dbb6f46c300a254f3f03ea3832761a599708cc317e6d8785697e9d677d198eae948ed678332554dd8d5ad7eb080decd7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\BT1FQ0AO\yandex[1].xml
| MD5 | 3eea91e78d504064f8686cb94d1b98a9 |
| SHA1 | c87c5b50a47b61880c62a0ad934b42bd9a7543dd |
| SHA256 | bf397977a05e83313dffdf8f90d402fb1955c7539f27ee2274224c1f092dbe0e |
| SHA512 | fc532676cad5f909d6a54c38976d1d24b2c91bd820dc75e0a47acfd00f341d8407f76dddf4f068e1d640423617d2816e4567f12725eb113667e7ecdc6e1188c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6f8ec4eb6dac122a86d50f30b343baff |
| SHA1 | fe207f4642865423d588ab7d393916ccd315e1cd |
| SHA256 | 4e385c230c8afe859fa7f2de8df1f5e41555a68b7aad7cb2be9b8b674e02d6a0 |
| SHA512 | 4dacd6cf0edfdfd69a0366f0e0163b91a9331bb68257c1790c0b41fa0f5a85dd0248cc8057326a9772d0de5bf2b0e8b84a033353e55ea8ee91eed0e120ecc124 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | bc57438c9433ae9c30543615f871bd2c |
| SHA1 | fd85c484459d8a36babe48022ec8a42ded3a8a3a |
| SHA256 | 360638b96c818191e9007636aa1ecd1ef67709d3f0e02e52d876220ef308f25c |
| SHA512 | 7d65a00141e10ba288d49a098994963226e7b90aa057e8485f4b29f3f73b43e7e6472bbeb3e50c82134378b1349330e8e40c4ea39df163af06d5612145f3d7ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 858dc9bc00c035111bff9ada2068245d |
| SHA1 | aeeb3b3df4f539b561a2422e55d2ff497d3f7328 |
| SHA256 | fad1cf32c8ab2d4c2670d73a01b21702c712f9a85bc16a6ecf2fba044b7cd31e |
| SHA512 | 08485e4236ba6162f9518ea04ed24d1c04fff4135ec78ef32b2f2ec7fc49db131fc7f2b46bd0a3bf94e579d208bbaccc3584dbf69a588651872199c2af762725 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93fa3c96c22bc446fb4d49a14c2d2414 |
| SHA1 | 8c09180fc0e3501e3045bde698103a32efce099e |
| SHA256 | 0e1dd97aea86b09626af7c3e01e18ea686bf8231641609b29595a42d7cfe5f30 |
| SHA512 | 88b1bf77c8ac347a96f3fa575a88f075332baf5e8bd8e62e4dc6f7cc13c1e042bfbf44c6f0fae61ee95df010674e8a029f588c390988c72eaf894b426541c07b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 326f3f9bd1106a875fc8e2f7da40abd1 |
| SHA1 | d4ee8875fdd1691755a87455a7023e0559ff9e27 |
| SHA256 | b4d8d99291889c0e2994918095622646cae15add4492884a4c7b442479909047 |
| SHA512 | ad0f8d808d0e539196ce1733db3e9dae43e844810df7a2d6568b84ccd0074cfe23916c4b1f48a8b997232372828211e783c09382185eaf04c2e88dd45714ae5f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\yiu0yt6\imagestore.dat
| MD5 | 0f3ad1520e77eb2d30a6de97ab40c6a3 |
| SHA1 | e9343afb6e4e6e1262245b3afefd1121b6be0b70 |
| SHA256 | 83a903f4bdc735b4bd7e19dfb3cd5f6addbf71acf295244f1fbe550ad9d5c567 |
| SHA512 | e24bf3feb7646f54e6f251af0947f3bc268abad33a41136647fc4cb2ce640e0236e7caf128cd96e160b4fbb7917b9eaf1017da7b1641c25f9f9f137e3dee569e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\favicon[1].ico
| MD5 | 5bd286ded38badeda66e9c395b814405 |
| SHA1 | 49e2213a60c70825b9552505cb8b7334a3a29a40 |
| SHA256 | bdd8486f2d838c7d9b0e2dcfe732a52c92f63879525206c2662905a051dd31ea |
| SHA512 | 96bfc9211f0f1c1c375e49ebcfec9e85280bba64352a4936b95e15d5128e77e9b4d5ba60cbdd76f8e39ce7bf537e8c77fef218e0b24856f28fc34671fcbecd0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 6b10aa54b69d0efbde04cb9f5b8783a7 |
| SHA1 | 7d962e8696887eb8b41b9d4d7bf45ab22b001b40 |
| SHA256 | b73fd043ad66b782e1af9fce465c1373d026e72ebcbd30e2c3bb4b1d536d7045 |
| SHA512 | ef6a57d0769c95f28d16e261a35b9b82b4a2b64b7db218622837a3f976d4c755c5d32566829e6732717c1fe30d92b88cb51df1c8a986d5d9668a2a65743a5621 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3bd625ff03624c5e8a7fb50cba9a90e1 |
| SHA1 | 3b63233d20e16dbf13fdd2e72b27a28a49976aba |
| SHA256 | 6ac04c439e2b10ab954a45e5abdfa2e85a60ae16c46a3d41a1fa78177ea2eefc |
| SHA512 | 9389a33b538c1fb0838e3f8552747171277f525b4e674c260edbdc31de6692274228f7ac40e37b77c7cea5956f60e12045bae6a4e266b9aa5b4784ebc392ab56 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5a3b2119bcb4be5a4c0be0db273c740b |
| SHA1 | af829fc539327a0c015236693f53948967f79b13 |
| SHA256 | a59ea4562954dfe4080a4ae8849b64a90b19ad2a3d48952b84fb6f28d5eab5db |
| SHA512 | 2cb1c26d2a3a057031dd939ae566e1b0d1a6f906433f78d3f1f1613706458220c3ad6059e4bf9ffd8f0f2a52a6b60313acf6a6b794bf3214b26adae8fa25ffaf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff19237e65d3ad95e961fffb4a7fac60 |
| SHA1 | cd159007c2b2f3f583498ccf50621598c52e0058 |
| SHA256 | a1d3957da227eb6073ac796e542a31adca8c93814623c0933a354f7626eb956e |
| SHA512 | 8e73a919719cdbf7561e9bb8baddb2646decb2419c1c4b02a12599410ab5e65f85bb2438984012f1093225f82a8c54bf44f9cefb4eea9ff1294ce79fb183111a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 119c90ff0b7664e139ef1ba43d222bcc |
| SHA1 | 3d5a165e0cd9ef999e2cb4d87d9dd46d9dac67bc |
| SHA256 | 38a5a3cece0d89cff544f2605c2f3752f3f2fb10f6dcd5df64a5964e4c4a7c1d |
| SHA512 | 6dc969f61c60caae267bf6bcfb459202e9b0fe882653a270c575fb28515ded83facf275afce78d9c85af68b2c3c8ced730e8f254f7d6c44361cc4e040cb6ac8c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a6244183af292a241727e80f9f4b784f |
| SHA1 | 32cb921371e09dccfc14215b735dd673842a4104 |
| SHA256 | 5acb5fa8acafbff77ed2fc29ae9e53cb59fb1b15e4ee331050d2c3b150c5a9e1 |
| SHA512 | bd25614357814a7db93a2760cc67e926bc9d27eb2b784ad71e5c48426dad4afa59c3cfb03e993550f3b5f1469bee69f113cff1bcae242206776c851792d0b78c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5045a9700d07564eb9527c16a4a46f52 |
| SHA1 | 5bb202382e1f66aec83436c16dbd1318b6975ae6 |
| SHA256 | dd8ea9df086c5a5a003b2e65fcf32b96b233d6c2fe20b2b5f5390083a7480de8 |
| SHA512 | c16810b43f22994ecb7066dfecda990b8b606d0abeddce61c906c25fef89c46bdc28e4333bb1b40d2c5c5db780213e16d9336d5289da9ebdff7d1acc71b61c3c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4878af11924f22f59f8665ff3643def3 |
| SHA1 | 730a735e4144f7e163e73b662eb35b70a33a291e |
| SHA256 | b660082f49c2fbaf3525e518e3c8ba68b31f9419bf091aa649558ff3bbacd37e |
| SHA512 | 79d4b6e420b9370b22104d59138768956a1cbea1c18b29c3c94c459f3f04952a0783a6a7eb3ec4944be3d15557789b7b961b97eeefd90bd317d59080eac0c0e8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7d6580f9e7bc15fafbc35693b25ea792 |
| SHA1 | 053bf897c4d0b9344c8b8f44ed67aac1471dda27 |
| SHA256 | bbf10db43e683abe83deeda8eda6f7fd097aa4d29c835fb5eddf522351dd73e9 |
| SHA512 | 042bb06e983b6c197535d79ef6e23208461d7b202015e17409ce90754e792073e32d196a427fdbe8b542d572aa097aa99caf3512dc92d1ee9f28c903681782ed |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4EKMS3ZO.txt
| MD5 | b10282100b6755c2dab122c5f2ed7021 |
| SHA1 | a38091ed8254e77afa3b98439bd71b9f6a23ba53 |
| SHA256 | 3c1b7dda99320549c79e184d99cb29966606cf2b10036a44b60259576fc827b3 |
| SHA512 | cd3dc8b6a110f23575ebae8c9521ebaac66b387ea8a69f63d26b6ce965133c1d6a1f15808f35d4b60677666a1c427b42aa92568e5464de6babe7cf8843b7031b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6be472d20dc6b1d294f3970afbe382a8 |
| SHA1 | b69bfef762d0be35a223fb5b825434ed23348b5c |
| SHA256 | 4f6a132a4d4e882f8919ebe297768bcfec31af4351cfb72d54066e28ddad0b05 |
| SHA512 | ee57ab243ab5b856b5604762fe44dac2fc4c736dbc4d1acca3372284942fe5ee886447518b9b05234a36c9b7da272b8735345edadada0923fdd7552e7a14ede2 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f2219739e1b6f128271a22063ec4f927 |
| SHA1 | cc1882d714b95ccee571d9f401f7e42f0ec87429 |
| SHA256 | 44306172e18980b18e7cc8979644f819218ed22165b11d7ba3606da42a840f5d |
| SHA512 | dd30e34e177728ee3546b3eb66a9755e159fc20796150b73cb98bd0e415b4b3ae97e7e3e37256467ae7eeb0fbfd82e96de302dcbc165d3a8fc8f38cd82aa41a8 |
C:\Users\Admin\AppData\Local\Temp\website.ico
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 3586905f5e3af3c5d82e582cf7bb408a |
| SHA1 | d9455549aaf38e06ebaef9a8871ea1f5bf7e6d86 |
| SHA256 | f119b58c9b8935652a9bc476f507defad189bb67c785c4504276e7e5e353cc8e |
| SHA512 | 17336dc37891544ac55199d0e4bb9241598d4e28736c91f1f843a1abb06de40dff90ec7cca55ff1e3c5ec366045e18002d71b022025ea91a64a70690fecd8167 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | cacd2108c57d4075934d56bb1714c120 |
| SHA1 | 96631a728e14afbc284f2441759120a7cb9ac9ca |
| SHA256 | 4d70885d19145807183a49ed92c907bb2bea42ad4737407487660529607af630 |
| SHA512 | 1656e1fbf90338abe4503cfee355d30ad998c9cb48c93ae76b1305fbfd27fcb1e2333be911e60d224c6f240c2a262ce5b739938ebd6331c4ab0249551f2c359d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | ef0b47ed0ec7cc66fe22062bf7f7000b |
| SHA1 | 248ae96e4b6cb1eb601bc4812eada1c9dc6f0a16 |
| SHA256 | ab4ea69ce0694e328c6e0f9024ed4bdfdb0dabd2e53bcf9a98ba7fc39a43ded7 |
| SHA512 | 4eedd2413fa88b41b68792564d89fe05437d156a4c508f7953a8e2b8f142e795f820d9d7dc11209e42e80805305c341e1d88a45729b13835bd762ed6c80d5226 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ac8f6d8e23628031cd3252358cc171c0 |
| SHA1 | 5b428925dc1d56965b8431459bf7b585f22afe46 |
| SHA256 | d8236ad8f6f83872c22641044d1d4c4f8b13314c4affa6237973aa8506cae29c |
| SHA512 | 48231b05c1a24a865894785cbbaa10c1c0011538f8f7ac648b52bc3bea7aff6f9ea1c777a5197497239c004f3681d1dfdf583a19064247e72e6d501eef160002 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | dfa737ac9665c5c43bbd35ccd020488a |
| SHA1 | 5d5c9e3c877355fe41157d2058395ada293ad1f0 |
| SHA256 | ce44a2717e329671135391d477c95ccd325e7f401478fb566048d45393cf2282 |
| SHA512 | 2eac61fc87abcd6c692531ee8fcdedfc8db9e87b7c5032d1b5fb60ef8f0f431974719520aeb2c13525cca66ef2a63845ff576fefd27534c2ec6de1aeb106b028 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 411d69cbd600b304ea54559c84249c0e |
| SHA1 | 65d54ffa07beb3a1268dec6697668d5159091972 |
| SHA256 | 09d3b7d0b905eafffbd3cf78cd38cc365a343976ef182d05eb2c06892c1e5d61 |
| SHA512 | b1122470614a58ff4f0bc6eb6e4aa4a876ac92e87eb24b580bd2edd31a7e4a8f7d32ba0da24c8bd08177e47878cbec38460a411180fd12da884d741ca252ecd3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 23aa02cb25d6a535f578584f2318ca22 |
| SHA1 | 3e10a03b8fd5f0ed39ae128304d25f9fdb00d705 |
| SHA256 | 2f896753a7e1998fb490b7f43d58e9cf3e53d480c2214f25b94a47c3b1d38f37 |
| SHA512 | 085a57744b445413951103bc815c4cb9530ca498b3bd6f99e092e1cd9fa5f035e102499819cb0b6f40bbfd72e025855e6aa3bc5f6c8b0941e266a9d1ce3254a5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e0ed7c56d6433885813461c5d7d08f41 |
| SHA1 | 023f8ea929ce701dc7d74fbefff5584510f98d42 |
| SHA256 | 9acb754ba7e562e7d8ba9ccd8560b5506d6e4cdf2ea9d40e8d60d1cecf3cceae |
| SHA512 | 8fd197700906a8b1e2336a96ae83edc13dca112d03fc3fba2e82416004666891bf845e3472f305f314053d722f70cf3fdae51164118be0e8f721855b073b0cc3 |
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_B17B7.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
\Windows\Temp\scoped_dir2700_97829645\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 4f1be417b1b0a30cb74c89b1f2b73ec1 |
| SHA1 | 87286221a3da94d5147c58e02518302cb3e8538a |
| SHA256 | cfc6b08f8f38730a520e1808eab6ca81d9272e6a0af6ae92d67fb6d355552290 |
| SHA512 | 3238c87202c69ccf9e62216971e3f59ac9ea85d9f25336982a8336c61a345052ba7972b8651cca94484671a032e95f3fd411c759045eaa7105c30f49cc243ce1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 2d30e5a72a9c7c2264fcd6fc014c1011 |
| SHA1 | 4cec8d0367f867c9105d2a5cd4c06491089fce7c |
| SHA256 | 168fd397c35dc57dff43546e6509d6beee5833383f489cb4edd8ca36350a3143 |
| SHA512 | 6150fdc0db8025dabd55b69eb58fb65c2f29b3c960c55ec2a9b4c7489fd020a5d29cd5b766008bbea74ad8201fcd4d0c383fb06c8ed7e3b3d2bc289518e5a21f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | f2ed94ae89ed3fedcd41c5d3d653dfe8 |
| SHA1 | 75e525bd684db06745dcaa8eff4d83fe46412dfe |
| SHA256 | 1420bdc652461d30aec865b2cb7b91cb511edb3c7821b1c85e31db249774f5ad |
| SHA512 | 50d45859a40cb825a746d66ca3f7cd34eabf5747d088563085fe83d6be44c912dac2ff1a3a030d1ae86015e17a95f0ee55a206bfa24326a6f391b7ef76a0a85a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 5d0fc47d4897296de5feee77ddadac1b |
| SHA1 | b7eb783f6591e463348fffdca1795a462e1f9644 |
| SHA256 | 91a45efeed5a29e3c19393cb1c1d192839ed509ec0b7a1a4827faada4d4ccabd |
| SHA512 | d26a90958e9250c23de6fe1a491a65823947fd27b240c03646f153f0a1ee230d48c1306f6a200a59364b1f52662ab4e1a560cf457c2feaeebcf1b0204b9ca577 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | a56f87439c003ed92a7cd449ecd15053 |
| SHA1 | 5645926a0015cf74d22570d5933c57494e27be58 |
| SHA256 | 51b876e104a5e6a36baa572f69c1fa3379127c42cf47d8cb34866b7f4850f5f2 |
| SHA512 | 5399a1d38f15371424de9b62aa1feeaa32a52a8cab78c4522d7be371a80fabba67bcfe7daeb78e60c1165aa85386ad320eb43754c85620b6574ceef27d4c8af7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 4694142b5d8bb052b903b806f3d01fca |
| SHA1 | 2805b21299405723b71a659547644a9006f428cf |
| SHA256 | d56482d34a76e4a1382362f92db2802eadfbd07605514523642c15ff82af8bcc |
| SHA512 | 07add85213fc0acab278b7c1090042dcd54ed233ce733cff69acca44b81938a7de515237c1f35e54491a4954291fc9aa2216cec9b8e3600f08627dc719859bca |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 22ff46d9675ed452a5f9e2219f577d9b |
| SHA1 | 0020b3133a7da9ab0bdf0b5f498f09abe98f7417 |
| SHA256 | d959ae44f0ac220cdc7dbe8dff98307891368a6f2e64e5bfb6cc7136cef66822 |
| SHA512 | 786bf71e3217c6374e1fbcdc2c86a2bf8669d39beae7ebaf9236ef17cb2053fa8efe0212018ba0cef6a7325412bd854b2b424cd34f0bc359aaacc2dcf0a7c864 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | d965d23fc4650412e7376e13bacd47c8 |
| SHA1 | 5dcc327db3df937f4461bb4b59e6b8c1540ab2d2 |
| SHA256 | 6055e8b820cc99d3f983c19646c320f3cc5294592b6bb73a2a9fd455108780aa |
| SHA512 | 27356dc8b9f47e3f71099c8a23a0a19de8c044b714504654badf4e5266b73c51660049f8d73dc93d937ff299076c6bfc691a28b29f6a9a74cbf726407e34aafe |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 3db3ade98ef1e949dcf0ee4bc73e2845 |
| SHA1 | a08f234dfa8325bf6e37a113a04654ee01867409 |
| SHA256 | cca344c147edce01cd3b9641a42d1246e2473149539cb5947bfb72bb657fce53 |
| SHA512 | 1213d6b0526318d615cb242c19846a50ebb4e818f2c21e1cf8f8f79defc71bda8674567c8e6a997c0947f9f6cfcd37a5ac8d1be7fb08ed5470c955c7d1b2de5f |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | bf8fef7f1ac643431bcdd18f5f5109c6 |
| SHA1 | 6628a22cac26bdd7cfdab0e883cfeed28cb4c80d |
| SHA256 | 8bea253e625c84b34476468db1c14ea04e51c320c913a064d1ade06e8d479b7e |
| SHA512 | 5122d23b5b828ef133a2988779d95de0ec9548fce38621685fd0b7958499a25c72b952937312f91787aa9479d197ddababe6ed2980e5a870858e0fe3996bd9eb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
| MD5 | 7bd6ae1f87023e817ea64f6f1e78e125 |
| SHA1 | 72938ec5db5ecc847ae10959b1522aee39f04b49 |
| SHA256 | c125cbab38741d0e838a7ab7e7f681dd60ffa7c51dc17a8530e51ad23fddbbbd |
| SHA512 | 07309e3bb73980308bdcdade8ca71d49892df770079ec777484add1f21e0183ae0c30b40a9422d6a2e4661d939b5e92c0a04126cfda0e9f0524b71e62cc1c885 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
| MD5 | 86b97526f262ecf87ed7ecd6c7eb4218 |
| SHA1 | d009c56e5fdadb73975c253a14616098dc8d243d |
| SHA256 | 33919f6b6975431c22a06c41c32e5f7092860958c68e453eaff9781bb6ab274a |
| SHA512 | dcfa8730ff4da19ecdf72507f36fac86f47c6133a13499605de9a70e8533da1984ff7f5800dc9a597c27b4649f237203f5400e344e22d3b3eb98e2d63f34f20f |
memory/2700-2224-0x0000000000F10000-0x0000000000F12000-memory.dmp
memory/2828-2337-0x0000000000ED0000-0x0000000000ED1000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\video-13374364614749300
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\picture-13374364614749300
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\preview-13374364614749300
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Platform Notifications\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 5798349a6ae3ff86ad5e199a6285cc35 |
| SHA1 | eb056a76b1ceb6d1325a9230899c5cd943beb613 |
| SHA256 | 4261ba4cae8502dc0f3dcbe13c9cb958d2fdc15e1a81e30577ec35f7a06d0c95 |
| SHA512 | 7bd79b5b7aad9b16db295b9f0aa227f85d1ab8eb5efc2aa26ca55c02e7b1b55d9320d93368adc5e0d62aeb6439219c091e0c52dc1b58f89821a6d906ff060b41 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Yandex Profile.ico
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | f8b4d44734ed867273fa62a727fb4b84 |
| SHA1 | a23dc4fa8216f62e7d5896072f73258fd4972b21 |
| SHA256 | 896bd057b4ef5b3174e90f8c6215e10d08356a9eee473bd2368403683e8d66de |
| SHA512 | 6f3ac279c93903c1c99ffd01102a484cd090c0278440919c32ed9347602838ae5659ccc020a8b9389b684fead74ff4730f43f3ec819c9f18daea897b1634eb32 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\e6ee7df3-b6a9-4a0d-96c8-b4edbf62ad0f.tmp
| MD5 | 13d0ffe9550d8c8ebbaa23d8f005dc97 |
| SHA1 | 6a8b81187e58ebfb64cd30722059b09ee9979ded |
| SHA256 | ce961290d9df1639a5ea85626fcd258ae0dacfe78b97bb0f7d7578b20cce73e2 |
| SHA512 | b5caa02e0e401d4fd2b5f67c3fa656451e1c87f45d53579135df07f609313a0c87c80190bbc4c1d62e87f91cc537ea4010ae913705128abcf265f92f1a33b6c0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\b3706796-a828-4243-a231-a2cc533db540\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\b3706796-a828-4243-a231-a2cc533db540\index-dir\todelete_12f54f55ece8257c
| MD5 | 388f81493adc0e4e31bbd43d35209754 |
| SHA1 | a29abcee688fb655c4eedcc0d174d6fbbe030359 |
| SHA256 | 9afa21b110da0bf62b3cce2175e6cc0e0dea8b85a33a0769c830c4b2d40cf56e |
| SHA512 | 09a21fdea67ce61b094882a1ccad8d9158ef391537eaa40ae4c2875e902affdd99e68148a72ca1474d77a79c01c67e8deb1bc0c57aad736746ba76efe4a8529a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\15ac6d05-c91f-4188-9a9c-6ed3ef07e103.tmp
| MD5 | d8bcd807c2b995dc65c7c5bc196c4d9b |
| SHA1 | 191e276badf3644fad7e6601ff9e346e6dda547e |
| SHA256 | b9360831ee214b09e3256d45241d0961212fd5daf599e2a33f04e48446fa10a7 |
| SHA512 | 3670f2c05bc6901d5b5938c73b4af7b7ede73e74e7845656bc7c013e6e7f3617a2fe48229f9145785f3d55e29d587bcb434cfbc429db07bbe454f26b9dd33977 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\e3f387ad-b357-48fd-82b7-8923807df190.tmp
| MD5 | b6f86495f7a8023a76f423f3b959ccc3 |
| SHA1 | c2208c9dc1ba66e7d0d67d14ae1fffdf8fee727e |
| SHA256 | 4328381d1845742ab12b4773cc36fb30604b1efee1a4a5730aeb1f981ffe9128 |
| SHA512 | 7686427f1d13cf48efb6585ef2016dd34d4d11bb08cd43595542f573aa91946c002e541a3ed1dbb4bb4eae92afd4228323bf442d9831cf04fb5add55830a3ff1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 34e48062d420ffb1cbe866c858f16bae |
| SHA1 | 6bff1f153436633ab17919aa5888e43b28e00ee9 |
| SHA256 | 708a10212eb62dc7aa7fc931fadd3e8fb993024d5f1a77aff80297307f8d3b81 |
| SHA512 | b7b69a2380b0cfde500263c2d7c2d9be34523a07db8b35cb7b847833607a36e6c35ff042e199fb506ed246f6da485395bbe6cfd1ef7c398a2dd6747d70e46301 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 53a7b546410a75f1fce16662734a9086 |
| SHA1 | 69358fdf02f4b8e58dba97223402f32c3c03bb87 |
| SHA256 | 6b7c21586034520101c83ca355861953d40c06cb40464209c86b3f7a3d34d893 |
| SHA512 | c8b8771fa8c4e7d12809245a4814cfffcb42a4a6c686d02f8a069b361dcda3035bcf6e8d872921101bfb83f9e2c94b08c5663f1149c96799131f3f7d7099a41e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-25 21:14
Reported
2024-10-25 21:17
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
159s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\sdwra_5888_351831887\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_5888_351831887\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_5888_351831887\service_update.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser TXT Document" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\AppUserModelId = "Yandex.Z7U7QVUCLRRNYFIB2IBUGKKOQQ" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.fb2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.txt | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\AppUserModelId = "Yandex.Z7U7QVUCLRRNYFIB2IBUGKKOQQ" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser HTML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.png | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xhtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.fb2 | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-108" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-109" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.infected | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-107" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.pdf\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.gif\OpenWithProgids\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.htm\OpenWithProgids\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\AppUserModelId = "Yandex.Z7U7QVUCLRRNYFIB2IBUGKKOQQ" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser EPUB Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\AppUserModelId = "Yandex.Z7U7QVUCLRRNYFIB2IBUGKKOQQ" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-118" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.infected\OpenWithProgids\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\shell | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.shtml | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexXML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser XML Document" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.tiff | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.jpeg | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser PDF Document" | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.crx\OpenWithProgids\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.jpg | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 1900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b8200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe
"C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe"
C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe
"C:\Users\Admin\AppData\Local\Temp\ac2e8963f3ea0e4bd612078f555ec1888e8ed2118b63a4091a162d341fcafbde.exe" --parent-installer-process-id=4424 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\aa30f9b2-9271-4106-b916-7b319a6f8dd8.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=492312674 --progress-window=328256 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\aa550471-f0c6-4f69-9916-e98db229a3a0.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\f35fa58c-f611-401d-b1aa-aaa1864c2d8d.tmp\" --verbose-logging"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdef1d46f8,0x7ffdef1d4708,0x7ffdef1d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\ybB5A4.tmp
"C:\Users\Admin\AppData\Local\Temp\ybB5A4.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\aa30f9b2-9271-4106-b916-7b319a6f8dd8.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=68 --install-start-time-no-uac=494172061 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492312674 --progress-window=328256 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\aa550471-f0c6-4f69-9916-e98db229a3a0.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\f35fa58c-f611-401d-b1aa-aaa1864c2d8d.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\aa30f9b2-9271-4106-b916-7b319a6f8dd8.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=68 --install-start-time-no-uac=494172061 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492312674 --progress-window=328256 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\aa550471-f0c6-4f69-9916-e98db229a3a0.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\f35fa58c-f611-401d-b1aa-aaa1864c2d8d.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\aa30f9b2-9271-4106-b916-7b319a6f8dd8.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=68 --install-start-time-no-uac=494172061 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492312674 --progress-window=328256 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\aa550471-f0c6-4f69-9916-e98db229a3a0.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\f35fa58c-f611-401d-b1aa-aaa1864c2d8d.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=560242020
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5888 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x28c,0x290,0x294,0x268,0x298,0x7ff7e5b804b8,0x7ff7e5b804c4,0x7ff7e5b804d0
C:\Windows\TEMP\sdwra_5888_351831887\service_update.exe
"C:\Windows\TEMP\sdwra_5888_351831887\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5648 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x20c,0x210,0x214,0x1ec,0x218,0x7ff7ff72caf8,0x7ff7ff72cb04,0x7ff7ff72cb10
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-background-scheduler
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe
"C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\Temp\scoped_dir5888_583590490\explorer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5564 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x28c,0x290,0x294,0x268,0x298,0x7ff7acc104b8,0x7ff7acc104c4,0x7ff7acc104d0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source5888_2061385510\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=328256 --ok-button-pressed-time=492312674 --install-start-time-no-uac=494172061
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=6088 --annotation=metrics_client_id=0802de459b1d4d69b35482d5053c178a --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffdeab8ef88,0x7ffdeab8ef94,0x7ffdeab8efa0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=2440,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2436 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2160,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3512 /prefetch:6
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Network Service" --field-trial-handle=2192,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3536 --brver=24.10.1.598 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Storage Service" --field-trial-handle=2704,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3644 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Audio Service" --field-trial-handle=3048,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3704 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3076,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3848 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Video Capture" --field-trial-handle=3156,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3996 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Data Decoder Service" --field-trial-handle=3400,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4496 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4548,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4636 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Profile Importer" --field-trial-handle=4928,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4940 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6392 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x28c,0x290,0x294,0x268,0x298,0x7ff6308604b8,0x7ff6308604c4,0x7ff6308604d0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5548,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5564 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5576,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5724 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4788,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3988,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,14804192603041103517,6434385149501894035,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3052 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Windows Utilities" --field-trial-handle=3832,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=6028 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-id=5DBBBF7E-4E81-491E-ABFE-C75C06D52638 --brand-id=int --process-name="Windows Utilities" --field-trial-handle=6024,i,3629609464584658070,15873417881824430150,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4176 --brver=24.10.1.598 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 51.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 5.255.255.77:443 | yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | 77.255.255.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| US | 8.8.8.8:53 | 119.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api.uxfeedback.yandex.net | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 159.250.250.87.in-addr.arpa | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 12.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.11.19.2.in-addr.arpa | udp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 25.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-03.cdn.yandex.net | udp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 141.192.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 104.200.45.5.in-addr.arpa | udp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 144.192.45.5.in-addr.arpa | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams22.cdn.yandex.net | udp |
| NL | 5.45.247.27:443 | cachev2-ams22.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 27.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 52.247.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| RU | 5.45.205.245:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 27.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| RU | 213.180.204.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| US | 8.8.8.8:53 | 8.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.192.45.5.in-addr.arpa | udp |
| RU | 87.250.251.20:443 | neuro.translate.yandex.ru | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| US | 8.8.8.8:53 | 232.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| RU | 77.88.55.242:443 | tcp | |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 242.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 217.131.154.178.in-addr.arpa | udp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| RU | 87.250.247.183:443 | tcp | |
| RU | 93.158.134.36:443 | tcp | |
| US | 8.8.8.8:53 | 183.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.134.158.93.in-addr.arpa | udp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 235.17.178.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | b3b2e906fb3fabe2a034d2892d852f8b |
| SHA1 | b96b4f4bbeb16535dc00f0c0a6b90ac2c63599ec |
| SHA256 | 9eeed36fee1da26ea6f8763e57e0e80881ed58d10ee7d66c98653e8c18a72f6c |
| SHA512 | 5e60e7934684dd62af52512a64236df0010bea88a2bd67b2f9c2532da72c178538dae8681f2a403b46f936dfe60a331639a7c2ffa04366ecad58f9d8a010801c |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 9552bd0ce6b3a9a1d6147406668ca8e9 |
| SHA1 | 88c1721b0f65932a8a99157afc7d945c1207d9ed |
| SHA256 | 0cd6b688a07a306ea44641be2b5660aad0a5eb34f839582b798c4ebfa4435713 |
| SHA512 | 125590419ea2330a29e47881d39c7a512dd5de0a1f2db7cbe42fbd4a695eb994643fa2dbc7b2f08e65d1010a66d79c36b93707697c9c4ea30885acde270aaedb |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | c6aa6d2c8bc5b36a2880b3a65ef3f330 |
| SHA1 | b8ddccf3e4e08732ab32cc887f0e5b5da4aceb84 |
| SHA256 | 2135777ff8e14918b9a5b37ee081bb55e22c91863961ef578952539f81035ef1 |
| SHA512 | f0453594e0bb56ebf3693fc270a24c0e1206947933b8719d8de566460559f389e21a9bdcce54c640c145551ff3ab4bfa4927892e277c3e1e5ce38d816295dfd7 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ee1ed278407475ac1bc49f8a8e2815f6 |
| SHA1 | dfd7d485ab57e18f832accbf318c562acd66db5c |
| SHA256 | 1489b3a89898203cefe195f5687dfbbef4f9bd6b03954189fad38ed93863cde2 |
| SHA512 | 3921a7547efde6ce633e0e54c40b45c48c887f867c1e6b106520a6179beee3e1891ce4e85b5f3d87f2ad7408b5eafdd1902f647ad7b782a6f936c4f23d2b992a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 61cef8e38cd95bf003f5fdd1dc37dae1 |
| SHA1 | 11f2f79ecb349344c143eea9a0fed41891a3467f |
| SHA256 | ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e |
| SHA512 | 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0a9dc42e4013fc47438e96d24beb8eff |
| SHA1 | 806ab26d7eae031a58484188a7eb1adab06457fc |
| SHA256 | 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151 |
| SHA512 | 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f |
\??\pipe\LOCAL\crashpad_3108_ZQWTPFAHBRXCROMC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aa98e21c3d99355a5393533cd6563161 |
| SHA1 | 12247c1b0364787597599fc481a49028969dc566 |
| SHA256 | a8e959752240109e2340945421a9fc0e901a5fa3d143a290c06954d64a517dae |
| SHA512 | 890b8bf3e2fe0f1caa85fba956655a2c842db39cadc3fea865eb9daa47ea39296ca1266988fed7d14973b4efceabced5c845c00f6458bd45fc1e22bb3005de87 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 5cb5f62467f03dd71cef466441ceefe0 |
| SHA1 | 63ad937c69f5041645c7761bc658fcbc3be12d69 |
| SHA256 | c1b4658777e80166fb0e41fe8f788fd05875b1801077f388a30d7490c9279692 |
| SHA512 | ac4779cb5482efe9cace6006a10f777021b7b94345664780e3a0df06f091a5e753c2f10f1e29f82d6703319b654ad60084744059c6202258181483465b292aa1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | ed93418bad7b9e116ea0163c40ee77c7 |
| SHA1 | 0bc029dc9502743101ddf9bab537da7df54c9e00 |
| SHA256 | 1e1b1b5f5789d2544025795285c39d38e46a15a2c5e0c481602d90345df45cf7 |
| SHA512 | ce57a26801d423933827d30a508cd80a5dc93dbf18ae4f5abddc7fc6354941e0a270718963497c7c7fbd5c9bbfc565dc484e1a5d08200fb0595d843b4bbd833c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | c4f99d09011bbb73a5ee36ea2363a07c |
| SHA1 | 4eab35cea2c021dea32e69d735b644e2b49e62df |
| SHA256 | 195441acde9afb777e0b642c9ea8569d372553ba87f6038c34aac9e1569a0967 |
| SHA512 | 9f1fe2ef922592ca99173d0a0d7d130ffec90ae7d101801ea9b410e27c8474e95e81767baec9ca53cfec1917c57c83b1a7ac0ae4fb38cd18b14a6485fbee37a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | b20a2d2b881b6b0894850cc97d4ff2bb |
| SHA1 | c2740c7cc1abb613ca67c584790c6a0f0dcff27f |
| SHA256 | 40b95cf0a84813cdb7555af0ca2a2513e350aecc1120b12898df45fdc53ad8b4 |
| SHA512 | f5f7ff0fe457ec29b8a68ea4287ce863ae3a4d3225d324d524a299ab371121ecdfa5c7c3352e3f89edd309419cdd91263dc2f6327be8c9d2876388fbffd75b83 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | d0f45938e1a76b6cd151c2a029f2f6c8 |
| SHA1 | ef87a5085f85c49c9e95ca7aaa59c00f412dfc41 |
| SHA256 | 6d08606266f809e74e513063b593a02692eca7b1c7f1f9ebfd0bf39d9615974a |
| SHA512 | 661ce46189dccf047b811a556e85ebf232ab37158859eeae35a279b3808743aba7b7d9eb98ce4ded53e6095904d5a9ab9ebffc1eb64301e81b62f1baaf1201f7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | ffb66c88c2d6b84524ef78e5773beb92 |
| SHA1 | 8599e701a2f1a942f0ac156e19c616434cd908c9 |
| SHA256 | b92d0d76ed25becc2aa4397afe84dc7e2770b24aeba463d6302c53d28f851e32 |
| SHA512 | 281112f1ddb23ac2cbff946a1687ce6f1b6ea6e57e39d5f4e8b73f8a56cda57e7c608d5a4ad81b587193867e88843cbc67d7de01f378be0cd2514b20a51efc8f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 43d4366ab60f1fd5c5a3961cabce6a57 |
| SHA1 | 5d553a52f88a9e3a535aacef6fd7227385462901 |
| SHA256 | 7ecd6d28606be6744bd5903ffd20c35fe25f927caa5d89b6c4fc4f8cb3d661bf |
| SHA512 | bf65a24956fd8391350a8cfba37dd030490f79d86fd609bc87619b453dfaa0e7e8421f33791b6ae19b7005a03e59abb6b2c79df6ebc08a7411f24f2afcc4df0a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 61ff8809c54f61d39d3a3b7775ee70e5 |
| SHA1 | 7a6f6ed461041bd121338dad5c480d26a8c23e9c |
| SHA256 | f0dca7754074176c7e68812a82bb70a36d3394c94314d486e4fc1b16741350b4 |
| SHA512 | c821150eeb89d6428d84144279f078f64bede58224f848973774c8308c733f0caa711c6f0a13bb1d6e121afd566a0d470e9b946d61401aa2adfc429e72cb3967 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 8b0d3731995a4558a09f4172f54eed4b |
| SHA1 | c1838151113cd706ce5ce92db00f725b1b2ebeef |
| SHA256 | 14f5dcf1d130f769eb1f1f0f1ad6dbb2f06637db188e51eaa17958ecf90621c3 |
| SHA512 | 29f7f1bd75f1fdddf976ef92319bc4a16f38b789f3e8d01c5d048fba29be77c7be5a225671a5b745dade20cf43db54c9371ad5878747ad5d9956f6171212f01e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e8d7fcfb4390a57d04ff6dbf41efdc11 |
| SHA1 | 84b923f178d3d5109a0bc12aaa7a8df54c9deddf |
| SHA256 | 8e44598c4ac30ef1a4d00aa62cc2e11c4a1e14665a64ff08e1f7921b16996b9e |
| SHA512 | 192ab9b68c2a182c57854eeab4be973213a577c93d29260d2464ea1f35ba7c4b5e35d622dfdc4d99d2f1c45efd107c97eeb6e4b8ffc2c20903afe94fe9eaa7c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 273299dfb2ce39e2ab259f57b5dd28b6 |
| SHA1 | 27e1fc62bd8aff54cc0eb1a77b2b36ef7de92d34 |
| SHA256 | 484735112fe0977d14ed755d52ced017a181c50da003fe6fbc007a3fbcfb236c |
| SHA512 | e9e83695b4972c08e06f8d01da59654589d606d1dd95c727bf48064d4fba2faf6b26e2b7020113b038d1c80b00689abe226958dbc0ee6d6c6d9a2294522e9663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f52474223366ac8d88c001c0c20548b |
| SHA1 | f5cc3303e402925b8be3308acdbdc2fdf1b4b2ff |
| SHA256 | 1129d7a9028e46f912c8c1a8558342fd8bd4aed95d303ba6d77d5e5daedc6650 |
| SHA512 | 6c232e0b685155538c7ad5690e583082526343bfe756a5b222bc6f051632d8c23c8bd5fe89f8c4ebc24996004abf2c631604ef930fe0a1cde1c798314c335fe0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a50fb8da6c75fecf7f2ec4c7fafcad3 |
| SHA1 | 476a7fe791618f6475dac69bd6dfb25e3c0235cf |
| SHA256 | 52399c56780451fa715bfdd35d8687bb61283905011c1342f4807e72b20ad5a5 |
| SHA512 | 1ff524479cb1819266eb97c84e226418fed675d50540d022b5ee3ded79e50566092bf4628d75e12fc5c2c064a08972ec1ca85861cf878a62946202314751d0e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586184.TMP
| MD5 | f5eedee73756fad575730deb0c8e736d |
| SHA1 | f410d5a247e268245e83dc5f5ce39ee841dff8a5 |
| SHA256 | 7e5dddcf4266318f1f00dade053ea64a5ac4a37eca232ca3cc95e2f3122c5dfc |
| SHA512 | 84675b3fd182b8a923427f83445368d73680f1bfe9928074b73d6c9a6a3f3266a7c3570a555fcea17131ec66541ee7de4547042d9ccc2944711888c3f8a551bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa58fceba82ad56635b00811f67fa133 |
| SHA1 | e67344dfe5b5c5bbe0e6705a9064d89298bdd1ea |
| SHA256 | 62ed96857b685f7936e195270da5e5b8d478d517e4f72c0d2c569e7a4eedb88c |
| SHA512 | d7fd211f14bb37511f9f77984e0011b69b2fa88e220da8f33a0c9fcc5e2ce5f6d95e863adb433b5dfd96b5215769497e05fe44a9bee8cce83f4cb869067b7815 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 1bd65f8611d788e94e41f3baba498d34 |
| SHA1 | 59a597ce639eccdbb19b2a7cab099d3603154713 |
| SHA256 | dca3aadcc6bd2319e114215c4630a6504c7bda9f5311d2dd97782f0349e256c1 |
| SHA512 | 1c2234f579a496c60c610f2ccb6de784cf79eccad4981231526b093260dfdb0917450917ecf197029fcf48d2e2c1a483b6cd58f1a214da37ad9c97c6235f1397 |
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\setup.exe
| MD5 | 85d846823c88a1bb8836cfd8907320cf |
| SHA1 | 6d9b5bd3edb701f1403f7f65ba83ba493a106192 |
| SHA256 | 3e9b0d73bec058270f9e233b57f13c276f054e1be5da5a5a6c26a510cf3a15f9 |
| SHA512 | 6a043c9e594b77d45532244735a334541bfb3ce379159ede9d44e4d40ce2d77e68c632e044b1ab02216eb34801bae99fe1439a9c86c89320d0c3dcb9db65f272 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 3586905f5e3af3c5d82e582cf7bb408a |
| SHA1 | d9455549aaf38e06ebaef9a8871ea1f5bf7e6d86 |
| SHA256 | f119b58c9b8935652a9bc476f507defad189bb67c785c4504276e7e5e353cc8e |
| SHA512 | 17336dc37891544ac55199d0e4bb9241598d4e28736c91f1f843a1abb06de40dff90ec7cca55ff1e3c5ec366045e18002d71b022025ea91a64a70690fecd8167 |
C:\Program Files\yandex_browser_installer.log
| MD5 | 0cfe6f96b76350a26dbffba469432f45 |
| SHA1 | 1aa40bfa0c03665cb78a813b8d908abf26ede2bc |
| SHA256 | fb002f7ce6eba5a151ba71477e9b6bbc1dd159cc5235e0f05d5bb0729b1a04e6 |
| SHA512 | 432558799233ecd6bb07eb9b5bd4dd753460a0830b9f166fdeb129fc606ae3103a7cbd1f12a55b32036ba7ebb2c8617f50f9b9ac7433dca5e47f497842eae7a4 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 53e4e919cc579e1ceb861bc536ef7867 |
| SHA1 | 0b6b4543e3817acd369d8b7c028a689e99438e3d |
| SHA256 | 895707209a983dd1e98c35367cb3fa1710e9c3fbc113fce35f21d55483343850 |
| SHA512 | d24c43c90893a89c81489be01c55030d619a1641005d3798e7825c3dd4b8ee7bd1ebc5d2cd40d464082acf38991e99940b27022efb1157105d59400cb199f6c0 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | dfa737ac9665c5c43bbd35ccd020488a |
| SHA1 | 5d5c9e3c877355fe41157d2058395ada293ad1f0 |
| SHA256 | ce44a2717e329671135391d477c95ccd325e7f401478fb566048d45393cf2282 |
| SHA512 | 2eac61fc87abcd6c692531ee8fcdedfc8db9e87b7c5032d1b5fb60ef8f0f431974719520aeb2c13525cca66ef2a63845ff576fefd27534c2ec6de1aeb106b028 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 23aa02cb25d6a535f578584f2318ca22 |
| SHA1 | 3e10a03b8fd5f0ed39ae128304d25f9fdb00d705 |
| SHA256 | 2f896753a7e1998fb490b7f43d58e9cf3e53d480c2214f25b94a47c3b1d38f37 |
| SHA512 | 085a57744b445413951103bc815c4cb9530ca498b3bd6f99e092e1cd9fa5f035e102499819cb0b6f40bbfd72e025855e6aa3bc5f6c8b0941e266a9d1ce3254a5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | a070e417d52371fef353fcc824775fde |
| SHA1 | 07094900838dbd76110e8f12d754acef38f44df1 |
| SHA256 | 24a5adccc337fdb568c00f646d96e7cd9aa87159e94b18ff9d789caf8a22d61a |
| SHA512 | 3919afd6d64ae765254cfa66855133e8f6d4a22a0b4c709f6833a9ae74cb8aa6f5cb9936c7de42a832d8d75a7373349d50571c10d6099a967b430e28ad669716 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1e691ad9b1af93c20f9b256b3af1372a |
| SHA1 | ce9318b5191d798e59c0bda34449da13f161a761 |
| SHA256 | 0e6c9b4dab9390777847a67e0ea0f63be70adc8403db9cc519be25060539fab9 |
| SHA512 | 5b7bc664924ed78b501f6688fa886252fafe48be12b6008a10e53d1f272c5e65ac62f71c9819569e91d539596f41926aa5d620710181184998da06c6870e4b68 |
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\BRAND_COMMON
| MD5 | 9da8a139bf4d5e0776cef62f05bf2407 |
| SHA1 | 90841e68f3c61d8a54fadd0b2ddfa6e373b2c939 |
| SHA256 | f8a69b101323c8a730167620420867e2ad1664904cd4b06ad691db23fc61453f |
| SHA512 | 2a0997ce8ba8046e2748b46d1ec3b9da5bd308eeac88558248e3320aa61efcad0745e8cf1edc10fa8303df2cdea11b9f2210261963212148dc881cfc4cbf6f80 |
C:\Users\Admin\AppData\Local\Temp\YB_EA3E5.tmp\brand_int
| MD5 | 8c167f6e79cac9ead27bbf354f6856d9 |
| SHA1 | b913e37b79cdc47dc9ea02286532becda4d64d0a |
| SHA256 | bc98136f08488fa26b258de3a6456c0365446219448788353ef5eb204e454d82 |
| SHA512 | 6c9e7526cfef7aa23c5bffd961814d5b74a0cd025b71e96dbf90077e5739c075ce10b9a3c48115d364f3a9cb16dfd0e7ed0a82ab436277fc593bdd8c9ebda7da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D
| MD5 | 01e5affe94af39b931ad4963ce10d45c |
| SHA1 | 0061165fec634d34e1b5919f2a9bb6aab04233b0 |
| SHA256 | d99d28be14b635cde5e684ba839cf57a366ac35b72d06d403a81a3d119fb89a3 |
| SHA512 | b9c2d367cdd1e772ccc9f1b67ed481d9f5b69201b2cd4fb69e5f5394ba142803a01a9f889b1260b9968d86fe6a1aa335b0b7e57a5cf750cced62cb880d002a23 |
C:\Windows\Temp\sdwra_5888_351831887\service_update.exe
| MD5 | 8cfe6ee4fa6c0d2916de38c4601ef40d |
| SHA1 | 1d5f29ea1909489cc552c108f92dfa7e1b9022eb |
| SHA256 | a96b4cc2627b0084412910e9e7f965a99c1e19f65d202308dfcd21e0b831b2a7 |
| SHA512 | fd7b1daff2960846a2bb20ae3147a0b6c55bd15e9f35dd6cedd4bc6fd5e6010132b4e6a77eecc89b6248c22e09f749c56a052a2b6ca70de644780f64b26fef5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92
| MD5 | edb0767c39d199858b62776e38406cb5 |
| SHA1 | 39477cee82e65475030c85119c5804b4d4920d90 |
| SHA256 | 8330b9abfb58363f7d139d4def2d390cc50c9a0281ce73ede1b2975de27ae5c4 |
| SHA512 | 7163ea24c472d1ff60636a9e1f7dbb98483cbd0a650bb2bc80584129a378a72ea46f3da8e05b74d071a3b7684a22f3d0934d7b593d51cf94d85d8b81aeec14d4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92
| MD5 | b4b384a47ad87be5f2a5d1decccae8f5 |
| SHA1 | 61466994606176e90cf99e411d24028c21561057 |
| SHA256 | 1f76b2ee00feb60ad0965659b1aad432a732dad7fbfe81f8eabc10a1e9093b2e |
| SHA512 | 29fa2aa6d481543ad38f63a0d5813857d977951cbeaece556153225671dee879ab912089d96f509bc92445a61db7da2a56e1582a81f5c3300976a377de1cbd93 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D
| MD5 | 1d5fe659c2d228ad490a3afc0bf39894 |
| SHA1 | 47a80a2b639c9cca12b3c2b3024fc07e5b24643e |
| SHA256 | d104cff2bc0652165f3c9b39eaca7e123c63a8fe3752e693c188787b07405416 |
| SHA512 | 95ad6052dcb2ceac39378070f0437c108e05789f32299ee177ed3b01c2b666b956b28de18587240e80b0bbfe2629a462df33bf0d30d2d2b0bc2862e9830b3547 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D
| MD5 | 688dc85ae631fbd9ef1e4d044a3b37b3 |
| SHA1 | 933e3a574a928de30ed8e7d4c0aea6e7638ca7a7 |
| SHA256 | c2718f94059de49bf40e29e33d2760b99d19dc10926f0742105ff634479d77aa |
| SHA512 | 7420f11dc881830e490cd03fd0e439c7fbbb544ce9ab94261552142096352a343f21a9f5ff715468664ee9b85b402dba5ea761a5f7908741ae43052e9de40839 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D
| MD5 | ff3ee913eb5497231872ed3d2e001be4 |
| SHA1 | a5dfd039581e06937c88e955844232f0dc9f49b5 |
| SHA256 | 3b7798191dfaec61ef2e73e85a73c1a061ceec9377089a6d4bf2e14461716577 |
| SHA512 | aeafc99e0441b5c668abd664b85bff84b7e42723a90f284e812f10c2f9ae1328f0dae0ef7b092ccaa51f2572534d40d421861de34a02be8b6643f62970a6eb4a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | 330a6b21ca4cf323b696913816836028 |
| SHA1 | 6cd5d2cca64de402336434ee1a24df3cb126c044 |
| SHA256 | df0a638e4b1ea5f56e93ad90bae8de95e349aedde82379c7f2d7d54757c61aa0 |
| SHA512 | 400590788d9ca67a4017be967f77aa9525232f7b37453825211cb9d97c3b3f734349580f91202f43bf0c2defaf526d2031a0ab45c9c45b4a0d63fabadc41c25e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | 45165b06cf549390aea3ff4c6d9a4cd1 |
| SHA1 | 69574e9c5ebe47936ac7a8e2bebad46eb36487cd |
| SHA256 | 8a14817e8c3321209e409941d42ad6b390a81cce8c4d104bad913cfab088ef55 |
| SHA512 | cde1f7c9905ab0210ae29903c6b7d490ca98002b42527cea4034ce90777a31c1c491a8efc1bc06f90df63a8cb4630c9541b640940962c2452e284d215e749996 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | 536950fb90e5082065882ee3131f07ec |
| SHA1 | 2043984f7f3ff62787f10efbf49249a45bfd68ec |
| SHA256 | 94bfff3f2319c4b404665750ecf6168068b1d2775d1273296c90c1ac2e18494e |
| SHA512 | 7ead4cbf20c377fc8f2798564b48eebc6a7e4d4e6bc09705ac0dc3727e51418ec116f9eae12ebb38f9659b9974097eddfd61a6c8d61e4df26641a7c8a7bfe171 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | b260bac2e3a93f53db1ccfe64c015eff |
| SHA1 | 0c6a5d0b884b2beab7b27deb02513400fa198d4f |
| SHA256 | 158d85ef9b9fccfc90cb2e46b3a1e9cdf3e6f2afdc039cfa22a20b3f59e1fe12 |
| SHA512 | d10bc5d8f7eca0e794bb98287a6c15d3ecce136c76f3b254245935297afb0e049777799be71ec39ebe1dc7e1aef4ec1197a29c4a86644de9b6d17ea65687e52e |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 2150e7ebe395e0aec4f2d8ef7471c9a9 |
| SHA1 | db8f6d52f9563561453dcd96fe4a6ae69197fa25 |
| SHA256 | 11e03ac56ff4f7106bab90da354fdf5b027c0c408781fbeba587bee68eb9d758 |
| SHA512 | 7dccb0405917d970267fdc12e5d1c9f1feb12f8e6ee9ffcc2e795b369ee63feffd77736929efb77719ae165f2d46536cc94b8f1689fb8e1918994d6f8a19baa0 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 99b43bc644a0c620adbe2f1fe9cfb3e6 |
| SHA1 | b442e714dfd626e5e7aa0b499026eb6817b2f720 |
| SHA256 | d0d755bfc40f05467e8600eb5e0280a8dab65193ff2c408bd5dc3dc911eef2a7 |
| SHA512 | c0f7b80c9a45682cfc32dbd3cfa077f900b1d199f3d1d116ecf68e43bb77ed39c3719af5e053b81176a9c65a98b8c71cb1e6712fc8e6837ceea45c165e8841ca |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | a0c985e51e7b752518eff4218109029d |
| SHA1 | 4cc5f8669c9ce746ede4cd3839e9f81b39623edf |
| SHA256 | cf1787843decccf291096ad1d619888d90a3640c039ab6a99caba514a307a2b1 |
| SHA512 | 390e9d4228a0930f02798940b86f35ba33ed6fdd2f18b68b162c1e517739e809d810bca7e06bbaff8ac406b57a01edc0c651453db6678b604b9afb985538086b |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 31853d9035ac9f82834ff1bd8653dece |
| SHA1 | e4558ed3041353c085dbf878e5d2047c2a315515 |
| SHA256 | 4f492c3ec63ea1b81ed2ee56ebe253450b72ed2a50e61512c2ffb26313f5ee4c |
| SHA512 | 61b1c0c072085a50421c79467ab2bd6e963d5d5676fb272de4242d9c9893a3da2219dde7984d3bc5fc8f05bba0e6c0af3f9bad2089598092384c33c53e8dbaff |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 51b959a3946440759f43722f87c4f3cd |
| SHA1 | e59cdbf56a40bfdf71f88f10a9083ef442e46ce2 |
| SHA256 | cd2e046213bc427afa0e8fb57b14f69d2630245fd18647382dbacfa84249af48 |
| SHA512 | b62f562cec4c1abd97fd99f468b0f806e9986415a2fad8f1e22987cb4fee34c8fde3de922c5538c532505917bc96012c931f151dfb5f447ebf18d84fa99bf74c |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 39e5be25fae55e0f7f6482372fa2e69d |
| SHA1 | 2d3091c6bd720e2a2b790ca97f3828389e3b20e1 |
| SHA256 | 636b7651780552d5c38407d2e286b3f475d538f911ee7bce786653823b867719 |
| SHA512 | 0197f0d6440c5ea367294c92468781a5eeca47d25fbf48857de96c3603de7ef818ee04b10b2b941e7189dae3ae5aea3cd16354e6d266ff44edd3cb5ee6649ea0 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 706912edbf6cf5cbd333f8e69cafe970 |
| SHA1 | ccfa97320c4496d6f6bb3fc3b22145df6b80f9d5 |
| SHA256 | 354e2a42bb626bcaf533ec17461e8f59de1f4d9f13cc09dfff9c0db6d8daec9d |
| SHA512 | 9b0b5864785bb01be064388fa32f8f6d83571580bf83cd61b20653ffcf7d748799238294467e87b80acea92c464cd833a7bc5da062eb23dd47795ce52bd019fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 4eedf5b0592bc1191a681b1fa9a01d04 |
| SHA1 | 35e16ff9fb343b8b320fd53b82e78427a8b598ea |
| SHA256 | 8af21b5c5ce8355cef9dc007c423c0ffd6faae8354ee017322e9936d96a6f852 |
| SHA512 | 2ce6f622537b966c0d0e07ebcf3c73e996ad8ee1e2fd1cbb2bb8f0fd7e988fac20ce7fb94c790c275c418a2bd8a0c28a1c657d80768d64bff81ec8a4d8a6f629 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\configs\all_zip
| MD5 | 1d71aab097bac538c29bfe8cf5a78326 |
| SHA1 | 65e63399ecd362051bed39b4521e4b6d0d069666 |
| SHA256 | bd1e003c3964da816c6e824caaeb5b18c06299f6783dffffc382b94029f4c5f6 |
| SHA512 | 9450373f3a1d4f0913e13b8c019c2a1dd97211a88dcd3371251ae1e08a9e36b4db9958ef320353fe9bc45725947165f2161fc8e8f00b6eedd806e161f7508315 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 909b09582eadd71cdfd92d615ea70a87 |
| SHA1 | 715f244e8c4b306f26649167a2186a598f65f3df |
| SHA256 | 7bbd3e9581b9990cd48933c7b6ed0a22216db7f3544daf510b4acfadcab0426a |
| SHA512 | 95a6d43d88b88bacc7ad49ea40b1797f28c2fe835f8c5287b13426581088154d952803c8461d6c311520fa3b92ceae4ee9f9328a9e70ceb9b48be639f948cc4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | fda6c7f7660e9be254ef3745b8dcc4c0 |
| SHA1 | 953062beb6ba234633f1de0a6964e7dec3ba2cf0 |
| SHA256 | 29660aabd512c66468f36862bf0087855e4c18bee937e9d1a403d548f0ce1b8c |
| SHA512 | 0b18601b8771071d601c00a8ecb687d807ca4c785c387701f6dff99566fab72227b9af84a17bf9c40a583c2501d3c20cb93681f4a1f6cb0227e4dd5b5a005077 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 4c817e4c2d0ed4b5603e7192da413a6a |
| SHA1 | e70fe2b6c5548273bc00b8863e0752c7bf93ad11 |
| SHA256 | cbbda477eaadbaf9fc385bff50dfaf9af360dd82fd8b345209456d8da580273b |
| SHA512 | 39a4796f25ee166dd8a079b3556b1e50d9e85a1bad8a9229a428a9d160411c7362fdf05db872ff167ce23f7769de582f63155863bd3e06313d49e71841f369ae |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\stop-words-en-US.list
| MD5 | 202e1cc3e24e0a76bb1fd8779ddae5cb |
| SHA1 | 7566a9437663e808740ef75c9a79f414daa6b44d |
| SHA256 | 95984aa8caca82fc5c2ac6721e17206e45f12404567bf05bf397131ab83cef58 |
| SHA512 | dba1d7714da25c670cef62d22638ba759add34e26e69666973e26b7e7542b7c04d3694bb0f22ec2b7f89a33e48b3546507a108a385ba5945e0d293f501511717 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\abstract\light_preview.jpg
| MD5 | 9f6a43a5a7a5c4c7c7f9768249cbcb63 |
| SHA1 | 36043c3244d9f76f27d2ff2d4c91c20b35e4452a |
| SHA256 | add61971c87104187ae89e50cec62a196d6f8908315e85e76e16983539fba04b |
| SHA512 | 56d7bd72c8a380099309c36912513bcafbe1970830b000a1b89256aae20137c88e1e281f2455bb381ab120d682d6853d1ef05d8c57dd68a81a24b7a2a8d61387 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\abstract\light.jpg
| MD5 | 3bf3da7f6d26223edf5567ee9343cd57 |
| SHA1 | 50b8deaf89c88e23ef59edbb972c233df53498a2 |
| SHA256 | 2e6f376222299f8142ff330e457867bad3300b21d96daec53579bf011629b896 |
| SHA512 | fef8e951c6cf5cec82dbeafd306de3ad46fd0d90e3f41dcea2a6046c95ab1ae39bf8a6e4a696580246c11330d712d4e6e8757ba24bbf180eec1e98a4aec1583b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\wallpaper.json
| MD5 | 662f166f95f39486f7400fdc16625caa |
| SHA1 | 6b6081a0d3aa322163034c1d99f1db0566bfc838 |
| SHA256 | 4cd690fb8ed5cd733a9c84d80d20d173496617e8dde6fca19e8a430517349ed5 |
| SHA512 | 360a175c5e72ff8d2a01ee4e0f365237bbd725b695139ea54afc905e9e57686c5db8864b5abf31373a9cb475adcbdb3db292daf0a53c6eb643a5d61b868ad39b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 8a2f19a330d46083231ef031eb5a3749 |
| SHA1 | 81114f2e7bf2e9b13e177f5159129c3303571938 |
| SHA256 | 2cc83bc391587b7fe5ddd387506c3f51840b806f547d203ccd90487753b782f1 |
| SHA512 | 635828e7b6044eeede08e3d2bb2e68bc0dbbe9e14691a9fb6e2bc9a2ac96526d8b39c8e22918ff2d944fb07b2531077f8febd43028be8213aa2fad858b6ee116 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\flowers\wallpaper.json
| MD5 | 4938bc67f6e2d6e8faeb7ba9ca8dbc69 |
| SHA1 | 7600cfbe9d5e6be6a12642670107857abe36e383 |
| SHA256 | 3bdb98cfc0379426a56ac7813f4bdd4787bea9ee8a65b7914e62226e584ac977 |
| SHA512 | 27b680deb837cf7831c2d865f210fa1321fe5a2ee885be1dc058916ae0fa0e6fcf9c9f9de4ee86806dd3ab271c47f79ab621741664b8bdce7be117ff52ef6c85 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\meadow\wallpaper.json
| MD5 | f3673bcc0e12e88f500ed9a94b61c88c |
| SHA1 | e96e2b2b5c9de451d76742f04cc8a74b5d9a11c0 |
| SHA256 | c6581e9f59646e0a51a3194798ec994c7c5c99f28897108838aaf4a4e2bda04a |
| SHA512 | 83fb3fe4a3562449a53c13d1c38d5fe9ef1fa55c3006f59b65eace9a6ad4963e768088bc500dbe5266b5979c6ace77874ef11a15a7bd9fabae00ff137e70ecb5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | 2b65eb8cc132df37c4e673ff119fb520 |
| SHA1 | a59f9abf3db2880593962a3064e61660944fa2de |
| SHA256 | ebe9cadad41bd573f4b5d20e3e251410300b1695dfdf8b1f1f1276d0f0f8fa6d |
| SHA512 | c85fe6895453d0c38a1b393307b52d828bad8fa60d1d65bb83ffa3c5e17b71aa13cab60955489198503839ce5a4a6c1bb353752ab107f5e5b97908116c987e52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_dark\neuro_dark_static.jpg
| MD5 | e6f09f71de38ed2262fd859445c97c21 |
| SHA1 | 486d44dae3e9623273c6aca5777891c2b977406f |
| SHA256 | a274d201df6c2e612b7fa5622327fd1c7ad6363f69a4e5ca376081b8e1346b86 |
| SHA512 | f6060b78c02e4028ac6903b820054db784b4e63c255bfbdc2c0db0d5a6abc17ff0cb50c82e589746491e8a0ea34fd076628bbcf0e75fa98b4647335417f6c1b7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_dark\neuro_dark_preview.jpg
| MD5 | 29c69a5650cab81375e6a64e3197a1ea |
| SHA1 | 5a9d17bd18180ef9145e2f7d4b9a2188262417d1 |
| SHA256 | 462614d8d683691842bdfb437f50bfdea3c8e05ad0d5dac05b1012462d8b4f66 |
| SHA512 | 6d287be30edcb553657e68aef0abc7932dc636306afed3d24354f054382852f0064c96bebb7ae12315e84aab1f0fd176672f07b0a6b8901f60141b1042b8d0be |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_light\neuro_light_static.jpg
| MD5 | 9c71dbde6af8a753ba1d0d238b2b9185 |
| SHA1 | 4d3491fa6b0e26b1924b3c49090f03bdb225d915 |
| SHA256 | 111f666d5d5c3ffbcb774403df5267d2fd816bdf197212af3ac7981c54721d2e |
| SHA512 | 9529a573013038614cd016a885af09a5a06f4d201205258a87a5008676746c4082d1c4a52341d73f7c32c47135763de6d8f86760a3d904336f4661e65934077e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_light\neuro_light_preview.jpg
| MD5 | d72d6a270b910e1e983aa29609a18a21 |
| SHA1 | f1f8c4a01d0125fea1030e0cf3366e99a3868184 |
| SHA256 | 031f129cb5bab4909e156202f195a95fa571949faa33e64fe5ff7a6f3ee3c6b3 |
| SHA512 | 96151c80aac20dbad5021386e23132b5c91159355b49b0235a82ca7d3f75312cfea9a2158479ebc99878728598b7316b413b517b681486105538bbeb7490b9c2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\peak\wallpaper.json
| MD5 | f0ac84f70f003c4e4aff7cccb902e7c6 |
| SHA1 | 2d3267ff12a1a823664203ed766d0a833f25ad93 |
| SHA256 | e491962b42c3f97649afec56ad4ea78fd49845ceb15f36edddd08d9e43698658 |
| SHA512 | 75e048c1d1db6618ead9b1285846922c16a46ee138a511e21235342a5a6452c467b906578bdd4a56e7b9e0a26535df6fb6319ae1cae238055887b48963fa6ed6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 5f18d6878646091047fec1e62c4708b7 |
| SHA1 | 3f906f68b22a291a3b9f7528517d664a65c85cda |
| SHA256 | bcfea0bebf30ee9744821a61fcce6df0222c1a266e0995b9a8cfbb9156eeeefd |
| SHA512 | 893b2077a4abaa2fe89676c89f5e428ccd2420177268159395b5568824dd3fe08bea8a8b2f828c6c9297b19e0f8e3a1b7899315c0b07f4b61fc86ce94301518b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea\wallpaper.json
| MD5 | 92e86315b9949404698d81b2c21c0c96 |
| SHA1 | 4e3fb8ecf2a5c15141bb324ada92c5c004fb5c93 |
| SHA256 | c2bb1e5d842c7e5b1b318f6eb7fe1ce24a8209661ddd5a83ab051217ca7c3f65 |
| SHA512 | 2834b1ef7bb70b2d24c4fedef87cd32c6e8f401d8ee5f3852808f6a557724ce036c31a71298cd0ed601cde4be59ec4042542351c63c4e0ac3d31419f79240956 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\stars\wallpaper.json
| MD5 | 9660de31cea1128f4e85a0131b7a2729 |
| SHA1 | a09727acb85585a1573db16fa8e056e97264362f |
| SHA256 | d1bef520c71c7222956d25335e3ba2ea367d19e6c821fb96c8112e5871576294 |
| SHA512 | 4cb80766c8e3c77dfb5ca7af515939e745280aa695eca36e1f0a83fb795b2b3ef406472f990a82c727cea42d1b4ef44a0d34a7f4f23e362f2992dbff2527798b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\web\wallpaper.json
| MD5 | e4bd3916c45272db9b4a67a61c10b7c0 |
| SHA1 | 8bafa0f39ace9da47c59b705de0edb5bca56730c |
| SHA256 | 7fdddc908bd2f95411dcc4781b615d5da3b5ab68e8e5a0e2b3d2d25d713f0e01 |
| SHA512 | 4045e262a0808225c37711b361837070d0aeb5d65a32b5d514cc6f3c86962ba68f7d108bf4d81aa3bf645789d0753029a72c1ce34688a6d7af15f3e854c73f07 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_UA_
| MD5 | 1af7c65a09f5b23c8919656a631580db |
| SHA1 | c9dca1523cc25f50bdd8d5ce2d354abb40cf6e5c |
| SHA256 | 71f09d4dc7592990580ad74d2f5262c29f98f72e11319daccdbcd1f095cec3f0 |
| SHA512 | f39f7490857186663577af939c802757ba35a8b15fd0d7acc9786779f5cd2e179dc41d5b89695abaeaf1b6acc9d20b5754e6201f2ffe55c393e8fedb3ac24eb6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_TR_
| MD5 | 9aac83dab47ce1228e8819cdcf1cceb4 |
| SHA1 | c3d60af194dc7be089ea62750ecedbb6e5fa16fe |
| SHA256 | 199b7586e0d25718342e3657eedbe81d20968759af4a8a63b04eb9ac6ee56d5f |
| SHA512 | 3cf47d3c13c752222a34a94896c005db96927c2d5d4c132655bd7a84bfb9607a0feeccefbfae8e98467cd8642c31d843bba4c6293007ef071d91e7dcfc8bf1b3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_RU_
| MD5 | fbd7c40aa538b758a4588a07e88ac57c |
| SHA1 | af30b54822bbd0674cb1ea9a51be19b7a78d43b4 |
| SHA256 | 4ff2f383821f2e77878e4e624aadda8d4fc942e54803c69747da41c9988919c8 |
| SHA512 | bb183fe4b7f197bcf1ef72b5095cf41065f288c1426b006a6b99873969592825b623eeec51642a98fa783f6d7817766747a3f1209c8344559d21614f12c58448 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_PT_
| MD5 | 0dde45f225a4290e59bfb55c80d4a51c |
| SHA1 | 3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e |
| SHA256 | 8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40 |
| SHA512 | d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_KZ_
| MD5 | 7a9698fd54deaf12679dfa246adf5b60 |
| SHA1 | e824691b404a9aafe617c9c88e2063aaa08794bb |
| SHA256 | 8ff43d0de20a9e37107bd6428d6ac41843fe4f8261b00b8cea5792b72e365122 |
| SHA512 | 805d72d8ade2e2018e7dba83bfdc292b3cdc4dff9746e717d74f5955466e55f67f8d03076bf1a6c5f8be37e77f8aaf855044b8b28a0e7f39580dad009fea4e8c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_JP_
| MD5 | eb6d55790b6164b73e275c2401ad0550 |
| SHA1 | 5c47d0c866925eb05a4b59986921ed60f8a612c4 |
| SHA256 | 61f5b2ef85394c0034cfb05b650d7f4d9d79ffa87f2f6448566929f27a11411f |
| SHA512 | 0d4915979764f168b320e5152adfc18b186c5c966a3d42ba02c81bd5041386e08a89c818aa79d1c76304a3c9a3971982d5c97fc0493f19c1f283a64317acf9f3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_IT_
| MD5 | da963f528183e2c335b3523c5b5e667f |
| SHA1 | 1b63bc824508cc978916ad6ace199d8058ef53dc |
| SHA256 | bdc01e40b4ac8d262d616d31bef7d8bd2784c918ec9ea76e2be929bfb554585e |
| SHA512 | 8e1dca38a869a00bf7eb86b4173850631b1085068da2b49a184ef68029e03b8fe1906d8d0df2f6a5457905570b6dad57191a8175d6581a50092d531bda672e73 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_ID_
| MD5 | 2271cc49e222c5fd558572fe9d7808b0 |
| SHA1 | 6dbcf76e96e67434b8b9f294a61d1185afd9cbba |
| SHA256 | 8a4d261a6344c0eca555038eab21dd54d68c3cfbbe6eb11e7792c33f12537d03 |
| SHA512 | f3c5b9480dda3b8d7d7c36e5b2d4084c776ddd92d3a1e8086b9bb447486060ba07fb3d7ad9c8a15421d19b82b4e61f60057e94da726e5c8a7362438fa8b1961d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_GB_
| MD5 | efda29551136fcc4de2ab4092ff02e21 |
| SHA1 | a911fb873c1221efd99e9ca330435788aea01a75 |
| SHA256 | c491c7db179d23b53ec7f378f280d971d7b96d738187c1377fed5bc8c89a652c |
| SHA512 | e650b8b567dc658720cf74d8eb5cb6d51b4685f208232b9510a6b8739f8caa7f1d5e5e7b20a98b0b856ee56dce86cdae3eb7cf1b83974cb473011253a0af5c25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_ES_
| MD5 | 1c5d71e5a413ad550a08fe785f11d94c |
| SHA1 | 6c90db1ac6f5aa58202ee350f4e53ae3971be2bb |
| SHA256 | e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643 |
| SHA512 | 5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_CN_
| MD5 | f2826b7f3232265257d6efad0c443d21 |
| SHA1 | 9da0d12745e199ac3f30f92c672b4dc97f35c75c |
| SHA256 | cfb1791b0a72d00fde5675da5c041fc2de53123b5f5b2b2129237404eb8ba482 |
| SHA512 | 4a8ac9dda75df8016e9b367b5d76afbab7f4f7f6fdcfe7f36d6273b7709fb992c377d21954a3665c234f84f640342b90161965e5dd09942ff8fbeaa8cccf7b8d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_CA_
| MD5 | f8495a109372348b2f3aa8fd41fac4f7 |
| SHA1 | 77c42c500e5a0889ad83d7693c6988b091a45012 |
| SHA256 | 3b5a77e2a5d9bd96d68ae95981d82aab133fca44110622fcf5ee7e12dd667ebd |
| SHA512 | 19126463e599d7a41a7b1815ca8176a7aac922ef39807c262ae15671bb49c0244e884094b361a20554c08e0aae028155d6608f080fd0d72ee12d36185ea203a2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_BR_
| MD5 | 6a8fa7f8a6893d052627cd428d1e3237 |
| SHA1 | 81422d8c739a136967a6bf77167bda1afee1280c |
| SHA256 | 71e8cdfe763f3479b399ffdb8dacd136e118c52b9d980e75e97a41e592cd258c |
| SHA512 | 86bf094a4b2d7d13ac1d9d872458ca88cadca6744a638173e0425f4eba5ff624343de2c9b9ef38502174847e0b4f00ce768c7fafdf8e7f8a9ad1d1c2fb308d42 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo
| MD5 | b8aca2f09f3c9ecbd1c848007c3fd8b6 |
| SHA1 | e81fc8e2512026f9df9a661529a1e7a9ce0b2ba3 |
| SHA256 | a3b688dbadf99ba57652809adf074bb6e441895d0035983fae33912128fdb7cc |
| SHA512 | df4eae94ee9eee02ce2fb7ced9968d9f644369638ec1ff392a15a28c89e4ec112aef966260be4072681f87145eee1460db1ced15b61798e3955c10eed3454a38 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_DE_
| MD5 | 4757da1b4ddb8085be308d987b150a35 |
| SHA1 | ce3492d4efa7f87e29c6b53aa7e3ac6d9ee95152 |
| SHA256 | 9133f9eca9355387159ecfecc7158796305713c4046445d601eb5ded5fc0d3c3 |
| SHA512 | 025d1e09494ac470f0cdefea6136d928d47f5f795f105603b43f37e43884e2c73da15757dc24f6793760bcc11501a2a4b3832a31f213c6751da20fc866ce9d72 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\brand_config
| MD5 | 61facde1de4ca1ed571f9edf5f09af09 |
| SHA1 | 8b0371af8d36a883b2c2af320d3fb0f34dc9dff3 |
| SHA256 | 0fc8a43e353d856891874f3a8b253d7cd0642643a9836d2ae61361815a3ee2f6 |
| SHA512 | 5034579d7d743d0f18e4d15fd0914d773ac16b52933ce46a484a204b69430426fe94ff399977cb56421b03426ddba85d3d51db5bcedf88f3b030149cf0c8eb05 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json
| MD5 | b35d85a6e29cc9b78da8e71f52ced7f4 |
| SHA1 | 956681ff693af9ca7f6d49b3977e4c6d2777d008 |
| SHA256 | 7c648ce5d11cc18fa508b4545356903f50e4577c405bd70b241c73d06218be33 |
| SHA512 | 8f93bf2a52a08e0bc3c5bf618320025ca558179ff6fa4a3b03b73c8412ba49bf9d2d48b41e23197a14229e00d5c563fb6f1770f6bcd8aec7e0c0ac6769215a3b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | e9699b91c5384e572229b3890f97d346 |
| SHA1 | 5015c6fdd44fb7d7776b2d5571043071cf588129 |
| SHA256 | 5aaefb719a0f48fdafa2720e7a9b2e6b3f2337bdeefc923891126eefb6087b37 |
| SHA512 | c1d058cf7cf6a4c17b54d86ff4221b4d68d33495607db3ccc6c3b980e11418ebf6505309b8cb21f9a9371417da83736137e6d81c52e50c92cc265d897ec929fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe5958b5.TMP
| MD5 | 2dbdcbd7f27ef2120b8cc6eaf01d1386 |
| SHA1 | e27ac35a7e2ce2c9b159031bccb6b984ef4bdfc1 |
| SHA256 | 7cb37b47fefb163a6972d31ba0ff378f89d45605c8fefaf486bd94fcb1894501 |
| SHA512 | 378c45de1835395ea03d473d6aeac3ae61c9549ca508340cb48c67b6726414d3520fefe5e5d9f51ffbf5a076c361e2cbc0eb8beb5e9d02ed5f04ecbf26e8c452 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | e47ee9a93018e2c068d3dee4e2f16515 |
| SHA1 | bbb28ff6df7049633b3450d4e9c69ccb7d5cec00 |
| SHA256 | 6cb4d7abd468911b4c00fdb0e440c31cd32e1666e64812e46820dda82694b390 |
| SHA512 | a5501f63bdcd9e98e86a9a1bef6fdd20ce12faaea6c5995ac5b38c0335069c6c2071baa4147409367e303a945b7444c24dba7dfca238d73811b20225d767eb59 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\a1bc1ba8-81b0-4457-97b6-e59df24166ef.tmp
| MD5 | e21a669e6347a4697fb33b3bd8fc358b |
| SHA1 | 9e593d590e243125802c22a159693b5bc3d55db5 |
| SHA256 | be8ac618c2f5834455574468d68e90eb9a79e0f1df6c6eacd5253934dc83672d |
| SHA512 | e4663388ec61635bbbfca6ec26b1c76de210c787e720d02de868f4c250da4bbb13d927e00988d6ad9e74538cf98decf962157ffd9e65abe05c92255be18c2c3c |
memory/5684-1328-0x00007FFE0C9A0000-0x00007FFE0C9A1000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | d327c623db652cd2a9be691d68f40613 |
| SHA1 | d49d57e8193afe96a08ae317805eea8d04a67b16 |
| SHA256 | 04f28efffb25f20aee4700fa164d4c41f159cef03d65209ff85e02803e37207c |
| SHA512 | 36fdd321a2b08135802b589f44c55e3ec2d7163bd384da71f57e38f22dd5e977aa41eb2202722ae820baa10ac13c87402859db8258236d2bcc5ca0ec509bdeaa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe595990.TMP
| MD5 | 38576e4ad016342c9e4fa37f015cf015 |
| SHA1 | 293f5199224f02e00f1ee073f8942868364f6935 |
| SHA256 | 6d717a7712b43446ab906b795c49d62d5ba93b35c694a4f9c1449b15a25a4f84 |
| SHA512 | 922e0b15e4165081f1d6c88f75b854be77bc1105c4e561c5da58fb23ace1db733b68f7a3e6367d545591ef07ab152b64d23cc669b4083925efea4a40848396f4 |
memory/3164-1344-0x00007FFE0D140000-0x00007FFE0D141000-memory.dmp
memory/3164-1343-0x00007FFE0C1D0000-0x00007FFE0C1D1000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GraphiteDawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\c1d6f69d-6ed6-43c8-8d52-22d40b106bd7.tmp
| MD5 | 54497ce2271deb0e673ec048b44da343 |
| SHA1 | 5f886314234b7aa6a4da5efc937a9d63ed007727 |
| SHA256 | 3dcf052bb8050fa32f28873bb665f63f457799cb9a92549fb2dbea94014f929b |
| SHA512 | d0d77d763b1b12c1b9d7a9a3f2aee4640ed5fb10d828b7c3c2cb051504c2b7b6438309124b934b346a4152c0aca009883d6bda42dc997188b8ca2736ac3419c9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\fe79e290-848a-4b47-b420-b1ce47747931\index-dir\the-real-index
| MD5 | d020774004660b7e20fafef896ec3950 |
| SHA1 | 5cfde7dcc5b330b1d2c417ac8e93003e56d50a62 |
| SHA256 | 7cc9320d0fe9393a86e6df9d205eb9efe31354a45e9d1a033cd316cae0760627 |
| SHA512 | 9917f4fc03e26278bd8665b53d98ca71eb647b9e2f965d063f42eea88b9592c07aa6a76ac1c8ea03dd5b3c5fb921c9ce16ae3b7081c76df5bdd771301ba5c96f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | cc321782e9792c42c51803cb4c2b5867 |
| SHA1 | df06fe1c2fca9fb5e42da138d13de1b003c2432d |
| SHA256 | 95f2d83dee8c9856c9c99c2018d5ce4efdfaf1f6b1e2f6512b6ec538dddd061a |
| SHA512 | a5a2b4b52304045485ea92376a9de255b18deed70e2ae25f75325929faeec94198e0f296a57b450f70c8eff6dd72e9e7e5107f3c3bc5ac978ed14f8e1c8e5709 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe595f8b.TMP
| MD5 | 54643e0d6615f4af01a399e82c984b03 |
| SHA1 | 7207b28d8f0a8c8524490a26b5dc79f3938da7d5 |
| SHA256 | 39f412f40d5f2ee82d975d3979c6bed02f2af7c7aa5f6edb15c7f092eb357c12 |
| SHA512 | baf49c562fcb1655979d8d7ad001c808d88de994a0b63784c9f35ad947be27eb20b1134c92b78d4a04decb698adc9b46031b642a114d8071f23a584e5942c255 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | 917341e151193a3a543e700ef00c21a1 |
| SHA1 | c0c0fa141be882250a10ed289be4adfd842027ca |
| SHA256 | b763d876b1cdbb1ab5bbea6aa1d3cf19b7f3fd2ca07cd9b8168bbda97008f953 |
| SHA512 | 230a06c823d7fd59e56ec5181837fbb786e72da560ed0797fcdd9988ecd0d4aac675b3799171e103f1dea2994f56472014cec1785fe4fc26772afc3b0f841540 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt~RFe596b72.TMP
| MD5 | e862a8b3816b0e32baf7d5279369f0fc |
| SHA1 | b42553fd0b9896db2e8a10d128e600189d7f1197 |
| SHA256 | dcae19b106023f6e0f0a354a4db4c4112b440f657f53175af06e683950eae5ab |
| SHA512 | 1f5f278cb23e21a19dc1ed50c0ec85451f85c1f657097e78c93c9204a716ce6c4fc50993aaaae14fd8c10e3272ba37748fa8eb8663d0ec052480ac5c874c23b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | 2e98b80563a75dadb3a2e179ec2757ac |
| SHA1 | 7c6500159a333370c568a2310f949709af5df692 |
| SHA256 | 684b14831ebd9f63a76659aa51170cb15dda97508261f2bc58be034f75acebfa |
| SHA512 | 6595204bb9ad0548b607872e607fb7b1f9fb43b32a8cf23850c8fd2a295321034d1f53dde8c74c77d439cd414f26079950db67d6bbed1b87ce49254a51025bbe |
memory/1260-2552-0x0000023F28870000-0x0000023F288A0000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | bfdf6c8fe7957093f29c483de6f9df79 |
| SHA1 | 7484f5e09d51eda629e81d33b4bb6b8d298dc7df |
| SHA256 | 694d9383c32959112b4c85baf1a6f9e419c7b0c1f7f7f8b6f86f1b2860b99bfa |
| SHA512 | 36839b3f8f1bed9a0bb670e843a131c3bbab035aaa1626448c6a6c50d5b595ed679a92c211aec57428fc2b25999d743fcd10290f18aed17a1899446f501c28d9 |
memory/5684-2573-0x00000202B46F0000-0x00000202B4720000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f139a09b779b5ad02eceaacf7afc88e7 |
| SHA1 | 2c2211de9515441fceffb4d530d945057000ed39 |
| SHA256 | 0669d58cc09a870abdd48002657102aeac80cf38cd0e0204846015795b254f70 |
| SHA512 | e99aa6dc5e7c29a61707d7e5c697a4b212152c8daa339b19cc5e738ca6e2ecbfd892f28728ae87c8ad387cc985bbc324151a2ec3ea6188e311332fbf51bbb4f8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe59a975.TMP
| MD5 | d66dd18b8e3e0264d4389d49e72d4da6 |
| SHA1 | 76ce2d08b937507b00ed7b3e3399c37a23551a70 |
| SHA256 | fc30ce21239a95ddc09ec76b3a22ea2c9aed99a5d3af49aa30a523b87ece0274 |
| SHA512 | d4e1b1347657d6cd956d2ef44f13417cbb4e7287051174704f310ed1b561d7e2c944da32d0b159285e05bf2d64d2b4eea11324c272e8d25952a281187ed9fbde |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b2694f3d6109b0c3124c4572397ce684 |
| SHA1 | dcd69b20b310e9a742663a53f8822c4a44180862 |
| SHA256 | 49757a6b1ffde96c2baafe3ec0f722cd33fec5d028cd8a787e0aab33f434a0fc |
| SHA512 | 2c434d61a36811dadbfba9f2e9339de8b3d0e80352c3463421b3d42d0eb9018c6d0bfda599bfcac0ce7fa26f44b83a374e00c5f1182008fdb449f3b64905aa7f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b5446597daa0e238a6c7cb9f524e59f2 |
| SHA1 | de2f628306877aa0b02e498e17a1e0d152349572 |
| SHA256 | 8f58168f12b2d0391ebf066e86d065b08acbefd14afa15735f01310d12e99f70 |
| SHA512 | a54405ebfd30e34b3bf47d210c58ec1ff01086901c42d58ecdbe3a4f45950331c1fd85b329e8addc8bc7e9c0295e51afd9f31f8e587626092664188d75260c53 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59b7ec.TMP
| MD5 | a8e252013327574ebe71df1b45d3f689 |
| SHA1 | cb927e8cc3b1a301d9d397bc6355be98ea8b6654 |
| SHA256 | 4bf25857d31bacd935ac01866555eff20ebd8bdb78ce23ea686a0a639f6c0cdd |
| SHA512 | 05622a195814a9ea10ed5625099e1486a6129a1392e4a9543f13362817e3e130d08000944e082f3b2a69943b0ce41f78a304da0b5e28802eca50d436724db0a7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 596a77c60c69dd245375f40db8b96a85 |
| SHA1 | aa1b20d169a1438395377c4ede1fbb8c8165e360 |
| SHA256 | 1da72f0d38eec0473ec2247b1d640d4719e39db0c105974353b5f4e199788a36 |
| SHA512 | 3409b7836c91fa082b9647c71eb527dd61cc90204b9990f62dccf0138c24b77a63968b466e168310ab842fe864d268bc2118d78c3f752064ad3b081bac7d509b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\4bdf31bb-637a-4b27-b1c3-8b9250dd2162\index-dir\the-real-index
| MD5 | cc221c194576af34060c1eb8d732d19b |
| SHA1 | 275876cc7d7bb3436512f73d43cc79673174862a |
| SHA256 | 8036d0984b81a9711a0cfa772d8ba0cc86e227dd63195911755cdcbffa71be75 |
| SHA512 | 48a6f6aa69aff93f3e38f17f5175e1de834af92105d4d2544d26bc5d22818eabae69c98ae6fdd5948d01694618c51db89e496535e3377edd6a5e5776a6c55bf9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\4bdf31bb-637a-4b27-b1c3-8b9250dd2162\index-dir\the-real-index~RFe59bbd4.TMP
| MD5 | ab5a035d47b3f5bdfcfce1e4e5234850 |
| SHA1 | 3d4e47c90b59a0c4beb3b7519f82d683223f6958 |
| SHA256 | c159820d28cacd744f8c9cd301c3b103560931e423329e95ca46b5520cb03639 |
| SHA512 | e8814623fecf82ebde2bf00e90c179154c711a53ecc186c3f3b74783fb1a13419de3c02e2d9cd50817049e47498af8e0fe92042abe30e8fc4fce63a6b79eec7e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\c4e0e40e-e786-47de-955c-a9183c63e8fe\index-dir\the-real-index
| MD5 | b1b46551d3240e2d32f1b4c1d41f1847 |
| SHA1 | 6aac4d0a4e40925d025b0e3f5bc8d0fae732c637 |
| SHA256 | 6206bcee1501a9222d8f64b9b0420c8e4003dbd10ef0a05dcf59205fecf61f8a |
| SHA512 | ccb68284786ef283c73ea31d81017dc9491b2afab7b1c03a91cd6186a25d8254b2758ecf284b311cad49edb71de013cc285246ab9f8fafea65f247e8ec194f73 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\c4e0e40e-e786-47de-955c-a9183c63e8fe\index-dir\the-real-index~RFe59bd1c.TMP
| MD5 | 42275796c41c6d01058c0d70c12ff861 |
| SHA1 | 699904c1ef152cf56d7240a0fdbdde23ec8829b0 |
| SHA256 | dc834b065a92431cf5507426494f62bc8e25fc63662f295640ac2d4761e50b49 |
| SHA512 | 32edad3d79b45c45e1e3b9eef0d561de7c9044781b03a5fa6da47cfb8bff61950efd9fc06ee2f4d36d17e83a85f34b1dff3a7dfc925596730c9793245c98b644 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity~RFe59c087.TMP
| MD5 | 1ef244f7c78662d886bce4f09039b148 |
| SHA1 | 0fa4041471c4b1eee858519552680f4b73f87b64 |
| SHA256 | 1bb11ae99fc7858f1413b0df6f7f15b6cc01013ec29e87b5859f9f10400ca300 |
| SHA512 | b577ac9bf7b0cc83df1d26e0b986d09fe85db0b0d0722f568705304d1587a0cf918b4841be6651390ed8ddb27787721b807ebb35daccae34923ea90c75576726 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 5c90576ebd467eb3e0fc29ebfddab4c9 |
| SHA1 | b62bb2a40c58aa61e3e81ca4c1470b97121bcf37 |
| SHA256 | 2bd0179b3281e6fe5b8b441ef7fad268b657cfd9776cb57671f203404492b8ec |
| SHA512 | 3499094ae6cadd1e1e1ecd6eb84b95be48768e93a29c0d5ee59366531ee7a3d11cc34e63cae190ced7095e119b5d9e539e0c0f9f6267c3ddc94ee563c4cf052b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\eb8c5a2d-cb6a-45bf-b8d8-5b4cb6d9c459\index-dir\the-real-index~RFe59c0b6.TMP
| MD5 | 6031708782076fe622e1b2b060a2480f |
| SHA1 | d971ba5bc7c767a7022769d42050695dba558749 |
| SHA256 | f0e868f63d9ee0ad6fd30eb3abf0a8474e7a414b85bd3fe116015dd5757a4161 |
| SHA512 | 6ac0ee95df093dfc99be965e8b8900b57f28108c87366c1359c3c39a2c6c57638c22f3946ea7d537aa9c5d846f8816a561967e64611682c245b5f4e7c95dcfab |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\eb8c5a2d-cb6a-45bf-b8d8-5b4cb6d9c459\index-dir\the-real-index
| MD5 | 14f8be0ceb8db472f78f163196a21ba2 |
| SHA1 | 1dc03712f77ddd73a07fa1ae119c21c218880d76 |
| SHA256 | 95f120a626e66857ec8a2c424569c22ae7cf392e18357be587c40c3111adb3e1 |
| SHA512 | 7893afae764ca9577fa873573afe85af8a0a63c1ea305a0397ca3cf4067a05f675d22a9b2d31d8e8d42b67e5c95e1627fb60ee9b95995e5343b49550f5723c41 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | c0606658d4d3a7326d5a68752149ff66 |
| SHA1 | 55564869243ba54e006521df7497be5ef05a4daa |
| SHA256 | 80194b4357c4e1fd0cc4bcbf32e1a077d9b02e9d3b9488fab3690d52c7bedd3d |
| SHA512 | 3b9dc354750169295341fdd6a1aea72c85ed2005f6350dd63afb53b3279e97fe816c082a3cfa1a1e24808367e2c66ce2134636f69c6622a12fda74994084a30f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\337b61ec-869e-46c9-8390-e31dab6c64fd\index-dir\the-real-index~RFe59d603.TMP
| MD5 | fbf7c10f1cc401e150ed8c7fec948ec5 |
| SHA1 | 8955430764106aaa424dfc48124244f5bf38e065 |
| SHA256 | 2c6a83d7ccba9a5887f37cbd064c079330588331b0f989897ea39e525d0a251b |
| SHA512 | 06b2908f073d2bd0d3522ed18bfe33b5879486f173549769b663ede449e5023383cb05f2a354d819b2b5fd20f414d09f45f32d2c17fa85918647ccad8c3a5235 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\337b61ec-869e-46c9-8390-e31dab6c64fd\index-dir\the-real-index
| MD5 | 2a9b1a681501777e625a8acd54a1f9f2 |
| SHA1 | 188cb066aace534fc3a0b1082237b5e214ab3ca3 |
| SHA256 | ec519de5e49fcda7a3fd573cb9effd49d89757739f10ecbd46bee9b7d2a97deb |
| SHA512 | 2d8c5acb708cf9b893345dc6bc2403fa732feee0935920313ff4f5ace892ffdeb93a8f2d3e25002bfe7f89c108282181625b51805b4baa3ead2fc72ba63a15e3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\index.txt
| MD5 | 5218370880f4aa4927061bf55926a050 |
| SHA1 | ae7a70c440d12e17f14ec276b7f0adade36ebb24 |
| SHA256 | 9e81fc335eabf73e55dc56512a228d762e5e4d33bbf57880b4a40b3e2d414eef |
| SHA512 | 08dc5e4b8a8268824917846a7cd5774cca85eefd063c59c7550e181eb9c0658895662e0ced1cb49b10fe855131033932ce1e407d39f0ecabb13dc3888a51bfb1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\index.txt~RFe59d632.TMP
| MD5 | 64904c7f69dce5913bb7748b20af1b9a |
| SHA1 | ca9fd58c5ff60f2ca5ce9f96aa1155b8686f176c |
| SHA256 | 96c830cf1f8008476f4c333cd0fce6cbeff6efdfcffbd31b63ca7ccc3da690ad |
| SHA512 | 2bec0c76f51c70ff2157c6a1b98424adce7e2e1ad9ce6cf13945de47ccdf9a5d9119c8982cd5dc0e77a4b4eeefc2df2cf16c2d00b57bd85f43dbb0ba65f1e5dc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 86eb523f270edea70d1edde90d653e8e |
| SHA1 | 71ee2c2a6d25d0a6e7699e87d8d408e2af3da5af |
| SHA256 | ac95e28d2320cc2aa0da9e8f93802f8e5067984a56a74deb81377c53b5716da4 |
| SHA512 | 2109fef8d5a344ed283b3973cc409b908ddf2039f57231d2c0eefd9c86ddea2fa135a474e4f229736ed99a272f8dc258a87bcf10878c5f89359380f0082d781a |