Analysis Overview
SHA256
3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80
Threat Level: Likely malicious
The file 3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Reads user/profile data of web browsers
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Adds Run key to start application
Drops file in System32 directory
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Modifies data under HKEY_USERS
Modifies system certificate store
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-27 22:18
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-27 22:18
Reported
2024-10-27 22:21
Platform
win7-20241010-en
Max time kernel
150s
Max time network
158s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_1440_754407338\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_1440_754407338\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\debug.log | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "91" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000ff348daddb6320dfbe23dfe68aeb912a2d53b1749fe9c74b2be539b7e78c5297000000000e80000000020000200000002884ce3da8535056bb4d63ca9a8de4e471eec720960b6fef2ce99d58beebec7590000000137b8cc980b28b3d27fafbd8de2442a9550f6b1017930d53d42072c2344ecc92e64c5a5c6e9f67c133bc9fbfde678391e7104e52555be36da9a90b1d0c61665deb3a102dc5d5063f0f8584864c7d0e851304c785b14e8101522947c9abdfefe4a7633adfcf836c8c17c89c98604b5bfb65ffe174de502b76e89403230a94e6e4fcca9441de70642e86b8d2b75fe7f72c4000000042d040a2da9b86ae213215cb38c171e2f465c836feffc563e2b4a043270169e935209509aaf54a194e51d1f000533e622e8c6b41328f459841ef618ccc24cc4b | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e061e852be28db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "91" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "91" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "607" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "638" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{7AC250E1-94B1-11EF-8121-F6D98E36DBEF} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004ecf3e4259aa05419b9c0951a15b131900000000020000000000106600000001000020000000b7637e39e9dcefef7b6f3a9498a0265751b5ed210b0e9bec25c1a3865e72e3f0000000000e80000000020000200000004850121bc699b348314a84eab046fd87860b0acaa19cb969e5a7a3087674f01f200000001fcbfcd25873a57800024a629be204313830bbf3f63eb2e967f529364ff3e9004000000039d0b56dfa9b5a13f713eeb9f99e638a3fe5fa070d08b645c067648414ecf11af8463a033ef09b5d6b5248b60a5c049bc202823c83a3c9f65ec853d1ed9898ca | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "436229416" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "638" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "638" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "607" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexWEBP.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexEPUB.LHZZQ35XRN4RHZUWDTFU7RRRMQ\ = "Yandex Browser EPUB Document" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTIFF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexCSS.LHZZQ35XRN4RHZUWDTFU7RRRMQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJPEG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\https\shell\ = "open" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexFB2.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.shtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexINFE.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexHTML.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJPEG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\ = "Yandex Browser JPEG Document" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.infected\OpenWithProgids\YandexINFE.LHZZQ35XRN4RHZUWDTFU7RRRMQ | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexCSS.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTIFF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexBrowser.crx\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexHTML.LHZZQ35XRN4RHZUWDTFU7RRRMQ\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-120" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.fb2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexBrowser.crx | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexGIF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJPEG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexSWF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexPDF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-112" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\yabrowser\shell\ = "open" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTIFF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-119" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\yabrowser\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\http\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexGIF.LHZZQ35XRN4RHZUWDTFU7RRRMQ | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJS.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexSVG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTIFF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexWEBP.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.infected\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.js | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexFB2.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexPDF.LHZZQ35XRN4RHZUWDTFU7RRRMQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexGIF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.crx\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.epub | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexCRX.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexHTML.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexPNG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-113" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexEPUB.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexFB2.LHZZQ35XRN4RHZUWDTFU7RRRMQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexSWF.LHZZQ35XRN4RHZUWDTFU7RRRMQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-118" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexHTML.LHZZQ35XRN4RHZUWDTFU7RRRMQ\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.webm\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\https\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexCRX.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\AppUserModelId = "Yandex.LHZZQ35XRN4RHZUWDTFU7RRRMQ" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexSWF.LHZZQ35XRN4RHZUWDTFU7RRRMQ | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.epub\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.webp | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexFB2.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJS.LHZZQ35XRN4RHZUWDTFU7RRRMQ\ = "Yandex Browser JS Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.pdf | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\.html\ = "YandexHTML.LHZZQ35XRN4RHZUWDTFU7RRRMQ" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexJPEG.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_CLASSES\YandexTXT.LHZZQ35XRN4RHZUWDTFU7RRRMQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe
"C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://yandex.com/legal/browser_agreement/?lang=en
C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe
"C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe" --parent-installer-process-id=2604 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\66510b89-67e0-48e5-96cf-c25e0eec4032.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=360889500 --progress-window=393502 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\f9d2550c-a359-4288-84f1-a028e33290e1.tmp\" --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\cfb68ed1-9e2e-4fa4-8b40-911692d448ef.tmp\" --verbose-logging"
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2032 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\yb7DF6.tmp
"C:\Users\Admin\AppData\Local\Temp\yb7DF6.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\66510b89-67e0-48e5-96cf-c25e0eec4032.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=41 --install-start-time-no-uac=361107900 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=360889500 --progress-window=393502 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f9d2550c-a359-4288-84f1-a028e33290e1.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\cfb68ed1-9e2e-4fa4-8b40-911692d448ef.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\66510b89-67e0-48e5-96cf-c25e0eec4032.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=41 --install-start-time-no-uac=361107900 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=360889500 --progress-window=393502 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f9d2550c-a359-4288-84f1-a028e33290e1.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\cfb68ed1-9e2e-4fa4-8b40-911692d448ef.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\66510b89-67e0-48e5-96cf-c25e0eec4032.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=41 --install-start-time-no-uac=361107900 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=360889500 --progress-window=393502 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f9d2550c-a359-4288-84f1-a028e33290e1.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\cfb68ed1-9e2e-4fa4-8b40-911692d448ef.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=409857400
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=1440 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x158,0x15c,0x160,0x12c,0x164,0x13f7f04b8,0x13f7f04c4,0x13f7f04d0
C:\Windows\TEMP\sdwra_1440_754407338\service_update.exe
"C:\Windows\TEMP\sdwra_1440_754407338\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2744 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x11c,0x120,0x124,0xf0,0x128,0x13f63caf8,0x13f63cb04,0x13f63cb10
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-background-scheduler
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source1440_1031051953\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=393502 --ok-button-pressed-time=360889500 --install-start-time-no-uac=361107900
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=268 --annotation=metrics_client_id=c744882af5554dcd9dfe62199d5a4dd2 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0xd8,0xdc,0xe0,0xac,0xe4,0x7fef59bef88,0x7fef59bef94,0x7fef59befa0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=1756,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1788 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=1740,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=1844 /prefetch:6
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --process-name="Network Service" --field-trial-handle=2156,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2168 --brver=24.10.1.598 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --process-name="Storage Service" --field-trial-handle=2296,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2332 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --process-name="Audio Service" --field-trial-handle=2584,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2380 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --enable-ignition --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=2960,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2972 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --process-name="Data Decoder Service" --field-trial-handle=3400,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3408 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --enable-ignition --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3556,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3568 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=angle --use-angle=swiftshader-webgl --gpu-process-kind=sandboxed --field-trial-handle=1864,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --enable-ignition --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=1920,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2068 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=C5EA8A21-4AB9-4BD0-BE4A-5A81C4BDF805 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --enable-ignition --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3504,i,12277782069851258200,2313075714246569649,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4168 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.243:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams20.cdn.yandex.net | udp |
| NL | 5.45.247.21:443 | cachev2-ams20.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-ams17.cdn.yandex.net | udp |
| NL | 5.45.247.13:443 | cachev2-ams17.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-02.cdn.yandex.net | udp |
| FI | 5.45.192.140:443 | cachev2-kiv-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams18.cdn.yandex.net | udp |
| NL | 5.45.247.18:443 | cachev2-ams18.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams03.cdn.yandex.net | udp |
| NL | 5.45.247.53:443 | cachev2-ams03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 87.250.251.20:443 | neuro.translate.yandex.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 77.88.44.242:443 | tcp | |
| RU | 77.88.21.37:443 | tcp | |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | dbde47edc4504ca4ceb35f43acfede18 |
| SHA1 | 34eff5897ddc7ece8c2c5236dcf5a3bab84b4396 |
| SHA256 | f4d1efe41a2d1e209a11ce657e973007325b30161345f87c1c97165959beeaa6 |
| SHA512 | 9df6876deacb61b7b1c4f9eb547593577e83cfb9fc5f0e87daabebccaa7dfba8bd50e88817f51a9a74a98a39ce2db0cce721111442515e2b6ca9426451d99e71 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | c9740a065bfcdac54ce8d816151ba953 |
| SHA1 | 231e132f02b104e049eca567e8f8c4b3daef3a84 |
| SHA256 | 71ddfd6a32e90037e69f2971d22e442c4f49fa2db92729a9311ae5dfa58637e6 |
| SHA512 | 334077be0019db2176eb1566f18871d179383e3c1188deb13270376165ac49b95cde04812acb9c32f6aa2d6fab0ae3af24d7368215aacf206a3b147f5c94d100 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | c4276cde85f7cf209fce9687bf13d157 |
| SHA1 | 9e2e1b8d13db3c7fcde41fb63bb963cd3bf4fdc4 |
| SHA256 | 90314c43d4684d80a11061a732493c36a2f10f13e0942ae5dd93c7fe59ddc4e7 |
| SHA512 | e15ee3f0dd69d0ba7bb41634414e88eaca7fac4f0e5b1e97bf59c42b538068847dddf3544c5a6439bfe4edc471e3075090fef83f2fcd6bac266cdc7ec4017398 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | da5987e0cb7561c5696286febac4385f |
| SHA1 | c1eb3ca6945fb6ea4034c7644fe59381421efb6c |
| SHA256 | af8310956cb9df4d382b3375c0f9c42a9a2a62efaea33a6e2221f7a7bcb29e02 |
| SHA512 | 31d7906e8183d2c1428c1d8feb4ae6f96f25ef961f1db7334b77d76ded5e94393c9ccc3b14332413e034870bb3b8252d9cba289ea4e645413bf12fcd89e03349 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | b3225d6ff5dc5c850ba03ec4d7b17911 |
| SHA1 | abf2c132803ee60acd1d113c95734857ef8388ff |
| SHA256 | 5ecf90991b38518cd0bbc869d3bd023e7eb0172c510da8babbe02ced6f154cd2 |
| SHA512 | 3300ed012123d14d03320b915071234d32868578fadd0c6ac41de83b9e1153f9327c39379f25a72146f0abe52e9539e30de5f908b1b2d42cd9fc4e69483d7cd3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | b3a50f5cdbbc1412bddec5c13362f70c |
| SHA1 | b4de15a110f9d9fbeb485c7cb01d9a7d7acf8357 |
| SHA256 | 9a56a079e89a16586180a7fbfc7146d69aee8ac6a1e62e9bbb89ac5e603a7774 |
| SHA512 | c1513444c63cbafe2d4fdd1e8951c72f21773419004515f2652a5b9ae89e40585327c53da545cb8a53700f34ede0c92dcb9766efb29cdb66bc69b0da0393f525 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | feaa57f55e0e2858b8d0ad21cea71dcc |
| SHA1 | 943cc5eee9af8bcc55dc1fc35f7ae2aebdb9bcd8 |
| SHA256 | 992ddbed78e47b67af983936642861240c626e379162d51b92a5a5602ebcdbe0 |
| SHA512 | 920542d166cd2eef6af6076f1676518a8fdd656efefffdd02e9e160ab9049e4b8efd90ee08b3b2473079c88d449962a1c9a87521369c62c4843284148d556775 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 92503143624810cb146c058280333015 |
| SHA1 | 436f428df88da2809f12faf918837cf92f5dbbee |
| SHA256 | 2a8099bb289e3fa43bc78d5a55a78b2c4b4d117d86c0ddeffa57bdb651ff5aad |
| SHA512 | c245ce6170880bef6f5972aa4062e021caf637d7e6c769ba7d647ab9cb9119e5783f51c8fb621f7d6b7a6f21f9f6022394781df2b77e4fd6c1754885d6074539 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | be1fbc4cc3edc8562677893f47d85fc8 |
| SHA1 | 6265b9cea568bcf0ad443fb51ebf6a8c21d73551 |
| SHA256 | d29d2c293fe970a9a808247a3007ad876436595adba7ea03476a5999249423d2 |
| SHA512 | d916fa0eb2bee464d104a421fd2b15c1253714276d328d301770c116e885d80c278f8dcd5e7e6d4c3b9de53b74766a902e29c92297dcbc4374211903aef40919 |
C:\Users\Admin\AppData\Local\Temp\Cab9BC3.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | eeb374d5e4629ac7a9ac71502233bfd2 |
| SHA1 | f35164e438dd0e33d5877d185a843b46905c7cfc |
| SHA256 | 824649d9c6239ac9b1fd02e7f8200d65611e165abcb74a8f34dab3d782cde5c0 |
| SHA512 | b47211cb8216f0a7e83df164e06ad1ff0b06f696a4d4d7d7a75452d4bce7185755e5eeb34c4977e2c840b5f1c5545bd860bf76cca2ec3363bf9371b976c22337 |
C:\Users\Admin\AppData\Local\Temp\Tar9BE5.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\81B9B36F9ABC4DA631A4713EE66FAEC6_3127807E14AC026FFAE1EDED5FD0DA62
| MD5 | 08a89799911ad92bc9844f49563e6825 |
| SHA1 | 4c1151294433a4a2614f4179e54c8386821005d2 |
| SHA256 | b5e9d04cfae5a54d7e71ef9a58775072275752ab2ed2d4351a2e0146e8afcfc9 |
| SHA512 | 32de41441cf126c8441d48942ee845186e03b13097a15c6226780992257f5dd189a56ed92c37846d6bd5305c88a7110b2dc9d16e2cacada16769689d97d8cd95 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\81B9B36F9ABC4DA631A4713EE66FAEC6_3127807E14AC026FFAE1EDED5FD0DA62
| MD5 | 449210bc461fda54be09eb1bcc6c8c04 |
| SHA1 | a1ad005afaa3b60c7ee62d426416cf10fb8ebd16 |
| SHA256 | 13056fe2c4fde7ba3436c85598ab2f05841399cb544398028cd8fdd432ced6ec |
| SHA512 | 012c7c801ec915fecd8d90281bc645a841cbc63300cb1878d0319c395132aaed175508948bda6807332e1c9bce9c73e5a055a2f0136a19426cefd28633a38d39 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\OPO9U7LK.txt
| MD5 | 9f854df6af262aacd2b569c7057ba100 |
| SHA1 | 3007733519b0f9e98c3f3643b66191d86f75bdb1 |
| SHA256 | 263bc62ba99586cb818d1eb78199bd05e2089fbebe943867274283fdcf610beb |
| SHA512 | 0dee1f8d504bd1490d2bf32adfdd19a953a3ecf204c4ea76f74f21e5c7cd069e4961dcfbbaf88f553c098444d454b8ed4d35a68a11fb003f928f63a65f3de29a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 706719f21a1381d24f926b0081592f14 |
| SHA1 | 5297657e4a1d5310cb0157e24c55d4ae7d66dc81 |
| SHA256 | 8616db10de0d16ef21b4a88ce8f9ef04156427d1f9a6aaa508f0f07ee72c1b7e |
| SHA512 | e2888a0a1b7d3672598ce318d81b0d51d2f77ebec0a191365a0327560fa831d5712174c5aaa609c47c9b1efc6a901616a35cefca05de498bd8f2fa9399c28ba7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | fede0599f99d998099f9b3e09e30a955 |
| SHA1 | 5db128736c03f1e5cb0c5ba8f3182fa9ed9c06a0 |
| SHA256 | 35a1dfbdcc0bb0168559715e40873dea43b0a0f89d698394bee56f7d7a2489a3 |
| SHA512 | 5ef2f060f981f8c0e9fa1049e590add15bef7a26d79abbb945774d805658aa1be2828bf3b01c61ae730054ec7158a266055abd1ca7072d0a2a45d38fd2939b21 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 3fdad953acb347dead14a0c881ac9f95 |
| SHA1 | cb11d9684dd49ccc6723259b877d7d8a9715af7e |
| SHA256 | f4c1b14856d27ac155f4fe0d85fb4d5e7c37441d009359e27b5a52cea8e68078 |
| SHA512 | aeaece5c5f60265bbaf8d176f1cc95141c741eb15c08aa8167b4efe6fcdbad9499d2959f24cff4609d562f782c4225e817edf6ba6193d318e8cdc8dab8c7158b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 1806051c7bd11084c7f96b4551e200a0 |
| SHA1 | f7b06cf8e663be3abd2088aa33b48c7a7edc2ff0 |
| SHA256 | 589498252f3dba7236201c5771fdca1bda20178731d6aa66796cf1d1dd4f0394 |
| SHA512 | c5fdcefda625bc91d56048da9a320c4a44989c1b2ed292ce6d13497dbb33a43bdb2adc4ca6f9e89b805366c17c9b7ec185ae172b8eba786e8650cc63d07cd7b2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ULO3S8D2\yandex[1].xml
| MD5 | 2e2ded7d4324f54991a8e8a43cc2a4cb |
| SHA1 | 6757c03ffb907faa3d0d94caf90e300f2df48f76 |
| SHA256 | 9bbdab455e7ed323261fe75d446c6fd9ea4028eb13d7a820023cbddb0346e5cb |
| SHA512 | f883e2a03329f6773f2da0bd600f7a941d2de289ee4fbb011e1960bd3be47865fa9e70876ff9ae114f51134619de32d5d66d6c29523fede02e9fa7c870560c01 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\ULO3S8D2\yandex[1].xml
| MD5 | 80fe64c30809ad0e68ce89a419366893 |
| SHA1 | 4a5cac153a988147a371eb889235170d507a4c18 |
| SHA256 | c8bb9d19007e09eda56c4074d13d472e83f79b15595b54fd06252bb2f74b6256 |
| SHA512 | b14945069f215aeb3905196e3fcea2a2a6a9402f11f0c1c2d5216483b7875cbbdaedf66b4a9b8a0e2c4793d29e7b82dcca4e82cf6619bbf7066df46f92a03021 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\melo7gx\imagestore.dat
| MD5 | c2863de5405ad70c360df5361f4affb2 |
| SHA1 | f6665cfbe66b9901496a4f137b2135b79738ce1b |
| SHA256 | fbadb541303d8e0a6479e267aef17d0d89e043ea9957c5a5461943ef5977e408 |
| SHA512 | a0e99e0c702e7384008748ba53aa7871b397ceb52a488d9a5f6a9161ac23d666a0c62626c6a1b038e58e20567634c89836f60841374efcf671836de7e3d1f154 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\favicon[1].ico
| MD5 | 5bd286ded38badeda66e9c395b814405 |
| SHA1 | 49e2213a60c70825b9552505cb8b7334a3a29a40 |
| SHA256 | bdd8486f2d838c7d9b0e2dcfe732a52c92f63879525206c2662905a051dd31ea |
| SHA512 | 96bfc9211f0f1c1c375e49ebcfec9e85280bba64352a4936b95e15d5128e77e9b4d5ba60cbdd76f8e39ce7bf537e8c77fef218e0b24856f28fc34671fcbecd0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e829d09c813a18b43a207cc2dccf236b |
| SHA1 | dd1bab27a3fd3c6b69ae0e07dddf2ff0aee20a17 |
| SHA256 | a4fa1930e3d2e8d2e0abac9352882a01e871fbb98dfe1f7ed28af3a4b283d872 |
| SHA512 | 346333c2fb62ba62fc9b12216950acb2db6b3fb01ce908e15ba162c1531d5790b56931f66d9ac1f6e9f26ab36355da35a6a326701adaf77ef2e060b61a0b51ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a07ac99592bd05931a9cd3a084e835c0 |
| SHA1 | 6f9228c7cf46af816a99b4876cea2982c3f52161 |
| SHA256 | 571e9623ca04f2132793cf8fbe087db59be9f0ee39de0541cf1080b88f465be2 |
| SHA512 | c79f45c718d3cbd80c4aeeb0b0f50af950acd29eadf1058be1cd4a3dfa2f120d4ad29ce7d02941f30e0b540a22fa5c59f0d2b662ef656907ca2255fbcaae6923 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e4b38f13d8748abd9ab35eb743d9a15c |
| SHA1 | 26909169ce4af5af2ec45222bba1a31ba9b4c22e |
| SHA256 | 177f9dccfcd882f7f731dcbeb2ab6e974608256e6b11a26c66e7995f029e14db |
| SHA512 | 3007731f01e573877f8233ddb253315f29200b49b375a91a27874bc071d681cfaf164235798541659843e09b7430f97e91cd94ac68a26ecf9c27fadd1d37858e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b9df4961ae105bea322287a62acf1079 |
| SHA1 | 8350aa4e22ef4fc9e4586c15fa4513434619b324 |
| SHA256 | 95b4e143d15d61891d3b1465fb3e70ee5eb99a9a9093c5d0269ef992a8b9e78e |
| SHA512 | c61f8a2fd40c6bf5baf9df17bb798ea1c3dee0507540c327eb0646c7714a8d4ad06ec7648e6d22d54cbf1a1a050d33f184df079d55671e25e51ab9827ac0610b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d89ed360ff62599e0b5b41ccf57e656c |
| SHA1 | 0a273cacf3d68a2cb3a0f84406383528d0a3863d |
| SHA256 | 13102ad9d840042481d5429050129232aa575ac7e7f55f71fa3a0ed0b64b71d1 |
| SHA512 | 0a38188223fbbe507cbfe45940624490ddd773f5bdae9237cbe4db3153350904f3eea018dae9061635c0ff2538bb9388d30702449a58f6387af59f5573a91260 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | efbde2c46bee0bfe997462e1f5e9959e |
| SHA1 | 920807253c5bd3ea106e8b37616dc3dd86daf2d3 |
| SHA256 | c64c2efad3a367f853646f7ca19d2534d05ce1e82e0fbd822078c6e6a6c06209 |
| SHA512 | 0de2e1d5d305db72239c5cbb6349bccce5166906f6c5118c84be4733f5602059756d419a02e19c4de362a7c04950e4da097e74c153989d44909a5a50ad692557 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7ca85e5f761b02c245090b5fbc51f9d2 |
| SHA1 | 48302c52b29cc97a31d39755bf2ffd858a53e7a6 |
| SHA256 | 5484d36d1f0069dbad3c3759790d6874c6c298193d9fb53d3605ca6a09c5ff3c |
| SHA512 | 28a814f34fdd9c462e47499af85272101f2d8c46ddcea0875bef1a344370b89df0f4d6ff971db5c2220d65bdf490d35c0a2e0889f2ae1b1405335509ad13814f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 95141a4fde8a8826a84024880b8bb960 |
| SHA1 | 16b90b7cc883d6773e40cbdd6945a4aaab8a1470 |
| SHA256 | 3496c98a23f4bef6f84968db9bc41252d46b3c1107db2b1f4d721806ce9b7127 |
| SHA512 | 589ab46467e46232f4c82b4ff9e0aee92f47f5f14f766ea9845e39be936e7967768661eef579838501b47204a6c4295d32df53f1713b643e9c428776a229f81e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f36e9ebd7ee64ad0bde778b793942b6 |
| SHA1 | b1b14b012904a62f529593231fc97749b63a1e42 |
| SHA256 | f4c74c29040245aa891703f997eff87bac957eaeaffb7f3dd8c7f2212112ae76 |
| SHA512 | b1ad66ebd64d0e6d20b2cc89f4d9167923436b5f799de20ad9d52cd24a8b4dadd32bde3974bd625df820c2690db3d9f07c59893d283486605d9465a9c6fa0fdc |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QXHO4104.txt
| MD5 | 6397ad94609bb461530bc246865ab932 |
| SHA1 | 4e97ac1a387c4336578cc790b29f0700af8add45 |
| SHA256 | 2594502ef79ffc8b98938461714904b921b560ad39d7b8643b892e9bc7281a8c |
| SHA512 | 95ecaa05ab2ca4aa02c0f115d6410e564f42f4de68b7326006c059f06238724a9f8716a4ff400acb6f98c653fa3740f177a377fa864de2006acb79294aa18d5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9982bc6d381d9720221538d6ff27a39b |
| SHA1 | 701d24dee83377ad0ceebd2b936b3fe5034ed63a |
| SHA256 | bc0bb8be135b8baf124b010cf4798f577cb1b4913258b3e7a7eb01452bd17b08 |
| SHA512 | aec5db0820193c026f0fd9c6699537e119f94a85c4101286f24fb3a07158fc8f0e0db8f47dd305604b354646ce189b7e18c326df5b96b0507fba4f6a1ebe5136 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 233a0ff8abd28a3d4651842ff9c6755a |
| SHA1 | b18999cdb6737802f8c44fb7750c16a4d9741624 |
| SHA256 | ce34d87b43f34fbb70c62fcc8fcbd3f82e41493f08f5e2af98aac2eeb9103986 |
| SHA512 | f30821bbc1e4a7092c626529e9f6130590ab7671b504ed69855e16ef19d3aa056df3bc9e022fe26d7ab2cdcc1dddb400223f5857d6cc5851676a507d7c97b753 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | fe31622d60da77a5a5a5d4eea553b614 |
| SHA1 | 00c76088722f1cb6980c48aacb0e747065c2c2ba |
| SHA256 | ad3dab353d98597869f71a151e4f43da7f2a7145e3f8a80d254df7b467e7724d |
| SHA512 | 5cad57fe6baf15b1fdbe3d901b9e94ca174769b07075417cd27db17e708d84a2d5959d7e4f7263ec96d448952334a64ab353cbeb60c427e92ed6d148a5e9b700 |
C:\Users\Admin\AppData\Local\Temp\website.ico
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\setup.exe
| MD5 | 85d846823c88a1bb8836cfd8907320cf |
| SHA1 | 6d9b5bd3edb701f1403f7f65ba83ba493a106192 |
| SHA256 | 3e9b0d73bec058270f9e233b57f13c276f054e1be5da5a5a6c26a510cf3a15f9 |
| SHA512 | 6a043c9e594b77d45532244735a334541bfb3ce379159ede9d44e4d40ce2d77e68c632e044b1ab02216eb34801bae99fe1439a9c86c89320d0c3dcb9db65f272 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 140d790b876aefd9f1a0812d544bf9ae |
| SHA1 | 896a7819f2e8bc36ca92992ffc3febbf7851e161 |
| SHA256 | c8fb515b5a762aa96cb702bd098a247ec6a573d9d70f258eff954627f02a0e00 |
| SHA512 | 193b073994a2acaf87becde3daf0a64bde5cca296ec987945ab0044da43469f01abee7efe21d0f870a6c53d65f50e84b09be871b048fb87b83b0212090c0abe0 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | ec5a62130d8020b4c912cf91859a7485 |
| SHA1 | dc229356be1c997a01df55248a11fc2404d76557 |
| SHA256 | d5fcdca367a8fbb812ff20438f6e72369847ef6ea0eb357e9f98610928109945 |
| SHA512 | e9e1c293a609e0d03cd3a5740210a2fffcc6c25923f0cea2be79283494abbb76418735cc4306df976c59a494d4c35057a82f6ad1fee99743d3626d14050c4253 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | d5e9dac1a3efdb0d9e350574d48d353d |
| SHA1 | f19ebebab28a79d0b11352a6769a2059d2a42c34 |
| SHA256 | 9735a0105ca82d2b6249d15231bf52b0334a9d8d7681b4beb1d7c739ad41f65a |
| SHA512 | 2720ae95ff0fcfe7c4df5b06a00f07b67c7ed9d3dfe399061f34030eee3d0025cdd08b2db48cd3bdcc006360f11707b55ccc04e9d33c648e60c4b1173c39cecd |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | 6e057e23dce650497eef288ee99d525f |
| SHA1 | 6b0829f7412265042bc1b12dced488e2ab2af186 |
| SHA256 | aa40a3e699555d6533e89de29f42007094c5cdf216e77687150b64213b96abe1 |
| SHA512 | c17c0e8daa32692d214abe83036da03a654225c43e95d267c4b518d90071b9ec9475c842a114182ad34d1e7289defd100ca718181971e2ca6181e07415854b9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 2bdf46be5878816941f3eab4dd59a9ae |
| SHA1 | 1e0fc79bc3f2738ce10e024415908b72c85b4f81 |
| SHA256 | a6e7072a3edc428503398f72eac0d47fc8d503eda91368b6034b5d92177f58ec |
| SHA512 | f5ee8c28d74c2a37224ce3ca2116b0188a33e36b745721a8034ab1f39e65052757fc0c2fe470c742f19a3abe6cd0a25d5767248d3e6c4fdc81bcf0ade24b257d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 474728d0b81a96dc4663c2719f441036 |
| SHA1 | 545c0574723f9e56c4582d4a7e4872dbe312b3d9 |
| SHA256 | 4e90f1a068eeacc2f6d7c80fe0d157e418b3d582b4b84f7814e74c33e4d41f0c |
| SHA512 | 3988d9167b4f2c5639e7c2498eda7c3a49aca9ca4ed253dfdd8cee4fe32a4138e89ec879e62c75ba692d60e6770e75bcfd34a06e6b4ed42f2c9500ad1b622c9d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b1c41f6664ab4df7738478c7aaffe32 |
| SHA1 | b55c8ea85462168de041689dc461a0efc0f87012 |
| SHA256 | 2d78666bbf40a9b2c42555fd6c5fb8a4752ce12acb8575c142077836dd79b2d7 |
| SHA512 | 7992316971f11652f0b560d5d53529d83b1522563aed92cfc3e0f746575f89fb96bf00ec6695ea8069898c10392144b723964b54e6f56b881932d72d0f314392 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 989bcabc1e4f1536b013a2676a9ae639 |
| SHA1 | 4f0eab17d9b582960165b6a811d42794d7ea4a1f |
| SHA256 | 423ae1d4cae5678cf1fd671d2d8a390c7dc13deda6612001bf524148bf629f0d |
| SHA512 | 6c2b209717bcfeb798d308e5d6b3cf976c0a0071434893de4b4ccf778c246312214fbeaab98006d2c04d5b4a5944902d359e41e41d5e504621967145fd74321e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1bf2326ffa2f27730325d511c3413e32 |
| SHA1 | 6d93423b7c62810fd4742c0f3dae6f724279a54a |
| SHA256 | b32bab2bee4ad7933b2febb4deb53eccfe5fbf400170cb7ed5361a85be338966 |
| SHA512 | 98cc12649fdfe26bec5a1c92d1c200b074f85575f4750e7730a7f31936921249f88027f1f9d3c669d06190daaee0125a2d4f36954f0b1853a5a14788d53457bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79688d4e8761925e913de301af326bd9 |
| SHA1 | 69f94894af66194d35dda6502ecf5a80af98efb3 |
| SHA256 | 33e7e8a6216c5f94662544e20d6f71b2901fe4a48e17d32231de99e6ea57d6f6 |
| SHA512 | 277c9b081cb8576d371074bc0c59e4fa57b45ab7197aaaa5a0c758c668337319f79bcd3e1c5bafad524104e94df7651d379ed88675163ea5a28cdcf2518f71d1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f078bb6a6b8bf2a89d8d9fb99565c4db |
| SHA1 | 844694c9fa4d9d1ba1f55b5c565a185c918afac3 |
| SHA256 | 12a105d3ddaa412b4f46c2f170aa877021672e7779a36f668d7ffbf61c220105 |
| SHA512 | ac0950a1e60e28d17e0ad91ac9f44178d774223e52216e3ba34f5e833d048d262648b1d63e8867470bee4632e8893ff6696215596a411b2f66c02c8ba4dc4f84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ab98ef793ce15bfd9de34e8826293286 |
| SHA1 | 738e041775855b462205ab228bbe4207f80a6cd2 |
| SHA256 | 3d34ba86ccb20297114d992cdfb580409f6f15c7d39ebb447bb5ad49db613551 |
| SHA512 | 3de472f8a53a40328a1c85d121fb02e74c4ef3bdd35035afe4fb469b7cf2f4d49b3ad4e9da5d76f1b2ae796e31c9aef49e92d25c37d43ea77068b11cc2880b24 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f78e63bfd95c95c820862eb089e63f1e |
| SHA1 | 6456f8ea49a50bbec368b5d0d53d16122c731462 |
| SHA256 | fb7afa3919f782055d5a41885cc4361ab1fac4868545f0ba4095d1665b3e26eb |
| SHA512 | 5e77c4d0f6c241601d692de877e3ba1d2e885b2983b0eb7b0d29b8e2e2bbb2b74c442ddac036067a2c57ffa206c779e2cc4e5635063d9239053ca49ce95b6a9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7bf34885ba94feb4e9e46a295c878040 |
| SHA1 | 8a156fcadcf6112b5c5f4b6557133364e8067439 |
| SHA256 | 953accd2370bf43457b73e9159661cdcbc82b6a6d6724228d9e9ddb9e4f2f310 |
| SHA512 | 2c4f9c9091c9669684b70c919541b50e8c40e364da0126b69bf2c41227f4b572f7e0805ff940b923249b01b7823f30fc3adc614cf823f757bca234d3c67be0fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e212493cb27acb79ceaba3c248434145 |
| SHA1 | d35d882031e59a3f0bc88d342fdd26af6e8b8eae |
| SHA256 | 21efb1367c4c88aa49e63022fa8e4c2d5a8e49f424b1d7ab9e104acd55038935 |
| SHA512 | f6d5bbdf710c9ed4af3c8a1c0856ba0e1f43387c04bdfe22370807ba5fede8af65655b5383e979564be2570107920164d167e52151b5933c2858688fb84405f9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 705fe471a96702f5090d6ad882142351 |
| SHA1 | ce241236a3f34ea51e71761a513a89e775058731 |
| SHA256 | 06ce344f9ea7474285d3bc3be4059ddab6e60a056545f9f226518caa9a835ecc |
| SHA512 | 47dbf3b6cc33a6307a85e8c8d7c62484829e52bdd9b4aa93987742a247d9f9276f3781029cb7d17cecfa8e0990996a5d37e275024cfa0c6e4ad53aab1cdc8e75 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 04cdf9384a48d7e5ee2f87e70cb4435f |
| SHA1 | b75017a824bda86f512ddc5a3db9c88a59a45721 |
| SHA256 | b855ba970e6401f1666676a7fa419391ed936c6baa88e37fe7d30ef427644e13 |
| SHA512 | 914d9045a74d6c1e89c3ab2a45f9c24c3e5a6ee7b577b5ebf497e340656397e170f7d04f4f89a317529eb5ef26039fb80ef1ccbe22953e83772ea6d0071d0dac |
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\BRAND_COMMON
| MD5 | 9da8a139bf4d5e0776cef62f05bf2407 |
| SHA1 | 90841e68f3c61d8a54fadd0b2ddfa6e373b2c939 |
| SHA256 | f8a69b101323c8a730167620420867e2ad1664904cd4b06ad691db23fc61453f |
| SHA512 | 2a0997ce8ba8046e2748b46d1ec3b9da5bd308eeac88558248e3320aa61efcad0745e8cf1edc10fa8303df2cdea11b9f2210261963212148dc881cfc4cbf6f80 |
C:\Users\Admin\AppData\Local\Temp\YB_71B87.tmp\brand_int
| MD5 | 8c167f6e79cac9ead27bbf354f6856d9 |
| SHA1 | b913e37b79cdc47dc9ea02286532becda4d64d0a |
| SHA256 | bc98136f08488fa26b258de3a6456c0365446219448788353ef5eb204e454d82 |
| SHA512 | 6c9e7526cfef7aa23c5bffd961814d5b74a0cd025b71e96dbf90077e5739c075ce10b9a3c48115d364f3a9cb16dfd0e7ed0a82ab436277fc593bdd8c9ebda7da |
\Windows\Temp\sdwra_1440_754407338\service_update.exe
| MD5 | 8cfe6ee4fa6c0d2916de38c4601ef40d |
| SHA1 | 1d5f29ea1909489cc552c108f92dfa7e1b9022eb |
| SHA256 | a96b4cc2627b0084412910e9e7f965a99c1e19f65d202308dfcd21e0b831b2a7 |
| SHA512 | fd7b1daff2960846a2bb20ae3147a0b6c55bd15e9f35dd6cedd4bc6fd5e6010132b4e6a77eecc89b6248c22e09f749c56a052a2b6ca70de644780f64b26fef5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8a07780e3fceaa6739f99f4e97ebf682 |
| SHA1 | 054cd7aa97ca33655ecdf094ac03ac1031ca494f |
| SHA256 | b74503f1f4431b0a78c2a447089f43cdd2106de53cce3d5a8ef6ce3222da9ae8 |
| SHA512 | 32f929829c77470c2d923976dc9f997ea5131cccb409db559413f19473db1fcd09844ad7207649568c763e11e400d7a2000271c4066760087da9e43635f8de52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 657f0dbc0084f5a511350ea4ec27b1de |
| SHA1 | b665d24116633b3b2eb555b8762190269d4ca512 |
| SHA256 | 6216bf4c84b5c63ff8fcf98e4b31739dcc9d538e04bc532e25aa0455cb9d092b |
| SHA512 | 11de6a24eedeeb757e152b97a158b95818d704cd6945e7506e8ae195526d848bd6e5d3854a31fbb324bd7fbfff7eb1f0b4e508dcf0f2382d3a1af90f98095d49 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | cbef29df42ac84f932b8c39afe4be7cd |
| SHA1 | 76db170eb447a728e3d82d829fd67168d88367e5 |
| SHA256 | 2e7a04c04c844ee8b552eb961251c5902a4168fc7d65d6e3a2856a082459e851 |
| SHA512 | 4a4895bf64d59ecf505faead8e695ea414f8945e96a68438eb10f292bd42ec6b3900333a137aab24a73e3e49ee03902fabe4fd99a393d93a897b3331e1decd16 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 9b0ee1e5fb362afec8270b2435c413e5 |
| SHA1 | 10e26ea0a5aaff3d44317787a2e38f6970bfba38 |
| SHA256 | c94a968a9b328bfabb1f0e848f68f8468fa857723fa40fa5f7591b2da3f3eee2 |
| SHA512 | 4089d833575a35b9e20c3b081b75db319e6ec55f668d9cb0dce769504f469ed9bfb4e69ae14f2a25b81aadce3d526e3d6fb115be93dbeca60b466254722c0177 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 4798925e376ba12076cf96398feac6d6 |
| SHA1 | cbb1130b752fb4700a23231aa509603026b24724 |
| SHA256 | d40bdd8f612c4097efb4403bdcec7351f66fd272fe0fdcd40a3c27e14d24e153 |
| SHA512 | 355f54ff72df5787b41f5496bb4fa623eb68db29508e5928d56ea7b8759a71e80fb8995ea745885328481ae8fa00f81219fd37300033028e962e9f03f1d3a92f |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 87d8f6db733edbc3ef101e42e0edb823 |
| SHA1 | ade56adb448abd7dcf27ba6b65bc7cb745798c44 |
| SHA256 | 6b3bc27b0e2c612409605ba27be0bda4f43fa7e8b012959901e97fb72b630ead |
| SHA512 | 3cf261e4366af1007c80607386c757a33886b6b496c3bab75b6f051f4dcff736d5114d16b2f3a2d0f1a3f6df0f527320a4b9a617b963cd9983e187b89d4157ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\brand_config
| MD5 | 61facde1de4ca1ed571f9edf5f09af09 |
| SHA1 | 8b0371af8d36a883b2c2af320d3fb0f34dc9dff3 |
| SHA256 | 0fc8a43e353d856891874f3a8b253d7cd0642643a9836d2ae61361815a3ee2f6 |
| SHA512 | 5034579d7d743d0f18e4d15fd0914d773ac16b52933ce46a484a204b69430426fe94ff399977cb56421b03426ddba85d3d51db5bcedf88f3b030149cf0c8eb05 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_ES_
| MD5 | 1c5d71e5a413ad550a08fe785f11d94c |
| SHA1 | 6c90db1ac6f5aa58202ee350f4e53ae3971be2bb |
| SHA256 | e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643 |
| SHA512 | 5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_PT_
| MD5 | 0dde45f225a4290e59bfb55c80d4a51c |
| SHA1 | 3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e |
| SHA256 | 8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40 |
| SHA512 | d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | ad8f2ba6c388f577fd2f39ca568a146a |
| SHA1 | f4cf517e759c3909bcd00b4edcdd5c0b0096d8c0 |
| SHA256 | b1805f17204cebbb35a9ee1d3585c605cafb7aaf8d5bace02accd0afd38b1c3a |
| SHA512 | ef701b6d00e3b7189329d78fcb0fc7be5f246e2a3da4555c40e930322e6141bad904b425bc8d394c4568114dd6c3f9a582e1b522c0c90fa774a92c11c367b753 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 05a2fdcf79505a901bda8f7518c3d160 |
| SHA1 | cb3e9389d64d3ffb567f7ec856d43beb1944e137 |
| SHA256 | d79898cf993aeffd6b0cb3f3ccdb6889135262cd0519eb01a69423e24e98635a |
| SHA512 | 6283b9681140a8b7142e87c86f142d23b8ad75f17aa3c392eede558d2594fa955f0ccf79972d41918bc26e0bbbd9452b194897c7f75cb8156a59a448c4a9b546 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 4efe8768f1b3e8b822cbf73f0fb27f3d |
| SHA1 | b1b42e91e43d4e22789bf44796e21fa1e2a7d629 |
| SHA256 | c161eb4c64e5a9925a9537b21700001ae386adb4b09378c16e5f307ed08cfb13 |
| SHA512 | b3798ed41b8c0f568f25a9d1159fcb984e8b243cb70a266f01fb984d5b755eb03f5554a1108c88ff3e620facf70bf891c50ba05e95917e6cd4f8fce1b3bcc0a0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\configs\all_zip
| MD5 | 1d71aab097bac538c29bfe8cf5a78326 |
| SHA1 | 65e63399ecd362051bed39b4521e4b6d0d069666 |
| SHA256 | bd1e003c3964da816c6e824caaeb5b18c06299f6783dffffc382b94029f4c5f6 |
| SHA512 | 9450373f3a1d4f0913e13b8c019c2a1dd97211a88dcd3371251ae1e08a9e36b4db9958ef320353fe9bc45725947165f2161fc8e8f00b6eedd806e161f7508315 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 42c67a618167aa84919365046a50b53b |
| SHA1 | 9471bfd85ee21b1f82fce27da5a2a153543e3078 |
| SHA256 | 36ce70d79dc9cb46fdf37bef14e70fc8bae848289e4ea3338c64a43b469f33e3 |
| SHA512 | 245c37f3e224183d786be6bd48ae45b0cd112722e4819f4adc40a5794d081762396c750f32104703ad9e5e000e77a00dde90db3219f73fbbfd928777777fcd11 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 4eedf5b0592bc1191a681b1fa9a01d04 |
| SHA1 | 35e16ff9fb343b8b320fd53b82e78427a8b598ea |
| SHA256 | 8af21b5c5ce8355cef9dc007c423c0ffd6faae8354ee017322e9936d96a6f852 |
| SHA512 | 2ce6f622537b966c0d0e07ebcf3c73e996ad8ee1e2fd1cbb2bb8f0fd7e988fac20ce7fb94c790c275c418a2bd8a0c28a1c657d80768d64bff81ec8a4d8a6f629 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
| MD5 | 9c25c6b066c6023f516e047cacdd396e |
| SHA1 | ce23cdcd76ff68ac83daf4e2f485d6410041ce31 |
| SHA256 | 0280748ceb5ff3c396da4ffa3b374cc9fcab0eb8ae0bcf06b466182c8df39eb2 |
| SHA512 | 3cc6cf82b80251b4680074d71842f708ed2883dc9945cc1daddadb0c5db0b31b7f34d1966699d2e7f8f2176786b67c5212e303cfac30150e39d1f0d85b21f06f |
memory/1440-2418-0x0000000002640000-0x0000000002650000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json
| MD5 | 28a972c0afa658a30ae7b703de599b58 |
| SHA1 | 9fa544f71fd312c2d794e214931d8451a413f65a |
| SHA256 | cb68346257bad8a4407a10f495a0e312e6476c6db13bd7b8cdc140cb818fc07f |
| SHA512 | 45587f7230e0affd9543b612800ce2a20f91d88b6b46fa349b16a42f7f38c1d7fb03a2481532d51a60182697fcb5c11e014d9b07673cbd36e55dd6af7c4e91aa |
memory/2188-2537-0x0000000000060000-0x0000000000061000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\c627c88a-9f43-4c26-abf2-e3613ca0069d.tmp
| MD5 | 9ef64c505b1842f6840d8957120e072a |
| SHA1 | eae93ae1c8b0538bf01f657af2dfea5ff6679b05 |
| SHA256 | a9f83164ef146ce3979028b22f6c7a22d83d070b8ec43e428125a941cf6167b5 |
| SHA512 | 256572518120ea394df8a59250ff91d19ebba29c1ff0562f365c6763f1458479ceeddfe012ad0fc3a6ce0eb3ef7051bff22142c8a6eb4b92c0cbc80445545523 |
memory/1552-2603-0x0000000077170000-0x0000000077171000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\CURRENT~RFf7a0b85.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Site Characteristics Database\000002.dbtmp
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\117bf19d-68fa-4222-a8b6-43c33c77f8fd.tmp
| MD5 | 6428d6b745f9755c872b390cff368ee2 |
| SHA1 | 39ff51d9cadbcc5d8a60a9c16c0fb0f41003ecf0 |
| SHA256 | 3dd647c1e6943121c9120ddc44232ca5c9df84008d382483fdd8c018366adf6d |
| SHA512 | 229fa4bb34615b0b87ca60325016e3089100bfe9501ccec5074b9085e06dfe77bb3d92442ebcc50970670d9e2ff4bc7a8d77a4fe1c42ee688dcfb1cc34b6e325 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\picture-13374541243807900
| MD5 | 9c71dbde6af8a753ba1d0d238b2b9185 |
| SHA1 | 4d3491fa6b0e26b1924b3c49090f03bdb225d915 |
| SHA256 | 111f666d5d5c3ffbcb774403df5267d2fd816bdf197212af3ac7981c54721d2e |
| SHA512 | 9529a573013038614cd016a885af09a5a06f4d201205258a87a5008676746c4082d1c4a52341d73f7c32c47135763de6d8f86760a3d904336f4661e65934077e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\preview-13374541243807900
| MD5 | d72d6a270b910e1e983aa29609a18a21 |
| SHA1 | f1f8c4a01d0125fea1030e0cf3366e99a3868184 |
| SHA256 | 031f129cb5bab4909e156202f195a95fa571949faa33e64fe5ff7a6f3ee3c6b3 |
| SHA512 | 96151c80aac20dbad5021386e23132b5c91159355b49b0235a82ca7d3f75312cfea9a2158479ebc99878728598b7316b413b517b681486105538bbeb7490b9c2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\eafc65be-5944-427f-9962-4d10975a7fe6.tmp
| MD5 | 54497ce2271deb0e673ec048b44da343 |
| SHA1 | 5f886314234b7aa6a4da5efc937a9d63ed007727 |
| SHA256 | 3dcf052bb8050fa32f28873bb665f63f457799cb9a92549fb2dbea94014f929b |
| SHA512 | d0d77d763b1b12c1b9d7a9a3f2aee4640ed5fb10d828b7c3c2cb051504c2b7b6438309124b934b346a4152c0aca009883d6bda42dc997188b8ca2736ac3419c9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\DawnGraphiteCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\bc1673f1-d191-41b9-946f-ff681a503d7c\index-dir\todelete_6e628f1616eba703
| MD5 | d020774004660b7e20fafef896ec3950 |
| SHA1 | 5cfde7dcc5b330b1d2c417ac8e93003e56d50a62 |
| SHA256 | 7cc9320d0fe9393a86e6df9d205eb9efe31354a45e9d1a033cd316cae0760627 |
| SHA512 | 9917f4fc03e26278bd8665b53d98ca71eb647b9e2f965d063f42eea88b9592c07aa6a76ac1c8ea03dd5b3c5fb921c9ce16ae3b7081c76df5bdd771301ba5c96f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\0543fb90-b2f6-4de9-b7a0-f0410ceba8c5.tmp
| MD5 | 0c5506e61631dbdf22d408df3635c352 |
| SHA1 | cd6548938a97be3c0b3ec5747a3fa295825507eb |
| SHA256 | 15887dd9821b47666a080f3e1e41ba838bfa3e6be0725f4fbeb48830468d5b0d |
| SHA512 | 4f931da12e585d7583daaeb1edddcdfcdc59784463b2b914e8a806e3ccabd9e9d94bfdbddf4cff2de990cec2dd406ec8e7f00b3429c5dfbc35471b6d1288912e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | a0972af2e2e32dcf1cad45d1080cb70f |
| SHA1 | 71dbaaf410e5076e6fc7f2481951bebc377ac418 |
| SHA256 | e3d840008742cf9427f599ea588555eb6ef90bd7041ae573e92d3b1df7980ddd |
| SHA512 | e2aa68ca4942bd9ce7ca8f3dfc609dfe3c773ae20ed5f13c530e989bc6bbc7eb940ccb41ee0b98426c678410970a7287034fdd0364a39445c2afecb37db0a014 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | e728a5ac67ec60ca9bc0650d6abc3550 |
| SHA1 | 31ecb1ae0c6b3b35078ad0762ee1908d23f890db |
| SHA256 | 49fd3b3ffe35dc3863ca75bb6581a8906fb1871b6366287f26b095cca7556d4f |
| SHA512 | cb539ca52aa64c940fe708640f1e29788954d11571597749eb39e35e9c77a945b3725f165bd2a117c815d5faa0fca8665131d4f5a547ab54715da5885b6868cd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\3edc635a-1543-4234-a780-68f19468dbc0.tmp
| MD5 | 0ae84682c32e3806dd398a6ebc6e7ee1 |
| SHA1 | 23ade2c2ca9743b2e4212d2ca6e5b3b8bcac645b |
| SHA256 | 31f0cc145354bef8e8d04cf0f614fc2a685b50d859681764f237d1e075be44ee |
| SHA512 | add459f296d5c96af8310579ae54f5256cc39ea8e3fb7d2bcfb637bbde06c8fa579e13d9cb844184b255abe363f20b379d0f441c513c0c0fe2ab4e40e3ac6aa5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6b0f7de84ccd19765d28c0c7d22cd6ba |
| SHA1 | b0d79fc8bc65ed936be5eea2038049c0ba94d851 |
| SHA256 | d4a94a4c7242902bbef55da1c5906ae1ebcda2ad74838205befd6fb9611e8d57 |
| SHA512 | 7529153e7e80fe30e70ad93b41d5e5259c7ee2de2b9ccbef925c2f70a97337e47affba6c409cf869c66421c7e981ea1564700377e1ff8a4964e8b51404739747 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\ff8e3a73-3a9f-437a-a124-e45c2a1ccb9c.tmp
| MD5 | ffb6478202581e7a73d004ee2f82ea2f |
| SHA1 | 047e06ad9fe2678b425f4781e275cd0bf50e1164 |
| SHA256 | 4f3c5bcd652144a75cbf33b583f4457aeba6e380ede80e712dbcd5df3b4dae08 |
| SHA512 | a09a6a022e5939a3371abc3328c062a1aff94547402264b7082597e4fa681fae3358f8c435eb629eb2ae8effed43eb2ef4bfe30838428d83dc53d81a8aff482a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | 243dbf67f5fdde221f0a83928191eb89 |
| SHA1 | b910c88d7e284173409caaa3e2ccfd530352300a |
| SHA256 | c316805f926e4c4e310173a40b72293aaa904375b9bae1671c01e6ab5ee1b042 |
| SHA512 | 2026c104afd3d3797990e05ed4c9a08f26b168ad82dcf6aa72e6e7a92357dbf0064e9e94a9a496bfd9445ded20320ab276a843c8f438cb628c7b5aeda87217df |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | b182f77da77cdce531bd7b69ed8778d5 |
| SHA1 | 1d61a7c681649702912d9de602947fc2d3dbfa82 |
| SHA256 | 68936bd8ce479ea2bd29e3877f731f8e036fc786921fc74d6123c3289a9d0e8c |
| SHA512 | 215e98205b7ffb509fe6e9ee65cebea349172f15de45715e8100571f2cef3f2ce96eb185a19345926e1d8956e3726408e881c3ea71e9b07dd4af3e622d230962 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-27 22:18
Reported
2024-10-27 22:21
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
156s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.css\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\shell\open\ddeexec\ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-124" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.html\OpenWithProgids\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser SWF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.epub | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexXML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexXML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexBrowser.crx\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.webm\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xml\OpenWithProgids\YandexXML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-122" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.tif\OpenWithProgids\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xht\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser TXT Document" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and convenient software for working online and viewing web pages." | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-120" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser PDF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-104" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-122" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser JPEG Document" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-113" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser FB2 Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.infected\OpenWithProgids\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.crx | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexBrowser.crx\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.swf\OpenWithProgids\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-123" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\URL Protocol | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.png\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.png | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSVG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\AppUserModelId = "Yandex.Z7U7QVUCLRRNYFIB2IBUGKKOQQ" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.js | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexBrowser.crx\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe
"C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe"
C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe
"C:\Users\Admin\AppData\Local\Temp\3f5928c606208c18b770c53e231d7b9444d8d76b032acc2c549cde011cd73b80.exe" --parent-installer-process-id=1492 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\c56aa5c5-db22-40ed-9e4c-d1d601bf6697.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=498265351 --progress-window=524364 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\f2307d25-9c73-4bd4-98ef-5c44af1fad0a.tmp\" --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\6166c5f5-f1e9-45d6-8a15-a88f04ffdb1a.tmp\" --verbose-logging"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd4eac46f8,0x7ffd4eac4708,0x7ffd4eac4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\ybC091.tmp
"C:\Users\Admin\AppData\Local\Temp\ybC091.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\c56aa5c5-db22-40ed-9e4c-d1d601bf6697.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=23 --install-start-time-no-uac=500655973 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=498265351 --progress-window=524364 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f2307d25-9c73-4bd4-98ef-5c44af1fad0a.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\6166c5f5-f1e9-45d6-8a15-a88f04ffdb1a.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\c56aa5c5-db22-40ed-9e4c-d1d601bf6697.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=23 --install-start-time-no-uac=500655973 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=498265351 --progress-window=524364 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f2307d25-9c73-4bd4-98ef-5c44af1fad0a.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\6166c5f5-f1e9-45d6-8a15-a88f04ffdb1a.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\c56aa5c5-db22-40ed-9e4c-d1d601bf6697.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=23 --install-start-time-no-uac=500655973 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=498265351 --progress-window=524364 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f2307d25-9c73-4bd4-98ef-5c44af1fad0a.tmp" --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\6166c5f5-f1e9-45d6-8a15-a88f04ffdb1a.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=516264201
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5464 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x7ff7ba3304b8,0x7ff7ba3304c4,0x7ff7ba3304d0
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5588 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5588 /prefetch:8
C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe
"C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=3984 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x20c,0x210,0x214,0x1e8,0x218,0x7ff67e3acaf8,0x7ff67e3acb04,0x7ff67e3acb10
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-background-scheduler
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source5464_1169872813\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=524364 --ok-button-pressed-time=498265351 --install-start-time-no-uac=500655973
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=6636 --annotation=metrics_client_id=5ef29a664d8c4fd1ab9a29912dd4314f --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x13c,0x140,0x144,0x118,0x148,0x7ffd4afaef88,0x7ffd4afaef94,0x7ffd4afaefa0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=2292,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2288 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2156,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2324 /prefetch:6
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Network Service" --field-trial-handle=2688,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=2708 --brver=24.10.1.598 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Storage Service" --field-trial-handle=2884,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3056 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Audio Service" --field-trial-handle=3284,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3092 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Video Capture" --field-trial-handle=3580,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3668 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3632,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3728 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Data Decoder Service" --field-trial-handle=4300,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4320 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name="Profile Importer" --field-trial-handle=4612,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4624 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4804,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4852 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6340 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x28c,0x290,0x294,0x268,0x298,0x7ff7d85504b8,0x7ff7d85504c4,0x7ff7d85504d0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=5480,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5492 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5520,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=4472 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5792,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=5800 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=48CAA92D-F0BD-4EE8-8129-D92BDA7D3D5C --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=6288,i,827067449019924999,5882684548723413299,262144 --enable-features=InstallerNewIdentity2024 --variations-seed-version --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,5104414332642483225,12854698175313285322,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 241.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 51.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 10.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.192.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams03.cdn.yandex.net | udp |
| NL | 5.45.247.53:443 | cachev2-ams03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 53.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 105.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-02.cdn.yandex.net | udp |
| FI | 5.45.192.140:443 | cachev2-kiv-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 140.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-03.cdn.yandex.net | udp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 141.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 69.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-02.cdn.yandex.net | udp |
| FI | 5.45.192.6:443 | cachev2-rad-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 11.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.192.45.5.in-addr.arpa | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.uxfeedback.yandex.net | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 159.250.250.87.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | api.browser.yandex.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.200.35:443 | update.googleapis.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.com | tcp |
| RU | 77.88.21.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser-resources.s3.yandex.net | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | neuro.translate.yandex.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| US | 8.8.8.8:53 | 300.ya.ru | udp |
| RU | 87.250.251.20:443 | neuro.translate.yandex.ru | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| RU | 77.88.55.242:443 | tcp | |
| US | 8.8.8.8:53 | 242.55.88.77.in-addr.arpa | udp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 87.250.247.182:443 | tcp | |
| RU | 93.158.134.36:443 | tcp | |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.247.250.87.in-addr.arpa | udp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 011698f8a9ca56e9d8ead4754ef2b968 |
| SHA1 | 75408610223570e6c0240e3205236899c3c61f19 |
| SHA256 | 817d0a8c94e05da1604c0a24a1532d5d846aa530de8e2093ef5e2bfe472fb8fc |
| SHA512 | 9dea4c799126fd558dc76c0ddc7bcaf69e3912d5cbde7467aba990661a4479d3a79d642b8e320d2a5dc73edb357d290453b06bb33e49d1ef8a940d133c05c6d6 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 316f05bf3a84774eadaa9f1ca3db8fa5 |
| SHA1 | 33dbd8b97d185cc06d525e70ecbadb017bda15ec |
| SHA256 | 919607b4feb9cb67b1f9c339559ebf0fd665b8f447db37d6f73a65fdcc2fafda |
| SHA512 | 9355f6f54e2df660d7d52c897d43700bae82fcd46a4bda9252cc490026ad406722de16861291882518afe31907bd1d4b33d3276d6d13a8c60ee7e0c61f01d531 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 8d20e741194bd0470614a0b5d06ebb1a |
| SHA1 | 19552f2d2063f55739b7600ce0a46ca540935a45 |
| SHA256 | 37331424edd48a347bed3a510054415f408efecf51b539d14012f173bceba781 |
| SHA512 | ba777779410856cfecec8554015ea5415e89d02f0ef304c75cb597e672ad03d594d4b4e0f1272092fbceb1275677bbc726c23e4a82d42a887f8b5c2775aad6f2 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | be0c5d37afcc97d5e2bcd989bf26b590 |
| SHA1 | b8ffad8ce00497337a9f6e3b02a91ed11ef6c062 |
| SHA256 | fd5c7c2bf4fb7ed6a82d86ca918ac06530bea54c3b2fe909e48fbc5a2e48c4d5 |
| SHA512 | 11fb84a44a108e2e6602919e61b2a40ce66bb676d9da4eef163d7d6fda4b8fb2df15fc338150080de6b99f13e93141f2a41d081bec51391dd741d8b709c3f9b8 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | c2d4b076f42687ce9a3d048196e85b54 |
| SHA1 | 6144a566c1e6f9063b86e9982d56eb794e64891b |
| SHA256 | 005f6caa336f8389c24e298d3c2c41f848177d739d7c44f8f28dd6734105a058 |
| SHA512 | 5dc173e55e19c0f9c98d740f47b527eabcabb208106c64ff115270dda838085fde53c3260783985d1b48329903d5041c3caf254eb6728cb68f2be526c36bc50d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0a9dc42e4013fc47438e96d24beb8eff |
| SHA1 | 806ab26d7eae031a58484188a7eb1adab06457fc |
| SHA256 | 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151 |
| SHA512 | 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | baaeb1286b8f511937303398b460b661 |
| SHA1 | e2abdfb6606014cc3ea622a70fd001ecfaaeecdd |
| SHA256 | 40facf40cf6380aa3a8fe6d78f618019c72836d73f4508704722172100a91bd5 |
| SHA512 | 713b5e48d98afb29a41f9e7b7e4e0f4625b1b0afbbcb25f78c7d897ca56495aa6a94a1f1cdae9047204783b045f5962227290bf3685d45da7f36c5f368f1454f |
\??\pipe\LOCAL\crashpad_1544_MDTQUBORVXXQCSFD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | b3a50f5cdbbc1412bddec5c13362f70c |
| SHA1 | b4de15a110f9d9fbeb485c7cb01d9a7d7acf8357 |
| SHA256 | 9a56a079e89a16586180a7fbfc7146d69aee8ac6a1e62e9bbb89ac5e603a7774 |
| SHA512 | c1513444c63cbafe2d4fdd1e8951c72f21773419004515f2652a5b9ae89e40585327c53da545cb8a53700f34ede0c92dcb9766efb29cdb66bc69b0da0393f525 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | e0c0bc3f31e1f003ba6b8bf2adf3beec |
| SHA1 | b5aff9e69cf2abe8303f6c61787fb282a30e7f14 |
| SHA256 | 34dd936499c1ead41633f78216fcd780284b055ee9adfbf50660c177cc7fc349 |
| SHA512 | 08eb9bb5ae128f36c11464fb626753f64ae334dba84ff50df02c7438d2bd8297113564e375cd1c61b94efc680dff377d37a51b7921e128da369d08bfd6320a38 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 92503143624810cb146c058280333015 |
| SHA1 | 436f428df88da2809f12faf918837cf92f5dbbee |
| SHA256 | 2a8099bb289e3fa43bc78d5a55a78b2c4b4d117d86c0ddeffa57bdb651ff5aad |
| SHA512 | c245ce6170880bef6f5972aa4062e021caf637d7e6c769ba7d647ab9cb9119e5783f51c8fb621f7d6b7a6f21f9f6022394781df2b77e4fd6c1754885d6074539 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 1e51393ad828d2dcf899aee0d7164f76 |
| SHA1 | cfdfb364b840c85e63a0cd2e4da21a8e78734f0e |
| SHA256 | e41801245e25395af46f6b26e30e02f5c52a6c28feda3d0d2c36391a8762bf3a |
| SHA512 | 3b11559b7be593c3d4e647299808ebcc8ae047db744d47e0bb16c951e610eabc5ce8bcbc8be77fe2a730129bef2de39ac6b9d2a93539ff9db7af12a7b380a343 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 706719f21a1381d24f926b0081592f14 |
| SHA1 | 5297657e4a1d5310cb0157e24c55d4ae7d66dc81 |
| SHA256 | 8616db10de0d16ef21b4a88ce8f9ef04156427d1f9a6aaa508f0f07ee72c1b7e |
| SHA512 | e2888a0a1b7d3672598ce318d81b0d51d2f77ebec0a191365a0327560fa831d5712174c5aaa609c47c9b1efc6a901616a35cefca05de498bd8f2fa9399c28ba7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 2b46c3163669756823ce21574179f1f7 |
| SHA1 | 401a45826e4105e39238f9487c28ecaddc225fa2 |
| SHA256 | f174551d9e5a268cfde35d2606cc7716a2fcb2e499fb00a94107c13b09be68b5 |
| SHA512 | aefd7008a4898085f9ac67ba53a7f9e706dca460a92eedeca3d864183f985f8af955fb886c83a0fdc8609614445cf26a36c0d263ddb853bd595085420d1bba5a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 3fdad953acb347dead14a0c881ac9f95 |
| SHA1 | cb11d9684dd49ccc6723259b877d7d8a9715af7e |
| SHA256 | f4c1b14856d27ac155f4fe0d85fb4d5e7c37441d009359e27b5a52cea8e68078 |
| SHA512 | aeaece5c5f60265bbaf8d176f1cc95141c741eb15c08aa8167b4efe6fcdbad9499d2959f24cff4609d562f782c4225e817edf6ba6193d318e8cdc8dab8c7158b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | db2147d9a69894434131593bea823606 |
| SHA1 | d7dd5c8e7e1fca45dc7627251dea884ffa2a28f9 |
| SHA256 | 7e8228db08ab2d3f9564d1a0fb657dd665843efb32d520b32b5a12eeaef62400 |
| SHA512 | 1bf0cf7efe3830227a6613c9d2c604cc3547839541a0a731d8fc42eaaf5cccd82b058db96010c2e917f053784b2e9d7c93262668fdff5b945b40afc9d82d3b91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\bd99b39a-7b62-4804-ab50-84e1cb51172a.tmp
| MD5 | a065975460f087e7743dde88d9f330b8 |
| SHA1 | f68766a9d0b1e4430f217a675c3f62205d1dcede |
| SHA256 | 6fc1b6109bebcb2e94eb6489198bbebe44e0599f2149655539e1dbb8feaa05a7 |
| SHA512 | 71f2e7fe4841be0fb6828bc1c7c611f95557b43b78f881a14b2e463852ac038fe36baf28aacfdd29968e052a34a519c6943334cb7a411d4fdefb188ff3f63dd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c25e5f2362a381194cb1b7f388946e03 |
| SHA1 | f53c87cb717b29957b3ea668b5ba627fad7cb234 |
| SHA256 | bfd79e7e93d50a1156dfb82ad56aeac1d31b5060b2f40dd2208f714a62c21b10 |
| SHA512 | 26bf09e32672b74bf3f2c8d838a63fffddc9a838f523957ca9c33634a483a0873ecbbac9dc4c7ea0196f6c5ac90b262c057245db5db6570cba6f9374c579aa1c |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 05c3c7eb35ccdef20468540ec6991c08 |
| SHA1 | 9b0b1dbb0a91db0367ab7e30562ee16b95b1c406 |
| SHA256 | 0256566cdab05745c83f5093284f04a1325b6c92b7b6dd2c3745e8ea4a75002d |
| SHA512 | f0ac9b0cba40117bedddd4b0552cc92df981e76342a57c6aa311b60f1e3553cc3e677de974bc6e6e71b664280d7c54a24729e3e3f37a5eb1efe97ec3bcc07c25 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 3556ebe6318282f6fcd6271cad8660db |
| SHA1 | 2d2f1029869fc67c0831871838e0c3fd4e5afb91 |
| SHA256 | 8408b7be87d72658213bf6f63552c763d32f2fb8d5432db3fe3f9abb14a22d54 |
| SHA512 | 9bb184ddba96f110fa7645d3314017db7c5cc097830fb8f45cf987af8f896c028515bfcb658fca3b3368141f1c30e695afaa23c9beaa0e0d69be418011e0ab5d |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ea511b66c00e7ec6ef58a122fbd2d202 |
| SHA1 | 3f0da41af0ecb5cf8630c9cb0b77ed9da137305d |
| SHA256 | 89200f90f301fb8be16f7dd8d34db8266011667cfae949689a413a0ae6f4660b |
| SHA512 | bb3e8600e16abd80a68783c2f86be322ed3a1221277a35b0589154e9c96486d5b1f822cc342c3719f8aff2789cc67c6ae735d558b56020774b765c601f2c5d3a |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f5609e851f35602067bbcd70bcdd6cc8 |
| SHA1 | b2c1a3e87ca37de50d6d8839575bf8db22ac218a |
| SHA256 | 254155a35bd5c1e2e84323354747557502545d9950dd7a4c5cefe4e61afce936 |
| SHA512 | 15c772e0eaeffbc77556db73889fc5fcdca84c80732e9bd38e54bafd3f8af982e7b83ec20ad1fd4a5212c1bced8bafbd8e92af4f664a726d1aa8cfd5af2ae456 |
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\setup.exe
| MD5 | 85d846823c88a1bb8836cfd8907320cf |
| SHA1 | 6d9b5bd3edb701f1403f7f65ba83ba493a106192 |
| SHA256 | 3e9b0d73bec058270f9e233b57f13c276f054e1be5da5a5a6c26a510cf3a15f9 |
| SHA512 | 6a043c9e594b77d45532244735a334541bfb3ce379159ede9d44e4d40ce2d77e68c632e044b1ab02216eb34801bae99fe1439a9c86c89320d0c3dcb9db65f272 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 140d790b876aefd9f1a0812d544bf9ae |
| SHA1 | 896a7819f2e8bc36ca92992ffc3febbf7851e161 |
| SHA256 | c8fb515b5a762aa96cb702bd098a247ec6a573d9d70f258eff954627f02a0e00 |
| SHA512 | 193b073994a2acaf87becde3daf0a64bde5cca296ec987945ab0044da43469f01abee7efe21d0f870a6c53d65f50e84b09be871b048fb87b83b0212090c0abe0 |
C:\Program Files\yandex_browser_installer.log
| MD5 | db38841dc945d3ee3509f89eb78cbb3f |
| SHA1 | 2243c3cf88b3b06a79d9ac136f48048c78afcb85 |
| SHA256 | c630bf194fe914763888857bbb6f69fc7484d77a7a6ada5662041180f240b0f0 |
| SHA512 | 48523bdcae4aec3a99220964d7cd58d5f7c36949b2f4d2a2f8b8e3b73538544519b9354d4af68d4c19826b139fd3b01126150146e20c02141b2f35b251a52453 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | 6e057e23dce650497eef288ee99d525f |
| SHA1 | 6b0829f7412265042bc1b12dced488e2ab2af186 |
| SHA256 | aa40a3e699555d6533e89de29f42007094c5cdf216e77687150b64213b96abe1 |
| SHA512 | c17c0e8daa32692d214abe83036da03a654225c43e95d267c4b518d90071b9ec9475c842a114182ad34d1e7289defd100ca718181971e2ca6181e07415854b9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 2bdf46be5878816941f3eab4dd59a9ae |
| SHA1 | 1e0fc79bc3f2738ce10e024415908b72c85b4f81 |
| SHA256 | a6e7072a3edc428503398f72eac0d47fc8d503eda91368b6034b5d92177f58ec |
| SHA512 | f5ee8c28d74c2a37224ce3ca2116b0188a33e36b745721a8034ab1f39e65052757fc0c2fe470c742f19a3abe6cd0a25d5767248d3e6c4fdc81bcf0ade24b257d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | f625e742579dc2f0b02670770d2a9b68 |
| SHA1 | c690943db93e8a9400019ec750461a6231bf6963 |
| SHA256 | 63ab42eae708a64c1156ab2a08169878d8764a34138a766ac500dfedf2e5126c |
| SHA512 | 9f9ec011e7d2e295b7776719208a3f6aa45b50dae6dd376f6e8e942b524b9ac7f0e8010c2546bbe278c6adbca4adc99f9b013edf87a4117a3e4f619039df42bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14e14e96485afbc5907f6e9c5e5b9390 |
| SHA1 | 30eec8ec80229d8d69c6ee2ef9b042fc03ece1c4 |
| SHA256 | 0b4c0c92cc20a0915197653d4ece9c85bf5ffa4cd3527a7916e83ec0f7ac58d7 |
| SHA512 | 137ade5bb7c489bd6609ae91d1f37aea0bc7dfdb94cdccae047654848610418d837572dff3c5a2fb8912230bc6194458711c8c5be08f6cfdd6f82a335a6023b3 |
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\BRAND_COMMON
| MD5 | 9da8a139bf4d5e0776cef62f05bf2407 |
| SHA1 | 90841e68f3c61d8a54fadd0b2ddfa6e373b2c939 |
| SHA256 | f8a69b101323c8a730167620420867e2ad1664904cd4b06ad691db23fc61453f |
| SHA512 | 2a0997ce8ba8046e2748b46d1ec3b9da5bd308eeac88558248e3320aa61efcad0745e8cf1edc10fa8303df2cdea11b9f2210261963212148dc881cfc4cbf6f80 |
C:\Users\Admin\AppData\Local\Temp\YB_69CB5.tmp\brand_int
| MD5 | 8c167f6e79cac9ead27bbf354f6856d9 |
| SHA1 | b913e37b79cdc47dc9ea02286532becda4d64d0a |
| SHA256 | bc98136f08488fa26b258de3a6456c0365446219448788353ef5eb204e454d82 |
| SHA512 | 6c9e7526cfef7aa23c5bffd961814d5b74a0cd025b71e96dbf90077e5739c075ce10b9a3c48115d364f3a9cb16dfd0e7ed0a82ab436277fc593bdd8c9ebda7da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92
| MD5 | edb0767c39d199858b62776e38406cb5 |
| SHA1 | 39477cee82e65475030c85119c5804b4d4920d90 |
| SHA256 | 8330b9abfb58363f7d139d4def2d390cc50c9a0281ce73ede1b2975de27ae5c4 |
| SHA512 | 7163ea24c472d1ff60636a9e1f7dbb98483cbd0a650bb2bc80584129a378a72ea46f3da8e05b74d071a3b7684a22f3d0934d7b593d51cf94d85d8b81aeec14d4 |
C:\Windows\TEMP\sdwra_5464_1711763568\service_update.exe
| MD5 | 8cfe6ee4fa6c0d2916de38c4601ef40d |
| SHA1 | 1d5f29ea1909489cc552c108f92dfa7e1b9022eb |
| SHA256 | a96b4cc2627b0084412910e9e7f965a99c1e19f65d202308dfcd21e0b831b2a7 |
| SHA512 | fd7b1daff2960846a2bb20ae3147a0b6c55bd15e9f35dd6cedd4bc6fd5e6010132b4e6a77eecc89b6248c22e09f749c56a052a2b6ca70de644780f64b26fef5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92
| MD5 | 587ffb0ccf9c7b0e067bdf11dada16b3 |
| SHA1 | 6689ddd7af116db4ad5b412357b88c88f8c0f559 |
| SHA256 | b148f82a20c9509ccebe237595d76caf0033a5ad7b4bcc9abdd589382b969323 |
| SHA512 | 31b2e0d18f17d752a7acf6c5b3d97ab73f4fd16bb89b65c646652082be6ee755bc177eef313ce109afe1b581b28458081ead2b0cfaf5349692b83e8f98186c93 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D
| MD5 | 1d5fe659c2d228ad490a3afc0bf39894 |
| SHA1 | 47a80a2b639c9cca12b3c2b3024fc07e5b24643e |
| SHA256 | d104cff2bc0652165f3c9b39eaca7e123c63a8fe3752e693c188787b07405416 |
| SHA512 | 95ad6052dcb2ceac39378070f0437c108e05789f32299ee177ed3b01c2b666b956b28de18587240e80b0bbfe2629a462df33bf0d30d2d2b0bc2862e9830b3547 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D
| MD5 | 2bd1ab696bfd18bf7ea1c98861bc0423 |
| SHA1 | ae736df8244868d383462fdc84df46dc17ba4eff |
| SHA256 | 8edbf72fbb615ce43e4086f81799f6426ddca5aa15f50373d1007fb2d5a138d4 |
| SHA512 | a0dce15f4f2174be1945cda15d300ac0892dc31f363fa8f99c0c09e90a45c44e64090e60c09d55c2ae6fc20f80014897e83ebb5e068753c539055383a78ed9e3 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 40cc9267f0583414f41b007013ce7a5a |
| SHA1 | fe1d50579d498564574bb2bc774bd9fc4b9ea94f |
| SHA256 | 141951c1c3eb556cf65c543a0cecb15aa2b08286b91ec4d4f48021ff142bb21a |
| SHA512 | 54f1c06a1a4f821a72e0d52a51c8f18d7770fb978f62392f2104ea040066f511fa08880105a03a1accf7d8c546c9962098d2d78af79f5953915d6c78e7c8cf30 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\configs\all_zip
| MD5 | 1d71aab097bac538c29bfe8cf5a78326 |
| SHA1 | 65e63399ecd362051bed39b4521e4b6d0d069666 |
| SHA256 | bd1e003c3964da816c6e824caaeb5b18c06299f6783dffffc382b94029f4c5f6 |
| SHA512 | 9450373f3a1d4f0913e13b8c019c2a1dd97211a88dcd3371251ae1e08a9e36b4db9958ef320353fe9bc45725947165f2161fc8e8f00b6eedd806e161f7508315 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 4eedf5b0592bc1191a681b1fa9a01d04 |
| SHA1 | 35e16ff9fb343b8b320fd53b82e78427a8b598ea |
| SHA256 | 8af21b5c5ce8355cef9dc007c423c0ffd6faae8354ee017322e9936d96a6f852 |
| SHA512 | 2ce6f622537b966c0d0e07ebcf3c73e996ad8ee1e2fd1cbb2bb8f0fd7e988fac20ce7fb94c790c275c418a2bd8a0c28a1c657d80768d64bff81ec8a4d8a6f629 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 909b09582eadd71cdfd92d615ea70a87 |
| SHA1 | 715f244e8c4b306f26649167a2186a598f65f3df |
| SHA256 | 7bbd3e9581b9990cd48933c7b6ed0a22216db7f3544daf510b4acfadcab0426a |
| SHA512 | 95a6d43d88b88bacc7ad49ea40b1797f28c2fe835f8c5287b13426581088154d952803c8461d6c311520fa3b92ceae4ee9f9328a9e70ceb9b48be639f948cc4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | fda6c7f7660e9be254ef3745b8dcc4c0 |
| SHA1 | 953062beb6ba234633f1de0a6964e7dec3ba2cf0 |
| SHA256 | 29660aabd512c66468f36862bf0087855e4c18bee937e9d1a403d548f0ce1b8c |
| SHA512 | 0b18601b8771071d601c00a8ecb687d807ca4c785c387701f6dff99566fab72227b9af84a17bf9c40a583c2501d3c20cb93681f4a1f6cb0227e4dd5b5a005077 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 4c817e4c2d0ed4b5603e7192da413a6a |
| SHA1 | e70fe2b6c5548273bc00b8863e0752c7bf93ad11 |
| SHA256 | cbbda477eaadbaf9fc385bff50dfaf9af360dd82fd8b345209456d8da580273b |
| SHA512 | 39a4796f25ee166dd8a079b3556b1e50d9e85a1bad8a9229a428a9d160411c7362fdf05db872ff167ce23f7769de582f63155863bd3e06313d49e71841f369ae |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\stop-words-en-US.list
| MD5 | 202e1cc3e24e0a76bb1fd8779ddae5cb |
| SHA1 | 7566a9437663e808740ef75c9a79f414daa6b44d |
| SHA256 | 95984aa8caca82fc5c2ac6721e17206e45f12404567bf05bf397131ab83cef58 |
| SHA512 | dba1d7714da25c670cef62d22638ba759add34e26e69666973e26b7e7542b7c04d3694bb0f22ec2b7f89a33e48b3546507a108a385ba5945e0d293f501511717 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\abstract\light_preview.jpg
| MD5 | 9f6a43a5a7a5c4c7c7f9768249cbcb63 |
| SHA1 | 36043c3244d9f76f27d2ff2d4c91c20b35e4452a |
| SHA256 | add61971c87104187ae89e50cec62a196d6f8908315e85e76e16983539fba04b |
| SHA512 | 56d7bd72c8a380099309c36912513bcafbe1970830b000a1b89256aae20137c88e1e281f2455bb381ab120d682d6853d1ef05d8c57dd68a81a24b7a2a8d61387 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\abstract\light.jpg
| MD5 | 3bf3da7f6d26223edf5567ee9343cd57 |
| SHA1 | 50b8deaf89c88e23ef59edbb972c233df53498a2 |
| SHA256 | 2e6f376222299f8142ff330e457867bad3300b21d96daec53579bf011629b896 |
| SHA512 | fef8e951c6cf5cec82dbeafd306de3ad46fd0d90e3f41dcea2a6046c95ab1ae39bf8a6e4a696580246c11330d712d4e6e8757ba24bbf180eec1e98a4aec1583b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\wallpaper.json
| MD5 | 662f166f95f39486f7400fdc16625caa |
| SHA1 | 6b6081a0d3aa322163034c1d99f1db0566bfc838 |
| SHA256 | 4cd690fb8ed5cd733a9c84d80d20d173496617e8dde6fca19e8a430517349ed5 |
| SHA512 | 360a175c5e72ff8d2a01ee4e0f365237bbd725b695139ea54afc905e9e57686c5db8864b5abf31373a9cb475adcbdb3db292daf0a53c6eb643a5d61b868ad39b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 8a2f19a330d46083231ef031eb5a3749 |
| SHA1 | 81114f2e7bf2e9b13e177f5159129c3303571938 |
| SHA256 | 2cc83bc391587b7fe5ddd387506c3f51840b806f547d203ccd90487753b782f1 |
| SHA512 | 635828e7b6044eeede08e3d2bb2e68bc0dbbe9e14691a9fb6e2bc9a2ac96526d8b39c8e22918ff2d944fb07b2531077f8febd43028be8213aa2fad858b6ee116 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\flowers\wallpaper.json
| MD5 | 4938bc67f6e2d6e8faeb7ba9ca8dbc69 |
| SHA1 | 7600cfbe9d5e6be6a12642670107857abe36e383 |
| SHA256 | 3bdb98cfc0379426a56ac7813f4bdd4787bea9ee8a65b7914e62226e584ac977 |
| SHA512 | 27b680deb837cf7831c2d865f210fa1321fe5a2ee885be1dc058916ae0fa0e6fcf9c9f9de4ee86806dd3ab271c47f79ab621741664b8bdce7be117ff52ef6c85 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\meadow\wallpaper.json
| MD5 | f3673bcc0e12e88f500ed9a94b61c88c |
| SHA1 | e96e2b2b5c9de451d76742f04cc8a74b5d9a11c0 |
| SHA256 | c6581e9f59646e0a51a3194798ec994c7c5c99f28897108838aaf4a4e2bda04a |
| SHA512 | 83fb3fe4a3562449a53c13d1c38d5fe9ef1fa55c3006f59b65eace9a6ad4963e768088bc500dbe5266b5979c6ace77874ef11a15a7bd9fabae00ff137e70ecb5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | 2b65eb8cc132df37c4e673ff119fb520 |
| SHA1 | a59f9abf3db2880593962a3064e61660944fa2de |
| SHA256 | ebe9cadad41bd573f4b5d20e3e251410300b1695dfdf8b1f1f1276d0f0f8fa6d |
| SHA512 | c85fe6895453d0c38a1b393307b52d828bad8fa60d1d65bb83ffa3c5e17b71aa13cab60955489198503839ce5a4a6c1bb353752ab107f5e5b97908116c987e52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_dark\neuro_dark_static.jpg
| MD5 | e6f09f71de38ed2262fd859445c97c21 |
| SHA1 | 486d44dae3e9623273c6aca5777891c2b977406f |
| SHA256 | a274d201df6c2e612b7fa5622327fd1c7ad6363f69a4e5ca376081b8e1346b86 |
| SHA512 | f6060b78c02e4028ac6903b820054db784b4e63c255bfbdc2c0db0d5a6abc17ff0cb50c82e589746491e8a0ea34fd076628bbcf0e75fa98b4647335417f6c1b7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_dark\neuro_dark_preview.jpg
| MD5 | 29c69a5650cab81375e6a64e3197a1ea |
| SHA1 | 5a9d17bd18180ef9145e2f7d4b9a2188262417d1 |
| SHA256 | 462614d8d683691842bdfb437f50bfdea3c8e05ad0d5dac05b1012462d8b4f66 |
| SHA512 | 6d287be30edcb553657e68aef0abc7932dc636306afed3d24354f054382852f0064c96bebb7ae12315e84aab1f0fd176672f07b0a6b8901f60141b1042b8d0be |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_light\neuro_light_static.jpg
| MD5 | 9c71dbde6af8a753ba1d0d238b2b9185 |
| SHA1 | 4d3491fa6b0e26b1924b3c49090f03bdb225d915 |
| SHA256 | 111f666d5d5c3ffbcb774403df5267d2fd816bdf197212af3ac7981c54721d2e |
| SHA512 | 9529a573013038614cd016a885af09a5a06f4d201205258a87a5008676746c4082d1c4a52341d73f7c32c47135763de6d8f86760a3d904336f4661e65934077e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\neuro_light\neuro_light_preview.jpg
| MD5 | d72d6a270b910e1e983aa29609a18a21 |
| SHA1 | f1f8c4a01d0125fea1030e0cf3366e99a3868184 |
| SHA256 | 031f129cb5bab4909e156202f195a95fa571949faa33e64fe5ff7a6f3ee3c6b3 |
| SHA512 | 96151c80aac20dbad5021386e23132b5c91159355b49b0235a82ca7d3f75312cfea9a2158479ebc99878728598b7316b413b517b681486105538bbeb7490b9c2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\peak\wallpaper.json
| MD5 | f0ac84f70f003c4e4aff7cccb902e7c6 |
| SHA1 | 2d3267ff12a1a823664203ed766d0a833f25ad93 |
| SHA256 | e491962b42c3f97649afec56ad4ea78fd49845ceb15f36edddd08d9e43698658 |
| SHA512 | 75e048c1d1db6618ead9b1285846922c16a46ee138a511e21235342a5a6452c467b906578bdd4a56e7b9e0a26535df6fb6319ae1cae238055887b48963fa6ed6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 5f18d6878646091047fec1e62c4708b7 |
| SHA1 | 3f906f68b22a291a3b9f7528517d664a65c85cda |
| SHA256 | bcfea0bebf30ee9744821a61fcce6df0222c1a266e0995b9a8cfbb9156eeeefd |
| SHA512 | 893b2077a4abaa2fe89676c89f5e428ccd2420177268159395b5568824dd3fe08bea8a8b2f828c6c9297b19e0f8e3a1b7899315c0b07f4b61fc86ce94301518b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea\wallpaper.json
| MD5 | 92e86315b9949404698d81b2c21c0c96 |
| SHA1 | 4e3fb8ecf2a5c15141bb324ada92c5c004fb5c93 |
| SHA256 | c2bb1e5d842c7e5b1b318f6eb7fe1ce24a8209661ddd5a83ab051217ca7c3f65 |
| SHA512 | 2834b1ef7bb70b2d24c4fedef87cd32c6e8f401d8ee5f3852808f6a557724ce036c31a71298cd0ed601cde4be59ec4042542351c63c4e0ac3d31419f79240956 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\stars\wallpaper.json
| MD5 | 9660de31cea1128f4e85a0131b7a2729 |
| SHA1 | a09727acb85585a1573db16fa8e056e97264362f |
| SHA256 | d1bef520c71c7222956d25335e3ba2ea367d19e6c821fb96c8112e5871576294 |
| SHA512 | 4cb80766c8e3c77dfb5ca7af515939e745280aa695eca36e1f0a83fb795b2b3ef406472f990a82c727cea42d1b4ef44a0d34a7f4f23e362f2992dbff2527798b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\web\wallpaper.json
| MD5 | e4bd3916c45272db9b4a67a61c10b7c0 |
| SHA1 | 8bafa0f39ace9da47c59b705de0edb5bca56730c |
| SHA256 | 7fdddc908bd2f95411dcc4781b615d5da3b5ab68e8e5a0e2b3d2d25d713f0e01 |
| SHA512 | 4045e262a0808225c37711b361837070d0aeb5d65a32b5d514cc6f3c86962ba68f7d108bf4d81aa3bf645789d0753029a72c1ce34688a6d7af15f3e854c73f07 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_UA_
| MD5 | 1af7c65a09f5b23c8919656a631580db |
| SHA1 | c9dca1523cc25f50bdd8d5ce2d354abb40cf6e5c |
| SHA256 | 71f09d4dc7592990580ad74d2f5262c29f98f72e11319daccdbcd1f095cec3f0 |
| SHA512 | f39f7490857186663577af939c802757ba35a8b15fd0d7acc9786779f5cd2e179dc41d5b89695abaeaf1b6acc9d20b5754e6201f2ffe55c393e8fedb3ac24eb6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_TR_
| MD5 | 9aac83dab47ce1228e8819cdcf1cceb4 |
| SHA1 | c3d60af194dc7be089ea62750ecedbb6e5fa16fe |
| SHA256 | 199b7586e0d25718342e3657eedbe81d20968759af4a8a63b04eb9ac6ee56d5f |
| SHA512 | 3cf47d3c13c752222a34a94896c005db96927c2d5d4c132655bd7a84bfb9607a0feeccefbfae8e98467cd8642c31d843bba4c6293007ef071d91e7dcfc8bf1b3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_RU_
| MD5 | fbd7c40aa538b758a4588a07e88ac57c |
| SHA1 | af30b54822bbd0674cb1ea9a51be19b7a78d43b4 |
| SHA256 | 4ff2f383821f2e77878e4e624aadda8d4fc942e54803c69747da41c9988919c8 |
| SHA512 | bb183fe4b7f197bcf1ef72b5095cf41065f288c1426b006a6b99873969592825b623eeec51642a98fa783f6d7817766747a3f1209c8344559d21614f12c58448 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_PT_
| MD5 | 0dde45f225a4290e59bfb55c80d4a51c |
| SHA1 | 3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e |
| SHA256 | 8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40 |
| SHA512 | d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_KZ_
| MD5 | 7a9698fd54deaf12679dfa246adf5b60 |
| SHA1 | e824691b404a9aafe617c9c88e2063aaa08794bb |
| SHA256 | 8ff43d0de20a9e37107bd6428d6ac41843fe4f8261b00b8cea5792b72e365122 |
| SHA512 | 805d72d8ade2e2018e7dba83bfdc292b3cdc4dff9746e717d74f5955466e55f67f8d03076bf1a6c5f8be37e77f8aaf855044b8b28a0e7f39580dad009fea4e8c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_JP_
| MD5 | eb6d55790b6164b73e275c2401ad0550 |
| SHA1 | 5c47d0c866925eb05a4b59986921ed60f8a612c4 |
| SHA256 | 61f5b2ef85394c0034cfb05b650d7f4d9d79ffa87f2f6448566929f27a11411f |
| SHA512 | 0d4915979764f168b320e5152adfc18b186c5c966a3d42ba02c81bd5041386e08a89c818aa79d1c76304a3c9a3971982d5c97fc0493f19c1f283a64317acf9f3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_IT_
| MD5 | da963f528183e2c335b3523c5b5e667f |
| SHA1 | 1b63bc824508cc978916ad6ace199d8058ef53dc |
| SHA256 | bdc01e40b4ac8d262d616d31bef7d8bd2784c918ec9ea76e2be929bfb554585e |
| SHA512 | 8e1dca38a869a00bf7eb86b4173850631b1085068da2b49a184ef68029e03b8fe1906d8d0df2f6a5457905570b6dad57191a8175d6581a50092d531bda672e73 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_ID_
| MD5 | 2271cc49e222c5fd558572fe9d7808b0 |
| SHA1 | 6dbcf76e96e67434b8b9f294a61d1185afd9cbba |
| SHA256 | 8a4d261a6344c0eca555038eab21dd54d68c3cfbbe6eb11e7792c33f12537d03 |
| SHA512 | f3c5b9480dda3b8d7d7c36e5b2d4084c776ddd92d3a1e8086b9bb447486060ba07fb3d7ad9c8a15421d19b82b4e61f60057e94da726e5c8a7362438fa8b1961d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_GB_
| MD5 | efda29551136fcc4de2ab4092ff02e21 |
| SHA1 | a911fb873c1221efd99e9ca330435788aea01a75 |
| SHA256 | c491c7db179d23b53ec7f378f280d971d7b96d738187c1377fed5bc8c89a652c |
| SHA512 | e650b8b567dc658720cf74d8eb5cb6d51b4685f208232b9510a6b8739f8caa7f1d5e5e7b20a98b0b856ee56dce86cdae3eb7cf1b83974cb473011253a0af5c25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_ES_
| MD5 | 1c5d71e5a413ad550a08fe785f11d94c |
| SHA1 | 6c90db1ac6f5aa58202ee350f4e53ae3971be2bb |
| SHA256 | e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643 |
| SHA512 | 5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_DE_
| MD5 | 4757da1b4ddb8085be308d987b150a35 |
| SHA1 | ce3492d4efa7f87e29c6b53aa7e3ac6d9ee95152 |
| SHA256 | 9133f9eca9355387159ecfecc7158796305713c4046445d601eb5ded5fc0d3c3 |
| SHA512 | 025d1e09494ac470f0cdefea6136d928d47f5f795f105603b43f37e43884e2c73da15757dc24f6793760bcc11501a2a4b3832a31f213c6751da20fc866ce9d72 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_CN_
| MD5 | f2826b7f3232265257d6efad0c443d21 |
| SHA1 | 9da0d12745e199ac3f30f92c672b4dc97f35c75c |
| SHA256 | cfb1791b0a72d00fde5675da5c041fc2de53123b5f5b2b2129237404eb8ba482 |
| SHA512 | 4a8ac9dda75df8016e9b367b5d76afbab7f4f7f6fdcfe7f36d6273b7709fb992c377d21954a3665c234f84f640342b90161965e5dd09942ff8fbeaa8cccf7b8d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_CA_
| MD5 | f8495a109372348b2f3aa8fd41fac4f7 |
| SHA1 | 77c42c500e5a0889ad83d7693c6988b091a45012 |
| SHA256 | 3b5a77e2a5d9bd96d68ae95981d82aab133fca44110622fcf5ee7e12dd667ebd |
| SHA512 | 19126463e599d7a41a7b1815ca8176a7aac922ef39807c262ae15671bb49c0244e884094b361a20554c08e0aae028155d6608f080fd0d72ee12d36185ea203a2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo_BR_
| MD5 | 6a8fa7f8a6893d052627cd428d1e3237 |
| SHA1 | 81422d8c739a136967a6bf77167bda1afee1280c |
| SHA256 | 71e8cdfe763f3479b399ffdb8dacd136e118c52b9d980e75e97a41e592cd258c |
| SHA512 | 86bf094a4b2d7d13ac1d9d872458ca88cadca6744a638173e0425f4eba5ff624343de2c9b9ef38502174847e0b4f00ce768c7fafdf8e7f8a9ad1d1c2fb308d42 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo
| MD5 | b8aca2f09f3c9ecbd1c848007c3fd8b6 |
| SHA1 | e81fc8e2512026f9df9a661529a1e7a9ce0b2ba3 |
| SHA256 | a3b688dbadf99ba57652809adf074bb6e441895d0035983fae33912128fdb7cc |
| SHA512 | df4eae94ee9eee02ce2fb7ced9968d9f644369638ec1ff392a15a28c89e4ec112aef966260be4072681f87145eee1460db1ced15b61798e3955c10eed3454a38 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\brand_config
| MD5 | 61facde1de4ca1ed571f9edf5f09af09 |
| SHA1 | 8b0371af8d36a883b2c2af320d3fb0f34dc9dff3 |
| SHA256 | 0fc8a43e353d856891874f3a8b253d7cd0642643a9836d2ae61361815a3ee2f6 |
| SHA512 | 5034579d7d743d0f18e4d15fd0914d773ac16b52933ce46a484a204b69430426fe94ff399977cb56421b03426ddba85d3d51db5bcedf88f3b030149cf0c8eb05 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 2dd3329aeb8d221919af26866a7bd393 |
| SHA1 | e4229cf0f0dd82a56c6d2036d70e849a9074dbc6 |
| SHA256 | 096ac02d3fd7566c6821614a49e514ec6be4ce0e7da412358476eb3e5828aea8 |
| SHA512 | ff90252a940cb50c364d13c73572d114e74388013a1e902fe4b0ad60a03d72719b8468a7d039166a310ba9cb28bd131052770ac2612eca1bf92c5b706c44c3b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D
| MD5 | da850a7c75e86b528100bff9fe05116e |
| SHA1 | 3bcd22303164c156ba432cd80c5112b42bd6d91e |
| SHA256 | 1b28a81f5ced37ba96506e504dd7ddaff136a9e3f24fa00fa48d258979615616 |
| SHA512 | 3de1f992b18bc69b20d94d4ad04c3849ff251cead324f8093f61105e9c35f70d836a8b29034fa975f8777516d79e72baef33ff6e96ad5f8a49d6cd290831e07f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D
| MD5 | 57a825f3fd508dfdc14a806ab7c0ee17 |
| SHA1 | d580f06850122ec40f9db1e781bef7d9bd70706b |
| SHA256 | d47a438d5faeca62a46e5fdd23722c3e92278d34d09df053b1bd58f056b18701 |
| SHA512 | e6923cac2d192ec169b21ed278d6d64faae7c9b38af0a3351d3ae3ba1ca23bea079876d5f763f2b1e2a186e8be9d2dd77d0d2458fef56cf979ec19f0ba523520 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | d5723ae38007fec88dba8ca8851dc84d |
| SHA1 | 9964a2a170aacd6263783dffefa204e25372b5df |
| SHA256 | 8829b56d8d82cc784f849fcbe3d2f4fde45e6c387de70f0eea52b599d4259c7b |
| SHA512 | 78cf89138307926c9926308a798f57306af78f5177be40890a86e47c08bf18ea4dbb32e1d59d53d29e20a752fa0e1297c97f0390bfbc94fe49fa25c21fbdd316 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7
| MD5 | e46d86d829d835a9ac58fba6d3359e2e |
| SHA1 | 74148116e1b645a81a9c46985e9e716aa9d72de1 |
| SHA256 | 5827b33fd4727e484f34e524a76d7a88211f330c2c5057e3ef439245844efaff |
| SHA512 | 3c306c31bacdb825372be1c30b8e9e7d6f0df29c1c161469686a81c2eda9f500ee0730ace16e194a9c3b4ab9e5918fb04557e44cddc3d5f21328ac9f92bcdc9b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | e65f3511102f4f4a359a4a52f380ca50 |
| SHA1 | 9d5d952d15e7c6fdbd5e35d03b80f299ed293e61 |
| SHA256 | 20d0c4b098764a1f1de95591e54c80f2d88fc383fac76ac43161a636edb14474 |
| SHA512 | 8e5679902c558fac58f2794ec8ac94df6d58c7bb091897db4e5513da714d0abb5e9d174b39a5cc08f6ee95d00749cdac9e3210ab7c1b791c7395496091fdd104 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | 78ba90fbc7f62d292492ac2b6df8343c |
| SHA1 | d5082cde561482b21f3549720d1392e47d5a8fb3 |
| SHA256 | 2d9af114975e72f299dfd2b428eb2072421b3a773f551ca95f869e9e40b6646a |
| SHA512 | 9a0251dcca85c44790c9c0a394a5d725a68b1ba4e78bc8f0cecc1749e2e419613dba59190a92e8fcd5d8f4f254db3f48bac41592bb13ce1ed65ca21b33555d63 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json
| MD5 | b4b2ac5a6b0d4d5dbc5de488fa6e855a |
| SHA1 | 3c039e6b3788f838e15970935c6fc7bb30194256 |
| SHA256 | d49f23bdda369efe511142892444c202ceb93e3a1693aead9c4412316c8ed839 |
| SHA512 | 21e0f2d159ba48647c6af32269b40748abf966ac395e48e05441ffe0e45e94ab5d14e0391e9be0a3e0650deef4e180b44cc586684528db48c2ae96e718f3ec0c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 61520f34cde4db140359171d1e2c740a |
| SHA1 | 650669b99811df22f700d5133d8be0967bf877b1 |
| SHA256 | 27e7a8bface34cf68cad47b990b34ad00a4f4e6cdd19b57e1dff46776565f8b8 |
| SHA512 | 0f399685a869c238b90ba00da664d96f0222c14169a102bb4242c941216c965523ab029f15020d4b6d8bbd2a1a8f24d25e8cbee31b2534dc204e74228d54a00f |
memory/4284-1188-0x00007FFD6C990000-0x00007FFD6C991000-memory.dmp
memory/4284-1187-0x00007FFD6CC20000-0x00007FFD6CC21000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe589093.TMP
| MD5 | 387a4bad2b0d1e491f4455b7817ff5a5 |
| SHA1 | 0ab9631766bd843d651be31cbb5fcea3ee6eaa05 |
| SHA256 | 3747a7815076008f814d2b91c1e2be48e42b73655ae9122fbd80aad04ddf7586 |
| SHA512 | 887a724d3932db46e3aa8214c9436779e1325fede96a33e7dbd5597d4250ac08d93766eb094f81e89198fd623c9f7cf9d930dffdb2ebd8d0eb2abede320e3232 |
memory/1548-1124-0x00007FFD6CE20000-0x00007FFD6CE21000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | abb795b0ea8239b32e61f3477df70e59 |
| SHA1 | a429cbaa7af41262ebcfa05ffdbea3410b93a459 |
| SHA256 | cf2db8df4bbe09eab945f5d31e04b238629588ddae0c418a342040a4016d1671 |
| SHA512 | 9cf329a4f69264d2b13804baa63950a30c5c4318dc8eb6c177f06b24d14fa4818fea8925e9b763855c18fabf6a15ad27da722043d95660a56d4cffbd2de8cf99 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | cfca03b59352700904e202d238b94bac |
| SHA1 | 3a032058f67ed23d2cb8ddd0ca68397495200aec |
| SHA256 | 24e56fbed8e78385460e62b3bc2f19640aed4dc7223322ef1bcdb2b132d815f7 |
| SHA512 | 4babbd6dada903188b9c15e32f1118a1afe64014416dc9f5a4fb5217392e46ac3fc842f35877811ac3a3a0c5f4194ea2f327ed8023f405513ee211e74740773b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\27feffb0-3aa3-4447-91f4-d2007b8735a5.tmp
| MD5 | 54497ce2271deb0e673ec048b44da343 |
| SHA1 | 5f886314234b7aa6a4da5efc937a9d63ed007727 |
| SHA256 | 3dcf052bb8050fa32f28873bb665f63f457799cb9a92549fb2dbea94014f929b |
| SHA512 | d0d77d763b1b12c1b9d7a9a3f2aee4640ed5fb10d828b7c3c2cb051504c2b7b6438309124b934b346a4152c0aca009883d6bda42dc997188b8ca2736ac3419c9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | 5e7b33b28fc2eb37c9affab1068d20e4 |
| SHA1 | d111ddb4c330f639d417273073a7746fdc13d7c5 |
| SHA256 | a0bda81c6e3f9b2057aa93de8d329801400345b0b3093226acbcbd3c0ee9f5cc |
| SHA512 | 9c0affb6d5294707d58025d8ac5cc041d8868a87fbfdc2668c4698afafe84f0a82bdd221b3e2b0dcfe69531008795ff290065ea44b912cb141ba2ec5f243b8c7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe5893de.TMP
| MD5 | 38576e4ad016342c9e4fa37f015cf015 |
| SHA1 | 293f5199224f02e00f1ee073f8942868364f6935 |
| SHA256 | 6d717a7712b43446ab906b795c49d62d5ba93b35c694a4f9c1449b15a25a4f84 |
| SHA512 | 922e0b15e4165081f1d6c88f75b854be77bc1105c4e561c5da58fb23ace1db733b68f7a3e6367d545591ef07ab152b64d23cc669b4083925efea4a40848396f4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | 7ed3a466af0d7ebac42dc23139c5a213 |
| SHA1 | bf254df8a42598184bda5fe8cb77baa19c062ea0 |
| SHA256 | 437f47f7435db143ac3110b12279d9aa5a36efc689a8dabc39ea1a8c38fdaeea |
| SHA512 | f943b1c2768e006d583d744e8b562b5bbf83b633db83fd2868b2458d065bc6a9fdf15a2eba4bc9333fef20da6a0481933c4ea74e2d6fe8608fb026792731e3d7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe589853.TMP
| MD5 | 4191f01e0cc33ec1900863c0ef3a56d9 |
| SHA1 | 1959b76740c2342f6f5ccc71be3a7884e7b754e8 |
| SHA256 | ac456e2efdf22b6632b1c6ceb2777bc70fea8be0271fe064813a7d8837bbb335 |
| SHA512 | 984b0ad36322f7148bb413e827057216a1220dd98c83e7f643c3c384a6b7909cbe4f0b3707060cbb461ead62232d0d6d1dbfb1c601e3eece7b1fa4586b0bf223 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab0d4d2459b7f23cc98251e4318a18ca |
| SHA1 | 7dd967a2259aa2aed9f1d7697f42e8152e6cf51b |
| SHA256 | b160d385e13964c82f39aa76e736867ff027ea5b1889268987b0454c969b2f35 |
| SHA512 | 389e57f99cf0ef8c9bf046481b4f87a87e929b2fad5da5289f7b03b9d066152538d913b1cfe5d6b5bddd23f9c7b52dd57eedffd414fabda38b02471934c77a47 |
memory/6600-1675-0x0000013BA8940000-0x0000013BA8970000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | ff6c2db624d83c93f0d1296a875ac389 |
| SHA1 | 6336c92b7dbdd252638888f6e4cc8fdaca51804e |
| SHA256 | 43a69fd354c92e58454533e84f9ea7cf97286db0e8121e7a32c52339c2da1b4c |
| SHA512 | b07de8ebfdba81fb851520dcef9953034752429e7f0eec27fb66bf7d867ba633bd55d7fb3ed812761a7c3d766a0956ccc57dc2ec03779ebc19137f17e44f11aa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt~RFe589e7d.TMP
| MD5 | d7e86fece6d77ca98f915e14eee02e27 |
| SHA1 | a15ee8ddd6060cee3e5928493326f0cd98b06879 |
| SHA256 | 86bc408b8965350d3b13bba888885801f963246ad6b49139aab8a3ba0d102a03 |
| SHA512 | a2e5aba1e79c6e6a9c03f7270c552d7966915b8a33e5c40c8d5084eeb73fa30966df5eb9ff0f82dd785c19614aab28dc524a034bb182c0ac1e6e1f6ade300dc8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | cc034b5bec35442004ec6107f106350c |
| SHA1 | f4547f067528a0fe36f28004ef82b252e80f4c41 |
| SHA256 | 3e980dd60170fbe2b667de8699bacc5863cbb5e853344c60d38fe147df7ec5a2 |
| SHA512 | be04cef3547a932b3507ee1956eccb93189c658567a401721c716590dbc5c006d0bfd7215ca7f087e768668a5b475194a3fda3d2e670ded4490fe6cad359480b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ea844459fcea765dfb5dc82917f62dec |
| SHA1 | 000ac8fb28c720e11d302e7c8c03582a41fe7592 |
| SHA256 | f179685e7ff6aa540d7da3f38cd32c8de78f444d229d27a5e3e7883010beb032 |
| SHA512 | 2c5a058721a5afdc41801941bda41b711defc2996e99df33b5ae972a6772482a8b6972ad32149533199acfe0fac61bae76c888e65577f6a6be0136552df9ede8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 36962e04ce61d401bd7949dd837e0045 |
| SHA1 | ef3aabeb65139ccf6aa95d9621cb196b2573d803 |
| SHA256 | 3a2708cc0a7cdff659463a8cea2473512e86424ef1dc4df821a927420369e47d |
| SHA512 | 975cc852432d8624958fc3cbf7aed063ef975d2ab731e50c09bd9c4b9981950ee7c165eccd49706e6dd0cad3fb1dc923f65b4b03aa65bc76cf344d77f5018623 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58a6ab.TMP
| MD5 | b5d12e54964ba0216e60d443eb48d05b |
| SHA1 | 18caef612a1b6808b86bc27a34e24e80a1bbd686 |
| SHA256 | 10453cf8e1f8cd4d9ef0e4cb662229015593e8f2a24738aac81a425e35304a28 |
| SHA512 | 968f5de15c7ab3beb858c71b8decb57277a105ed333a00a07aaabf7244fecff2897683f1a849f7723402613809d81df30ebdb843c98547144e61a6cef2a76e59 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 4e6ae90f21a7a5de4207644009c58a76 |
| SHA1 | 2a0d269e322684dae8380eb9e512b3b81114d3b0 |
| SHA256 | 6ea7b57e5269ec8d9156c94b0ff351d670244d6d444972fc072e00d1146dc05d |
| SHA512 | 249a5abe7b63c7cf99e4804952c0a9596140a131a6e061919e63b8236967454ecdcc1fd00061e2bbcbd431b426237a39ca4b43f5f30442f9c8ded1d9d548b93a |
memory/5612-1933-0x000002D9D3CB0000-0x000002D9D3CE0000-memory.dmp
memory/1568-1948-0x0000022BF46F0000-0x0000022BF4720000-memory.dmp
memory/5568-1949-0x00000168D46E0000-0x00000168D4710000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f62d71fa8e04e0f133d53eec768598f5 |
| SHA1 | 65b78fc89f8e4abbb595a96f59aa5e27ec26d186 |
| SHA256 | ec686b9e2efb022bf6c96f666adfd988daf8f1d5977be36019f8422391dd0b38 |
| SHA512 | 2923f6afc336d63259da32581f801ca6c06b0fcaf4f6bffd68f047c0bdbd1acdd5329e728dc61dffec2343e50396c4cf0f07ab8f2f3d41ca18c99d4c53ede641 |
memory/964-1977-0x000002604ABE0000-0x000002604AC10000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | abf60f53149e6c645e61855cf3f1623f |
| SHA1 | d8466e67759b599fe631a6b8b8156b7267cd0fbd |
| SHA256 | c1956617899a922e09b74ead80985dc8728901dfe6ff94cb03b977928dd4afb3 |
| SHA512 | 1c7b737159784db8c0f4db7f5d952a8b65a163302b81dad832c32eacfb04d5582bde21b9aaa77fba20134791bfb0c4341428e6265b4ccccdc395daf67e5d8856 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58e1df.TMP
| MD5 | d3a79d796b6351f20826cea4c652f218 |
| SHA1 | 50f1be4663f76fa9de1da9483c42db932961925b |
| SHA256 | 2a263b9118b5ab808bedfb625ef1ccd784039b398053aac0bd26ede99717e810 |
| SHA512 | 9c51d5271ebc48257858ddac1e59487f469e47029f66ff2314077b01175176bec5c65f478120ffea9640a092858be3549577b75ae0e3293c183062ee133fdd55 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58eb94.TMP
| MD5 | edfa259d6fb5ac2e01540e095d429e72 |
| SHA1 | 1a7707aa8c146fb43d4f85710160e83a8936c450 |
| SHA256 | ebc72f0b8410d2d0679637203dd7dda03c7a602722d84171aac09fad8a853a59 |
| SHA512 | b25c5b6d18c97455e9347f32a29d4e8a4560e99eaebf6b3c24420e4e12ce13449354e3ef0c0b1ac29aba4a5010d02637349e2bf1e88a2ade67399aefcc5b2517 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 2ef9fa3c09c6290023265cdd04177f5e |
| SHA1 | 40098e60571d0f5b7bd2e1f07e5f9240322264e4 |
| SHA256 | 39a4414229e260f35c9e9b05f7618c5ecb631b7e6e7bcfdd58f24314559332c1 |
| SHA512 | 7f7a2df7b0e7e0ad19b25e87701d3fb54e0d81529433f052025fa156c4a90ac9b06b64d7a24e8a4a5bed164eccd157b0fe2f8089d57ad1a97e29910eabc3c46e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\9e5aaaab-cf7e-45df-8d53-c35697897fd0\index-dir\the-real-index
| MD5 | a611900714f65bda0c45b41f6f4f79d0 |
| SHA1 | 5bdc1986e09d6789f84771c281cd2edc4805f22b |
| SHA256 | ae6a5de7593aba6859b4c388f427f28756be303a744bc4f79367efa60011070e |
| SHA512 | f0b373eada0644097887f4ad9b4210022561f2347aad9ef22381ee7546f50612a53a82478562c6680d3a7eb11ea2e22e63f9c3d33525a8d00f8d6502cf0e7d14 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\9e5aaaab-cf7e-45df-8d53-c35697897fd0\index-dir\the-real-index
| MD5 | 4d3a9741cba78ee7f47d9c69d92206bd |
| SHA1 | 89b395134dcc2dcac45e67d0db7da7b25720f5ec |
| SHA256 | 7d2c0a65d55657dfe812dfacbbe9e911c44c896a83f80421f7e43ac72e256f2c |
| SHA512 | e6a36e47df07a5a3643918216960252c944b183162ac6717ee07f339dbeed00fe13e53bb44e08f74231282519b736e05370f42832a1fc7f48d74fd4ef24a6010 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\157be58d-9263-41f9-9f6d-db4c5e443a82\index-dir\the-real-index~RFe58ee33.TMP
| MD5 | 6daa4b186feb0b90d7e6730a1ce17d6a |
| SHA1 | 9c38bb03582df8e900550825aa3d368e8adad1c7 |
| SHA256 | e22a4ebf8b9b86f38306a4922b7a7f899ac99a7dfa788761f3a980b4fc79e1af |
| SHA512 | 80dc0c1121d0a00831bd3b9ddbeaf2215965b8d90b60f3280cc4e6be0ba6767c8888fbc1b18c4a81b1643cdf03ce1cc87364ebedf21e6c997e674a9f594efd8c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\157be58d-9263-41f9-9f6d-db4c5e443a82\index-dir\the-real-index
| MD5 | 723e9c4efa7a35cf8c7e3b078376a56f |
| SHA1 | 32231133e314c68d6e3fb967c960ad6d6678ee7d |
| SHA256 | 9e69510f11e7fa3ed8c6ceeae269eee00304467408f04eedf050d78a27e1d38f |
| SHA512 | 4d1fd51e951f771fba81f1ba6cc4b2870b620418c9ce57bdc0296fb13deb7ed18521bb13d2ad36df837dade38049c39d76554c81a4eab64411344487819fedd9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\afb70823-11a7-4f75-ae45-dfa9fa51497c\index-dir\the-real-index~RFe58f076.TMP
| MD5 | 8642cfdb76430881ffe1015bb210571f |
| SHA1 | 1551f2c4a382c46fb56687cbd4f4077b4887d97a |
| SHA256 | a1b2d1c0c20fbb15ebcbdb347314461de3f45b0c0ec52c0a863ac3096cd37223 |
| SHA512 | 89c834b8a9715eef08c51fe0cedcf1516f82eec4eb641a9046aedbe62899e0d84ca8da57b703681d0ac0dc7b82856983243d58eca1ffa0e1ababd7d3fff51cd4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\afb70823-11a7-4f75-ae45-dfa9fa51497c\index-dir\the-real-index
| MD5 | 8abba74e953c2699a92e5cb767f2bb4c |
| SHA1 | 4e768c2ca945cd4f246c7cd24fff03cdfa27cac5 |
| SHA256 | a23745a55f310fd185c7c22285f95c497e37e4605f96c4a1ea2a062807ce6c33 |
| SHA512 | eccf212ddeb2fa39e4d4f96ef6d053d14f4eab09d731c821890ec691674f0b292c0c8da8761a8dc5173ddd83333c88935633f9f43a597e8ddc6790417c5be0aa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\a401a5c3e5a6e316d830c597aeb6f7a2ff00e988\index.txt
| MD5 | d9ca6c8abb2c14d5298878c96c8308dc |
| SHA1 | 97bc51d13cb051fddbb9cf3b5c261c42d0993536 |
| SHA256 | 3558a4c5b2e586f9875deca0baf564db96d8615daeea54bc2e7eb18f1542a9ad |
| SHA512 | 1b0341d4db08ad97250d42abd6574ac09094e620cbf1e9b8d81e9e9e18ea4cfa8dea9848951fdb50e83144c2554f04e59127ccb17c794ec37e7e3fd174362316 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | a36e96adff8988fec938729383d2b345 |
| SHA1 | 3a1018291557e989a6c98acd9df3e182fe30af23 |
| SHA256 | f416d8f4db49c0c2fb3e3fd354678252b72f09f89b5976dd13700b4053392398 |
| SHA512 | 0fba88494436c6c9db92b937fe5c3902aaafa79a95b2db8cf3a8d7983b783573563d702f96e50705049c1bf892e765d066db4b945ab117108bc12adfe9931f5d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | ad6a41f7cb3beb8a127e1dba63391bd4 |
| SHA1 | b47c6d1ed90a5bdcf9545bb9555028625aab3b7e |
| SHA256 | 5ce48e25861273e9cfdadf87d08c0e15b20a169696a8bc49265c1d5751b34de7 |
| SHA512 | 8c5a6bebfc6b74e300bc7cb4f7b295fad1ae8967138f3b05715859dd47e33eca03aa991eb05f4a8b767e805b98a044ac33548d8636891a1a3380609bf27521ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity~RFe58f836.TMP
| MD5 | e80a8724203614b6dca556991ce9b4c3 |
| SHA1 | a687b48bc787cda695538b4b84f6c9fa78860781 |
| SHA256 | 1a4c5204d124ca3b180753fe5e3b3c5950b6fc7d6830b7e73fdacb2b9887749b |
| SHA512 | 617600f7ee1f2125e3806aac309c1ee40de053c11f3e845d0ae771afbd29e286c958a4b247b68222814568e87a690c86e8d1f3da2117a701516e540f883a5dcf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\f72255ad-cdd3-4a95-b9d3-00001858609c\index-dir\the-real-index~RFe590267.TMP
| MD5 | 947ee9066093edb33e16445170412bf0 |
| SHA1 | ea02a83cbc7fa031f4187e9a02e9507db9b46c1b |
| SHA256 | 03b29f5cad26393cf35d2435372d32bd8e74184d2e67ede5047b9d983c81a1a0 |
| SHA512 | 9ef5bc3c700a7e195f375fd20889e02d574e3c8f70d46fbbedb88d1da1a8ffb35a5eb361766ecd8c3aa3c2c8010369cc3a8c7c2906c59933ef7a316a9e538057 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\f72255ad-cdd3-4a95-b9d3-00001858609c\index-dir\the-real-index
| MD5 | 4b23d42e8763db192a58fef336c62a4f |
| SHA1 | 30034addb4f6811620af973624bfc49c2e50ce45 |
| SHA256 | 09d2d5ff24097f4eb48740b0c1859d68ba98a432750fd0cdca7aced372722165 |
| SHA512 | b0b012b051bcc18145f42ad15640ad8830c6fa9196c38a0b4bb360cff2ae904fbdce87c359646cbd5e41a76496836dd1d92b5e60bd5943e42686784b19695f80 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\index.txt
| MD5 | dbd44bb43d4d1c022ce960368a0291da |
| SHA1 | 241f435562d1307d5c48f57e51859ec77389e9eb |
| SHA256 | df7f19f59cf1198fa347730405e6a1d551b8b56162ddbad7e2bfee724f26a5b8 |
| SHA512 | 251ea4320b731628b42c5b0df7175af54655cf1f20603ed3c743d1badfbedfe01a7980a2cdf278f5c099094d35cb77eea35ebbef5aec452f42b948f7e97425df |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Service Worker\CacheStorage\f0a1ef1ab533153702e0a7f73b8d66e0b7e01d1d\index.txt~RFe5902a6.TMP
| MD5 | ecae1ebc22b0b5b4f868bb1a41d04c22 |
| SHA1 | 040c3d79ca1addf64ac582118643b025d3944588 |
| SHA256 | d9e90d8e2487ce7ce2a097d69c58f58a41e1982e61007473b7e6772f54121033 |
| SHA512 | 43f4dde9afdb1bae8ecdffbf02055974cd689df707b26aae1b5c1cdac7c32d31a2e02e62874c2b6bc3b2978561640f7017e5e77d0674b3c864fd786a707b0d14 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | ec8c9928ae4912c9a9d8d21997d8b718 |
| SHA1 | 8670d9f625d3fec800df34e26f49f51e007850d3 |
| SHA256 | b600613812e3186db913df7610264ac490c4d6f410c4d06c7bb2d4bb8a4dea73 |
| SHA512 | f3c1706830bd3481c6275daa898db8f610ec9f2f32fe76ea82ccbcf5fc32e4714f459ef525f80ff1d17416f49abb63ed83c3f0145b28506fadf97a5b9d13fe73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cdffbe70a8846f4eec5f6fe6eb6d8c11 |
| SHA1 | a074d519b276267c47ee8b876048bab0bb352022 |
| SHA256 | 99ac301bdae727f0bb6fea9cf5579a74aeaa8634654f4b34f388f2544b3b24c3 |
| SHA512 | ecbf75233913041d74e1c2b4fafdaae41b6b8b497a755b5c5b9ef6acd6a32435e670f328fc5bf73fcfd6f162708a36cca17ebb8b2f653b64c0c12ed3e4cc9b22 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 657c8c85188648bfa163cd09cd20d57b |
| SHA1 | cc91c47e56d66b25876cbaf01faec7340c29eb65 |
| SHA256 | 19cc6ce51e93630d26b359a3e1039fcf1948c91989c21ff1696cc74a91c413ae |
| SHA512 | 74c69afd6e8973664151041d9869501def204f3453eed1e1dc1406ae48b57d1bf4c01aaf03eb146990e9909f8a84d6b092034827fef01411fb3c793def05f8bc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 8df270683e3a1b92de51443b66c5e34e |
| SHA1 | a92bfe525e18fc8e8be6a5f8c283857063600f7c |
| SHA256 | 65b7c704d44055924c7fc3298bfb2de77d2dabc0bca89c61a0ab9cb86eb948e0 |
| SHA512 | 4643c37deb0783ac00a9d8e499bd0ea6c40b78fef81aac140740f557f2b738dcef4e2f5af13844b115a4f511d6a3c76bd25b8c0a092449804b5634ff34569543 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | bbddcbdce94e53b21cfc4c6305c0741e |
| SHA1 | e3fd0b45419701966e5eb2e4d13b06a37cbe4eb4 |
| SHA256 | 1165cafb1c65d19a533070b34478390a34cce67d233f5f8b1598ad14ab88a3a8 |
| SHA512 | 3dc0a8c651481f9eb3f96221b65db88c1e69d3378c84ac6ecb943ae8f6c3ee24ff6c9853e4ace4eb5b2695ac75775ec72fcbc5702484e864ffcc06f6a8c542e1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State
| MD5 | 174f06b02a6b46a0847445f0437dc484 |
| SHA1 | 00daea99db1cecde1075b16f6e329997c43ebd28 |
| SHA256 | 89ae32bc18bc94a44cd16adaa8eae6e0b3d9a70adde63c4add90ea2cdcdd3663 |
| SHA512 | c19010ad3b1dbcd9e88816694d20fafc2ff889c6a7be08849565f907ed2147d1a70edc74860dd7ac70bfc23042ee105c051011c47e68cbe301f24ef88bae40bf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State~RFe59abf6.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity
| MD5 | 3bc3a1d09d8667f1c49b6719946202f4 |
| SHA1 | 142f4a817de398cd9a3acfcc485f3bbe4f1350cd |
| SHA256 | ab548d403e872813c8225e1ab3b71eea4c0c5eb631fc5e83c1bc066d0a91abb4 |
| SHA512 | 56a60cea47451249af404f80065e083a855ffc40a0900d7ef6d426644c369629ab043e568fd40b3eaf755592ee17e8d7d9215856e1bcea831f6b1a9562b4476e |