Analysis Overview
SHA256
3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085
Threat Level: Likely malicious
The file 3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Reads user/profile data of web browsers
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Adds Run key to start application
Checks system information in the registry
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Unsigned PE
Enumerates physical storage devices
Browser Information Discovery
Suspicious use of SendNotifyMessage
Modifies system certificate store
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-08 13:06
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-08 13:06
Reported
2024-11-08 13:09
Platform
win7-20240903-en
Max time kernel
140s
Max time network
135s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\6EQXPH8L.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\6EQXPH8L.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\4R95TFZJ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\DMZXYO4Q.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\DMZXYO4Q.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\JCB7JVXI.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\JCB7JVXI.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\2B46AY4G.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Q1BVMMFB.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\P0N7GM42.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\P0N7GM42.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\4R95TFZJ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\2B46AY4G.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Q1BVMMFB.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2644_1155505755\temp\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2644_1155505755\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ybADBD.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir2644_1155505755\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{4AC86211-9DD2-11EF-9CB9-62CAC36041A9} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc50000000000200000000001066000000010000200000001cee9f833fe20fe3a967cb479c231e8e2f22b2253532a3ebf509a71001e3ea62000000000e8000000002000020000000d118c0c1fa2cc138dc5391563df56ba1be29c7f4dc0e6ea7491eed7652ce96fa90000000db0227d574294f131053987ba80db4492eb3a2041859d5108b453a808932e21966fa03b228adb5631c15c8aa73715a76f97f095896374073f3005a310c25b66a8a3d864d606a1eb626d88c08d1185a37a19cbd25d7a20cae6c10cdb26e330fcd3829be8aa18e489417d33aaadebd1136caafb08a2df5e0f343666990af7613eea711c8d81b6c8e7922ba9b08ea0c0e23400000001fd83f9cb744ec2d050e3980af5a96a20fa082e9766f0664d8b4afd72edd66e3e970a19fb1bc545b1c5cf7fb3c9e81c364d3dcd5e4730534878743609131211e | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "437233067" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "63" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "49" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000303eef0e2cd1a9499efdd285a56ddc5000000000020000000000106600000001000020000000734accd8ac75a4dcca86fe3c93b4b7d6fa2226ac8d6c8ddc1dda1e2934234d81000000000e80000000020000200000004778dbad95cdb10b0d030d400c6373e8d0f91ebf7170152ef08416b76660460420000000200298d8b6bedb8c30ce9525485fd3ac620d34f405f0d8ad3cfcb4d359a7119240000000d175662b9dd61d5ad03b534f687723217945032a8e53088c3bd20dd0d87b6d6329ec92c30fe9299aa7408c96385282b0c55e2109a45c328ed355ddce2a53cd55 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 40199c2bdf31db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000003000000090000000000000000000000000000000400000000000000000000000000000000000000000000000000000001000000020000000a7f0103000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-d3-6d-ba-98-b8\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3} | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3}\WpadNetworkName = "Network 3" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-d3-6d-ba-98-b8 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3}\da-d3-6d-ba-98-b8 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-d3-6d-ba-98-b8\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-d3-6d-ba-98-b8\WpadDecisionTime = d0422f2adf31db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3}\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3}\WpadDecisionTime = d0422f2adf31db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{4A506038-0EFD-4C38-8C5F-AF5F359B44E3}\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.xht | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexGIF.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.shtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTIFF.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexXML.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.css\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexEPUB.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexFB2.KXJRB5QKF5VHT22RZIEB7EPFHU\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexGIF.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.swf\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexEPUB.KXJRB5QKF5VHT22RZIEB7EPFHU\shell | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\ftp\shell\open\ddeexec | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.infected | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTXT.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexWEBP.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.png\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexJPEG.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexPDF.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.crx | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.tiff\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.gif\ = "YandexGIF.KXJRB5QKF5VHT22RZIEB7EPFHU" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexWEBP.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexFB2.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.jpg\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexJS.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexCSS.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTXT.KXJRB5QKF5VHT22RZIEB7EPFHU\shell | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexCSS.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTXT.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexJS.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexXML.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\https\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexCRX.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-104" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.crx\OpenWithProgids\YandexCRX.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.tiff\OpenWithProgids\YandexTIFF.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.js\OpenWithProgids\YandexJS.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexSWF.KXJRB5QKF5VHT22RZIEB7EPFHU\shell | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexCRX.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexXML.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\https\shell\open\ddeexec | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexPNG.KXJRB5QKF5VHT22RZIEB7EPFHU\ = "Yandex Browser PNG Document" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.xml | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.htm\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexFB2.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.jpg | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexPNG.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.fb2\OpenWithProgids\YandexFB2.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTIFF.KXJRB5QKF5VHT22RZIEB7EPFHU\ = "Yandex Browser TIFF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.jpeg | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexHTML.KXJRB5QKF5VHT22RZIEB7EPFHU\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.epub\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.tiff\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\yabrowser\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexINFE.KXJRB5QKF5VHT22RZIEB7EPFHU\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexJPEG.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexTIFF.KXJRB5QKF5VHT22RZIEB7EPFHU\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\yabrowser\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\http\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.css | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\YandexSWF.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.webp\OpenWithProgids\YandexWEBP.KXJRB5QKF5VHT22RZIEB7EPFHU | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000_CLASSES\.pdf\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe
"C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe"
C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe
"C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe" --parent-installer-process-id=1960 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\02235e4c-c3fa-4943-9622-6e46fd0f767e.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=242991200 --progress-window=393648 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\fcab78e3-2c5d-409e-9421-740a97ea2fa2.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\16d7a743-d5b3-4fdb-9fef-25d42d8870e3.tmp\" --verbose-logging"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\ybADBD.tmp
"C:\Users\Admin\AppData\Local\Temp\ybADBD.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\02235e4c-c3fa-4943-9622-6e46fd0f767e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=243116000 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242991200 --progress-window=393648 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\fcab78e3-2c5d-409e-9421-740a97ea2fa2.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\16d7a743-d5b3-4fdb-9fef-25d42d8870e3.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\02235e4c-c3fa-4943-9622-6e46fd0f767e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=243116000 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242991200 --progress-window=393648 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\fcab78e3-2c5d-409e-9421-740a97ea2fa2.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\16d7a743-d5b3-4fdb-9fef-25d42d8870e3.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\02235e4c-c3fa-4943-9622-6e46fd0f767e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=243116000 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=242991200 --progress-window=393648 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\fcab78e3-2c5d-409e-9421-740a97ea2fa2.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\16d7a743-d5b3-4fdb-9fef-25d42d8870e3.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=278996000
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2644 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x1a0,0x1a4,0x1a8,0x174,0x1ac,0xf9ed30,0xf9ed40,0xf9ed4c
C:\Windows\TEMP\scoped_dir2644_1155505755\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir2644_1155505755\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2968 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x12c,0x130,0x134,0x100,0x138,0x313560,0x313570,0x31357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=394FDD3F_55FB_4BF0_BA7C_F364364D1B05/*
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2644_1821607364\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2644_1821607364\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=393648 --ok-button-pressed-time=242991200 --install-start-time-no-uac=243116000
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=2728 --annotation=metrics_client_id=921e320498ab482e9f083fc67bedefa1 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0xe4,0xe8,0xec,0xb8,0xf0,0x70c22a08,0x70c22a18,0x70c22a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1088 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=none --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1344 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=utility --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1548 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=audio --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1960 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2212 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2336 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=service --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2368 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=none --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2704 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --lang=en-US --service-sandbox-type=none --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=2708 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,14130162386125411568,15255696731108542924,131072 --user-id=0A6DF112-3658-4C11-BA7A-A35894C3A742 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1048 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-03.cdn.yandex.net | udp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.242:443 | download.cdn.yandex.net | tcp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 8.8.8.8:53 | cachev2-ams22.cdn.yandex.net | udp |
| NL | 5.45.247.27:443 | cachev2-ams22.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.19.117.22:80 | crl.microsoft.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| US | 151.101.66.133:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 151.101.66.133:80 | crl.globalsign.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-02.cdn.yandex.net | udp |
| FI | 5.45.192.6:443 | cachev2-rad-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| RU | 213.180.193.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| RU | 213.180.193.232:443 | sba.yandex.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | e7cee302ff7ada20cc3838f749e94c8b |
| SHA1 | fddfc2d6d14195291219dd3697cd94a317e53b27 |
| SHA256 | a1a6d9605f9369fe871a50db32ccdc13d885800ff4df6a4e1666836af7fd4637 |
| SHA512 | b6e16fd8706be015029b27fc6ab67476c5ee43db88d377efbd8098b185043408fb9078f6a65ac239d75643aca0a2e62bbc6f608b0d5c653c488c6a0ebf831fe7 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | e80d439ca745c12a1e2acad8bb643943 |
| SHA1 | 9f5ac5fca980a268fdb87f892d5fd0ccc5d04191 |
| SHA256 | 4b2e822a7ae7aee8772e10b082cb8e2b0a4b154e0ebcecf1e6a7cbe49dccc493 |
| SHA512 | 99ff07823f04cff3c6da3ba945b57f06c9676783671d8d5597d119ac7651f955c858b39db46827e084c293646c747abf407aab08178bdd96fc8fe3d914301733 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | e20b812a1899c7d7a8b539e3c3bda35b |
| SHA1 | 04a711f08fba756ebf782e0e92fd919ed1c6d06c |
| SHA256 | 498dd2251958239fb5d0c5fae4844d8aa950c867ab9ff49ecb9d772fdd1013be |
| SHA512 | 40eca615b7d8cbe6829f6ae5b31020f4cba4a8d94020d6591116101bfb842422f60327ab7a58bde6e5cb15b0af7ce04afa4a653ab41889f47989c32749f50ec3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 0d12c001753e2c502e8a62f123cefe93 |
| SHA1 | 46d5278042ed4e98c67dc0214e6bc18f300c76d8 |
| SHA256 | 573d6707a37a8127fe9276c6eedf635407ff8811a83ec92d49d12ba4eb8ca695 |
| SHA512 | b003587142ddf85bbac612914fd04deda949922c2b7eb5f3b3200f399207d5550a588eec242a617ac2ef37abb288fc30f012bbd21b4a8237a901c87abb6264c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 2dc65f3f5aee5e8f20438e27eb02bed6 |
| SHA1 | 1a297cd1319de9c740fc28e62eb0058631e81d59 |
| SHA256 | 5a13e91d6d814269f7620742bc74c9f3047eda91553a2db1088ef37830eb1a8b |
| SHA512 | c8cc5b2133c0b3270dad0b664e4bfe5e722e5698affd97381b181de3664a630c23d3cb9d9cbd9aeaa0dffa470d547eff7678da1ffbc10bd5b863f3704d9a5cf0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 48cdfef8a8205110f4cef029eba54f35 |
| SHA1 | 6936407ff471ee83b1515ffa0058a5f0bbbc48d3 |
| SHA256 | ba995644294f9d053eef3b882d8948e33a33e7a1289901f9edb1ffaec4ba20ce |
| SHA512 | f6529a3bb89d323e3fe310b6c1f48cf764217bae6edae2916fd42c89887104713b4fa2e58f36345ca7e761df7f599666d63b029c9ca4babc31352eb4eb16a745 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 86664d1a4462fa42f1de0fb9bb441d5b |
| SHA1 | d0e19c04cc91345b19063a35d288d80ab6e208e1 |
| SHA256 | 999d7bc382a5363315e723d0822c42f350c18b66447ba7f6bf1bb97ec07e4ec9 |
| SHA512 | d4af96071ff7d371488f7d277d682e0c41a99024b6875b72c543db5d1036608e23bc0dd4f5eee0a536c4ee1dfcb6e6ac62ec8a92552cc6395e9e9527f33c3571 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 52b97928a8440e6d9273464c47126c7e |
| SHA1 | 51c6b6b9a44532f36c267bf405eee37da1c2c932 |
| SHA256 | ca8dc9807379cc91b4882af86ba34401c32b4b796cacc96c547ea6a3795eada1 |
| SHA512 | 62b288932bb697037abf538bf6955355dfc7950be547d0dd5dbb4b635cb0705166034334262fcf91a4729ec150bc8535d49d683c3952b4a9cd251f719bba4adf |
C:\Users\Admin\AppData\Local\Temp\CabE6F5.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PFH3AC30.txt
| MD5 | ae4ad0760df7cd604c381186ce1eb0a4 |
| SHA1 | 5c5875de8ef0875d44b4f8005cea2c185e7666bd |
| SHA256 | f5bdf187b1dface5cbb97c23c2edb8393dd5b68d90d845d1b99fce3a6936be60 |
| SHA512 | 0077d16635863d78fb2ef995f3c4480c9b0f05e6de1c49373202ccae8fa41eb47fabe54ce79fd003b6594e7c1881e4fdc13bd9ede54c212d252ba62e11cde3af |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 7602fa59f50f67e13125a90ba8005df3 |
| SHA1 | c9b8e98c869a7bc9f5e370a8af9bc303b08674d4 |
| SHA256 | bec7b6b4260b69db3a5e1d9adf8c8ec6090e6abc0a6964af2ef1279bb9fbc1a4 |
| SHA512 | 0f61865a6b511237de9cda03d88606eccfdcbf1f9909dc5ed1f0e6cc88fd6f447cae0b756987d443997e50d1f1b2b8f2a22bbed6080daf4a96ee177145193897 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | ddb6edc890083213be8cd064f4b88840 |
| SHA1 | 6cdc6d38c409d422e13482522904647e6a32d989 |
| SHA256 | 26593df0323c8ce69af6fc69459c1c65a403c47037b5181a1bba582058a827f0 |
| SHA512 | c60781da4aff76f7fa5fd1341122fc1eccc35503dde483824b142f5b73721372f0a4b7f1ce500dfe08534fc4c456bb8980049c997aeb0b4a95a8e9d128f4b38b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 4541f0b76d1f3b65c14af4b5d58a45cd |
| SHA1 | 04cd915863a51b591b916c58bb004f67be354af0 |
| SHA256 | 0f5c990354b074e4320362bbdf1655362be2ef25928459b1baac618bf2abc5f7 |
| SHA512 | fdb7cfb019d77067b349dc7481d42eed193b7c552ede6448088e087e7f7a1b499e027158962d50bbd4a0a7997e1847b82f26f679f4587edcc2b6239560bef059 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | f531867ffb3d6ae4159d5dd22adf5368 |
| SHA1 | 56ec97e945fe302335700fd80da4dc5e88721f95 |
| SHA256 | 4aed82e23de32be67ed795692978c2f6f31f59a4989fe03fdef9dc6640559f2a |
| SHA512 | 55e34c4c1bb0d4d653767991ae4f708429bec12c59cbc1de2cd829720d3a5a374347b1b55df13d625b6ad97ec4f1c034ac2c847f408d4f97d3958d5bf3d426a6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P3Q2O8F5\yandex[1].xml
| MD5 | 1d6b7088febc5a5842b287147b65a50e |
| SHA1 | 92fcc990b64e20885f3657f875daef92c50de675 |
| SHA256 | 36777cc06c20addb65f52d815e5c669d7bc3a8a07406f58df874e77489ebc989 |
| SHA512 | fc3af98aa5c6d0da2c20fc475f55847d170ae4b05eb237688621dcce0d6cc5bbbc4811b2328f48b56e20fc2a149f239dab82d7d1c3ffe31fd021669a53fe8b3a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\XIMLC16F.txt
| MD5 | f78877bfc9834a4f47d71e7f8bdab1a3 |
| SHA1 | 7c284ff66747c7043ae4b5603e17c943babb0983 |
| SHA256 | 518321f0f9fdb68a83bae3925dd737b7c05734ba7e7622966e98737db742c5ec |
| SHA512 | e6d251e5ee04bcc22f05978a6396b749d05c492f7d6d6ff4a97f2fe4aa18ce6a0f8ff965c68e028d465b0c9e8ceb292b6dd91bb1aded78b38465d98ad28a1b1f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6V88JEY\favicon[1].ico
| MD5 | 5bd286ded38badeda66e9c395b814405 |
| SHA1 | 49e2213a60c70825b9552505cb8b7334a3a29a40 |
| SHA256 | bdd8486f2d838c7d9b0e2dcfe732a52c92f63879525206c2662905a051dd31ea |
| SHA512 | 96bfc9211f0f1c1c375e49ebcfec9e85280bba64352a4936b95e15d5128e77e9b4d5ba60cbdd76f8e39ce7bf537e8c77fef218e0b24856f28fc34671fcbecd0f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\njqq61f\imagestore.dat
| MD5 | 9c3fe9818a6172a78ba6baba482d18a3 |
| SHA1 | 8459c315db35c50b23dda39e733e93b4cd368285 |
| SHA256 | c6fff1a58b025a03a2100eb6b846432a7b7cdb4b20a54d7016139b9c365468ef |
| SHA512 | cf6ddab0d43bfcc9786bfb2ee9cde34b81fe9e96e10022a76c6e4043123dbf70f802451119cae35f362c39dd0397ddbcbba7865aa921a12bc89ddb3f15019521 |
C:\Users\Admin\AppData\Local\Temp\Tar3094.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5c77e057a53b7aa4586c823c15ec7064 |
| SHA1 | 3360653678197f1c28e7f9e0f7764ff83fb1c77a |
| SHA256 | 41fdbceda3cdaf4bfc118e703237836fc5fc916651c165a6249d86d337b90a39 |
| SHA512 | 5f71c28d004d71b8fad15b2d8d2813953a94dd54556df78a73efef6f038776ae91fbfc5680afdc9b4433cc2ad17cbaab062842b3d499aab39be214d9b7024e56 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b9de6c9c32f05a341f2a043be4dc0c19 |
| SHA1 | f4fe3d84e9d366046d31feb216e2e09535c49a70 |
| SHA256 | 2bede449426300a8cdfe632a0438c3382d4b6c7af873c7d14442acf1d46daf55 |
| SHA512 | 7f5a26d23c87273dce0be3ba98719579be801d1c6c16a61ed3ec919b60880d9dd6c9e040574d732a6f9cbe8a8a265d0367f5cb9adf55450c25bb4692249357bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | 6ee4299c2a75909c2353ef30adc5727c |
| SHA1 | 755c714f284cd501d80d9fe1ed4d9fdc33cdd7f3 |
| SHA256 | a81947d518730b3f863aabc8c284ec9c5e02b00a3684e19f38fa14674fa431a9 |
| SHA512 | 26bc9dfc8183d8b8c97c5e23c350fb3d0579c1ef19ff03ed24bee47c713b8eacee7087ca50e37a44a9163868166711f3c8babea337d18977ecc09a14a3bfd811 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 58c46db128ee1bcb239fd7f7b00306bf |
| SHA1 | 58ec22579f265c4e0d4baacb07bf636d54c9112d |
| SHA256 | e3bf16ac6505c819c0478abd6a0398e6eb27fb9a888cde5564721ce622a1f0f4 |
| SHA512 | accb5e4d146847220dc020ada90c504c7bd4371d798787937e4955efef6c87ea4e4581bd11477c39e45b44dd3950e5e417328c886f11e82451aa5112da31590f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9b0673df48b1e5e89181506fa54c9748 |
| SHA1 | e0a28c2c94ea83d56113fb77448b366fe8dfe30e |
| SHA256 | 5cc1431f682785ed251b98315d6f4c900cd252bc402870335a524fcd9d28edfd |
| SHA512 | 1ced6775725104462f5293ea323818f273f386df00d2f3c7c3d1dcc1eeba0b40a37c18cb3f0193f99239e7bd4b81a16623eb8aa0cfa95ae85313cdb2fbef6017 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bf53652864bdbe8f4f3580b5022a5231 |
| SHA1 | 53afd4bf1ccc72e7325763e260782e99b6524fd6 |
| SHA256 | f1283719f90250b42040af5774cae4b33e263226eaa1381b50683b13f19dc1ac |
| SHA512 | dd5c9c1b6048e47cdfecd495f87f8afcc602747f7fd60bac4de9cdf6c7f5f75b8eb79b08d3d079c3a43f24c11c5086256ea8a8065ac20d3dfefee5573424303e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7255ba60d81394aab10163180467c54e |
| SHA1 | 1e98e64fd3a747eb01bb0815f4d119745d71af17 |
| SHA256 | 2b04d4a1bb232a7ee2189b2317f0d1d77ac36a9e4cad46273ec6b8c507940e68 |
| SHA512 | 9755fc205ee66136d2c5f51db3e9fe9a72ce92e96fd5ea4d7c62270978816f55f4780d227a64cc8ba92fe21b0d9c2f9986ecfcd63af9b21ac9814a8b46692134 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cbc27417badf6d74fd89dcfe9844c36d |
| SHA1 | 90daa12b0139b1abdbdaa12ee1b9a350b2a7e956 |
| SHA256 | 9e543a61e013c2e1a37af50677217bdc512fa2107cc89e655bd34fb4343a8a67 |
| SHA512 | 9db05146908bcd950974a132c2794f0f9c827898693886c493ee8b0ed828afa91252cc5b9a74a4ddd877f72adf4db7f6a8f3e1efe8a4705fbcfe8bf5639bb7f4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | db1284035038533138d1e515ee3598e0 |
| SHA1 | a0da14de32509f9dedcdfd13e44801ca1b7b50c8 |
| SHA256 | c46e97aa6c4bb219a11c949bbade622f6e79a2c7cff318615256a7e85217a457 |
| SHA512 | faab32778b3ea3c607d153079603828e938888b930460925a70899e089fde55a0c7e3242adc285d3fce7cd5fc9d63ca154f186f713b92610fe8e3fb4f126ec4f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 79019807f5e93a5460b90c9d70693a30 |
| SHA1 | c4f085c0d9fb199f14bea2196a555f0bce7a4a63 |
| SHA256 | d0ec69e3beeb75e585af537f6471e6df42d3a58e936ac46fead51b4efd5546db |
| SHA512 | f73a73f58e74a96c4a77e49f93def1c52841017ea17cc19e560f109f7ac2b38b3150b374316910a209e18c51d350f746cba1d5d97acdf198774c46eff350a654 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 5ca69679a9c67d2f75004931737994dd |
| SHA1 | 6b9778587611d2716cefeb1f91c33ca7dd254390 |
| SHA256 | bb9a7f06385d29c0fc5f681263a6a0abd558b5c73c44b25050588d87bc4d34a8 |
| SHA512 | c0af51c85ecdfcfa8eac6818f2065f72da3b0fee49bb37d072959cca080328bd8ff9b4da12ae160f2df9092b490fe59408ea74be29965e9dfe4cc68d73f2c134 |
C:\Users\Admin\AppData\Local\Temp\website.ico
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 9f6befc3ce6dc3ef930cd461f795fd2b |
| SHA1 | 445f0f2b0330b16ca3073c18bd0e550b9c1ae657 |
| SHA256 | f960a911e0a99d4dfe5e33f734e4b7f5bd1f397cd546dd0f4baa5583453c24b5 |
| SHA512 | a47ab3d92918a3348ce69077ecf276368b238a6a8832ac1d05d36e197657dfb7136df97ea4ab26ba4234ba784bdad89c4893ba0b353bbb452cff46f276114fc6 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | 97f4a41ce3877498a988d62c0ec54362 |
| SHA1 | 38a7ec10658b196382b9439abb4aeea4a5585ccc |
| SHA256 | 1c7905b587d24d3e8278edc39368e216c058de475c3d090af736a06941faaec2 |
| SHA512 | 9f72b8f2961adff610225b3ddeede37d982102ce7ccd19c65737d3acb03ff15ee15a8484611f5ac3b0ee99960edfe7d4d817c9410c53b7efc9353cad40569bd8 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 15350b3e5993865f22f73e7df2688f08 |
| SHA1 | 39b9f6c18aadae15af0ddc84e95d11dfd14270bf |
| SHA256 | 5318971822ad5faeda4c9d96737103cd1f35e203f12a7b52f8acf8711c61cedc |
| SHA512 | 08e1694562414cae938bc3add18d1820053cca338f7d1b952cf139e0cfd010ce0184014111fa85a993584e77dceca8b702fb17425ae71dd9286d833bd4a4ec07 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | fa34b8c7225e37c987aa34de0233e8dd |
| SHA1 | 5bd86f68e934f28c9707e4ac5d5b6e4ab09d085e |
| SHA256 | 7b12ba0879473e6672dd326378d54c149ec6486c3dffaa08ef1b70a43c65f399 |
| SHA512 | 5b5a6111ee6a9010ce0d13575313236b7757c2bcec9cea7d73da3d662a6c25711ca5b009f5c59113e42572f7a72a0b9b9496682e13176c33efebae87d00ea92b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | e0e26e92343c6b374fec9b0c0ad2736a |
| SHA1 | 0fd16ff6d5d58881e61d16e8639bf6c8602100d7 |
| SHA256 | bd431b710aefdb705493c86a431a27d5f6c5acdcc58372dde405739a34e99c3d |
| SHA512 | 8da1094cda142a8d5b8573176ff7d94465f866af83632663b3fb02ff93e0abeabd6c6b3eea8fe8e74e02fc5499333746c9bef4cbe463acea91d3f4f11ab84f3d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 85d1ce98afce800d3f6e39a54da62616 |
| SHA1 | 70ddbd9a5460157f7432d861c9c4f243c7a2b919 |
| SHA256 | 47bdb01a44c086399051456f5583aeccfc2463f2386cd904f17a77a6ff1527ea |
| SHA512 | 184d14559b00b2aeb522fe4aea4c6057ff5be88144acb089376a168beb7e23bf5c4ef5607d23be0c49890758f2beeb5eb8b8e84becc5b9835aa1a77950f6044d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | bb4e48ca938918f20b4a4467b4e0e6bf |
| SHA1 | 41d13d3d3897481163eac786922fcd702ef27ea6 |
| SHA256 | 068dabd4969eba501612e943e81ed02aa1e16010644e82450fef30282618ecdf |
| SHA512 | fe1d21d29fa054468256ab0871c5947db66493da3417a728fa06c6b9ec1cdd0e4d2bc8dd4f631a60a01fc2df2bfffa3a22eacf2a9b48caf4fe951c6ed23836ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bb9d44458b32733d6de660072a62da6c |
| SHA1 | 3ddf57e13b3e8aea77e29c8b6608de5f9ac02f5e |
| SHA256 | 525bb25fe3afb74fbf4a4afe87ee622b7e064c022433d16d49af2cda34971660 |
| SHA512 | 1a6368f8765a297bb28531c203f0ef811e5adfb22f9e0e676069fd9383e2fa33b544f6be6aa20922214f029009e258048c91cc101278938c90f3e2ea3dbaf621 |
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_4DA37.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
\Windows\Temp\scoped_dir2644_1155505755\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 112c4a35d7b805b4a3e9ca17250bbd62 |
| SHA1 | 531fee9da4227b6a944a9eb23fcfe8aff7a1ce87 |
| SHA256 | e3b2914fe89c14cc2609782cf13fd1eb9b2b4741d56f51c4b169101e5a5e1996 |
| SHA512 | 139bdbbe189638880e74b081f235e1052c07d14772174764431a9d9aa3f82a871c51b1b7f655f0cd16b4edf5186cad96c70d22bf0f941e0109c0e7c16718936f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | d4724ee063f97e2fddb2440cc5f8be47 |
| SHA1 | fc55710b72c18444b6affaefe3fb2322b86c416c |
| SHA256 | cabaab52b285feea9b3542bfc1a23456fa24ab842ab39a52644de9e8437e7ee1 |
| SHA512 | 7e65cc6b4dbec1cddff6f08b48de6888f40b0e1eca4a938acfcb96d7b7209c01c4c69e24725b9e8eb5dbf3751dfec509781c044c08f545cec8678dff563b0f02 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 8ed4f641eacc88b8dd2dfce65c394db0 |
| SHA1 | 6f0d6212d165cf9b74d896517f67779f58266bc6 |
| SHA256 | f0ef2e64dffdd1cc867f0e6f046e31a26a7ef1625cad3a44a74a3cd0be3972cd |
| SHA512 | 9e833b8c925b352232220bf3c74da791bd148749b4914fd2fe6e571f845475b41c067da0388d9446389339f6c503b973f63600096b8976c9f586004f4b8bee86 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 53629cc451dab8ab7754d2bcae808acb |
| SHA1 | 65ce963e2effa4800fd1395206877eb90ce273d4 |
| SHA256 | 525198e6595d02bbd94a8f2ae659409199914c8727356c453dddaa4052c816e3 |
| SHA512 | 7370c2c070d887382859817200d7485f9a08d1d48c4bb8b656c7fdd362a568d1c82d5530f7ecbd4906447188b6d3f9c050a4f34505d140afa46710e3275dc15f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | e4544c2aa88cd010ce7d940e0ece33fa |
| SHA1 | 3018ae9e88cbd748b0e4a3707f0463661bfebe2c |
| SHA256 | ce385568b2d8d00353d528a1e4a4d7df827c46595aa16329aa2cc52b657c025a |
| SHA512 | 89ff99d224c17cdec0bd27471508ae7704c25593f6e3b7d50922c58bdaa287614f1ded2c6923fa20d498e820e03d3b69027d2a6972ac750129735a574c432257 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | cfaea7d5d197d57ab91efaf9340d3b51 |
| SHA1 | 600bde89a6660e486abd314794177a536a415bae |
| SHA256 | 557b38349dedd5f5c7ac063c78886baee13f3b768c5dce1bd846696f985b6f5e |
| SHA512 | 6320f4670a12f8e2927bc69abfb68d24ed7dae985e6105a9ed466e3cb6a1ecab56e0f1ec679e21deafce2fa3efc8c440f6e825dd432f06eae7bf8d27605a997f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | e9dafc45a166cc3e772a7a9772f00e97 |
| SHA1 | 3be2e17560c6a0159edff4ca31baecfe96cc3ffa |
| SHA256 | 808cb87a9d5eb84b23410df1db782b40e67266fdc82d5efdddec03334553aae3 |
| SHA512 | 09355bd732636f9bb7bc239b0b64a4c911490ed30032666ced06a35cd40d5491dfa25044026107105d9e92c2bc73bb751b955b1f5d662be7317c4d18487c71ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 53b656416d928dd7cbc3e2202e66700c |
| SHA1 | 00eaa46f62e3ca2784d67a117a76ca18fd993fa1 |
| SHA256 | e0267ca83016809eb2b62684cd074f25ed6e2df1715e5a2175280fd4529a561f |
| SHA512 | 38c4cd8565daf61f930ccd0ffa67352a8a971ed44140e5fd23da00c0a9f206e298d393dc15dac3c47b254b932dacc9829719a39ef1081ea908f8ddc74c4c3752 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 30cf3b1641dcd377b9b932d65e64a7f3 |
| SHA1 | 12f424760d97b4f2d72c0a510697c170ab9efb96 |
| SHA256 | babadf80b44376a2e9a18b181af29e7d6472cedff292d8907e818586ee790ab8 |
| SHA512 | e9fbcc4265118f634abd8267bb206d5c6d38bf432c44c1a85a8191dd65a2823602d9a817081de694fafc7f75876f108a9640bcfbb378cd035a5b4404a443b0fc |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | d34b18a9318c24eea10b486f7dd2a0a1 |
| SHA1 | 3c44fe32af5352ed5038b5db765c573cc7eb461f |
| SHA256 | 1293a723c2f75181d3bf964f5f1e681a349f3514e13b6c0fa2d995b5eb55b018 |
| SHA512 | 0fefa6d1b811e6694ba870a8738a19e5ae7c30f85cbf1394202090bed8ca36cce7dfebdc8a95326be120b9d2ab197148bc01cbe89e56268dcd889c3cc17d7917 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
| MD5 | a2c6e0e537408abdf3f32b4bcdb9ea4a |
| SHA1 | 1f213fa594f12fbd97b2459c63d50c7c94fb1515 |
| SHA256 | ab41b3de27b1e75049fc5ee1b3c5311e7a07e7c62f213744c629b78b5d076283 |
| SHA512 | 620f558c7eaddf2a957bd41627719e9c8c02bd0e382df071eb1385fbed1b0e82b3b77cb2bb538a539ad662a4900e1bcd3616c35ebe7fcb2f9176ac1ce9e3d41e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
| MD5 | 86b97526f262ecf87ed7ecd6c7eb4218 |
| SHA1 | d009c56e5fdadb73975c253a14616098dc8d243d |
| SHA256 | 33919f6b6975431c22a06c41c32e5f7092860958c68e453eaff9781bb6ab274a |
| SHA512 | dcfa8730ff4da19ecdf72507f36fac86f47c6133a13499605de9a70e8533da1984ff7f5800dc9a597c27b4649f237203f5400e344e22d3b3eb98e2d63f34f20f |
memory/2644-1611-0x0000000000B90000-0x0000000000B92000-memory.dmp
memory/2748-1724-0x00000000001C0000-0x00000000001C1000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\4d47369f-e003-4417-af36-4fc7104ba9d7.tmp
| MD5 | f4d4e7ef96ffcabafb5e42bedd712868 |
| SHA1 | cb96eb14520cd5da7428bec970dcb635428eef5a |
| SHA256 | c9b06b8524ac6e225543512a56ddbcb3ef2ef5b65dadd5f4b76462b1ddba8915 |
| SHA512 | c67410d25b4da96ac8f7b9d036f6db390416eeb53a6be55cda6db3acb4c84a78ec1ec618a8cca5d0c22edec2383471f5e872cba8f95b352fc2f769ed3c625919 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\picture-13375544848886800
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\preview-13375544848886800
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\video-13375544848886800
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extension Scripts\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\5af58657-583b-45b5-9eb4-455fb37c3042.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 67f7905838a6422a11dbecbb8dcf0c42 |
| SHA1 | a2ab5522d9001ceaf1e9f3ff383b7bdd79e73cdf |
| SHA256 | 7d17504b45aa340c5d2ff4110bf388a095f85f194239eb6f57a1afc0681a04a9 |
| SHA512 | ca979fd4c3c78384b11c83cf38099f5fb178dd722aa50c3c3d3b220bd9cbe0f1fe109722d4ef3658b01e194516d60d7aad2d0c810fa8f0b6bf1537ed0ef71f91 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\eb4da5d5-1590-4bf0-85ba-56df1850453e.tmp
| MD5 | 18b9170bb491be7705d0910c5bdec93a |
| SHA1 | 43c8f0d696b9d1985f2a97becf53b99ac63884e3 |
| SHA256 | afbd84613be01f55653bea78d78b454aec6acf92f00b62c52d9a65f74863a7cf |
| SHA512 | f243910000250e5040e635b1ee4b58ec509c0a3db8c662a3f5c8801b1f62f0d0a0e7655869b8af1f4679a49c5b57f003ef165fde40e01493e5525449785d0601 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\ad5cd252-9a1e-4519-acd5-84b1dcf17086.tmp
| MD5 | bcac166086eb527e073b21a361f386ad |
| SHA1 | e19f6666b929d8c9498c7d4907042188c19a98a5 |
| SHA256 | f1199cff412787afb907fc22fa5459550095dc2e23758ff9c8eb2c0e4eaef988 |
| SHA512 | b3336d4400b5612d346645d4ffcb323612e585f432a03fd58a36134de489c70eba039281a3de815cd85826fd4d8d15b009e6eb7455406be0ba3e55786bd0caaa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\05645811-5a87-4e73-8400-3ace45e808fe.tmp
| MD5 | fbe63369e5e6162535b61ba9fb61af9d |
| SHA1 | ddd4d12eb6ce44e09da8782fda4224e2bcb526b5 |
| SHA256 | 8a00caf83fcd949f753523c20813bb422da35abfcf196753a4b029119f9753c2 |
| SHA512 | 306ab17b30bb681ca34ca6a54777ab1d9989b1a4f9ae0a10e477573df1980677ddce76943fd1973e1146d4c6a47ed824a2b702953ae830197871b9fdae33b00c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ShaderCache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2474a467d26d58b3e2cd7c60f7ac55d0 |
| SHA1 | 6d06640b367dcdd650cb680cb425eb3d51715256 |
| SHA256 | 207ceb3627f3870ec5811ab06abb4d09039724e74eb951ec0a51153746257078 |
| SHA512 | fe1d59727201da1262182a3ff6d4234b57630fa42a571d28f2256e2aea9dfc62448faccec21de9623ef1588c7b07c3687b016a91745d7f157d1b40145892eb35 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ec512e8c0ce458602bde6327d9118940 |
| SHA1 | 75d8935750bfd4a77e83d6481a1e239ae34abb52 |
| SHA256 | 61a6707e11155d79e3a3b34f882c0b6e32899c64f63e475ce2f90ca49b6c45e1 |
| SHA512 | 06db1f7a9d5b220910a73f7209e7cc8cbb69ab7451ab8937713758db10bcc4c09ccdcbaaa750aa0f9150cd244ccd50d77e77f8c96d28f6db0399a91e5c94c6ec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 96db04d09a773e359e39b9d5ada8958a |
| SHA1 | 8bc3f98f27e7ecd980e427f7f9d88a84e23015c6 |
| SHA256 | 0157c697a6c43e90fe1f0188d778cf272ae36bb87f087014f392914fe59ae610 |
| SHA512 | c91d2f67a21d4ff3fee75021326dda9eca88972ed21425f6d85b0853df0db44b968b99127f6d70e2f0b9c6997c05b8984144c3776f23bf504624698f4c486265 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d3bcadb2ada146fc391d0b4eeff4b847 |
| SHA1 | 041f93558b119f78313c2949341eb62c3543fac0 |
| SHA256 | 7f3412c2c3835ea8d7b518dae0870f9f42f8bf9296c668aeb32f03b0b37ffe9b |
| SHA512 | 8939febe6ab85e8ac6fb2f4718a0d21a36ef854f5f8b8f197205d7d113f343e29d52b5ae32b039abf9b3d22da12b29b9b5eb19fd1b11f5747b6539113b38980d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | bad399b943db18cce9b6e07e2954234b |
| SHA1 | 26431b820f98030e803aca9557b4bb7c2ee42505 |
| SHA256 | e073cf6dcc3926c9a31a4790344954cea36319e5e1e3b3ba5e39d6de635dbad2 |
| SHA512 | 3f5e92e8ff2dec18ebc2ab5b6605c2fd4c3c8f4de4a2a2cbfd634b82ae9511878fc13e11e691a5a9ae2069cdfd62ac5166782cb4379b41ae63dee4cf148d173c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 63e45d0c0c08172922f0d3d553e25adc |
| SHA1 | 0b3e22a771146538f9246162e04bdbc847917c4e |
| SHA256 | dca33cf29b89828e2432eb8032f2dad94d353ca385069cd31760602abbd11dea |
| SHA512 | f754868c527db562e46ade9b7ffda5324714b6df60a647e3fa51474bafef4e24fe7406b355ed5cc9bd84e505e28f9260969b201269f59344272f91360d95a1d8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 44395811eee03a8022b65f6e2daafee4 |
| SHA1 | 4b8cf59cddf54bc2426d981963e6fa4a7e58c38e |
| SHA256 | 9d1bca59627f132134a22a5983c9580ec4d3d89e0a4109a37940a2fa71b96a46 |
| SHA512 | 734ce42ca29fb74bc95465c0f0affa8299759fa725c37daba9ecba527ff5466254f1c0d9a0fa77f2cc084e0851f1bd62a8c3566c5f301af354eafc9039d06515 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3495688fa47ad279536efcfc19e55f1d |
| SHA1 | 2d16a3bea56de81e3030e9ffafab6289723d4856 |
| SHA256 | d00d4eb0fc676638ace4134931eecee696fc02a5b55c58254159cd888ce39a64 |
| SHA512 | d04c06103e76d36289d6894d16fa2f665732ca492e555179c15b3cfd8fbcb52102238783163fcc72db85cb452d2fb1d544849f5a18f79ceec24269768451e393 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-08 13:06
Reported
2024-11-08 13:09
Platform
win10v2004-20241007-en
Max time kernel
147s
Max time network
153s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\yb9A8A.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexPNG.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexJPEG.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexHTML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\Application\ApplicationDescription = "Yandex\u00a0Browser is a fast and user-friendly program for accessing the internet and browsing websites." | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexFB2.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexGIF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexPDF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\ = "Yandex Browser PDF Document" | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexSWF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.png\OpenWithProgids\YandexPNG.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexJS.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.xht\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.txt\OpenWithProgids\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexXML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.js | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.swf\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.xhtml | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexPDF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexHTML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexWEBP.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\yabrowser\shell\open\ddeexec\ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexPDF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.gif | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexHTML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\Application\AppUserModelId = "Yandex.Q3O5UODMZAUHTDG2ST4U5PSDPQ" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexCRX.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-104" | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.htm\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\yabrowser\shell\open\ddeexec | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.shtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexJS.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-126" | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.gif | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.swf | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.crx | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexINFE.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexJPEG.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexCSS.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexSWF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexGIF.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexFB2.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.epub | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexJPEG.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.fb2\OpenWithProgids\YandexFB2.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexCRX.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.html | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexCSS.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexFB2.Q3O5UODMZAUHTDG2ST4U5PSDPQ\ = "Yandex Browser FB2 Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexINFE.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.tif | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexEPUB.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexFB2.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexPNG.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexTIFF.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexBrowser.crx\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.js\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.txt\OpenWithProgids\YandexTXT.Q3O5UODMZAUHTDG2ST4U5PSDPQ | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\.crx\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexHTML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\ = "Yandex Browser HTML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexINFE.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexXML.Q3O5UODMZAUHTDG2ST4U5PSDPQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-134" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\YandexCRX.Q3O5UODMZAUHTDG2ST4U5PSDPQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 0f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b1400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba953030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 190000000100000010000000d0fd3c9c380d7b65e26b9a3fedd39b8f030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba9531400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b0b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe
"C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe"
C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe
"C:\Users\Admin\AppData\Local\Temp\3d3d3e688ed64e61981a53ed0afb9f8202e4c4b1d41bb4fc4345df23db0b0085.exe" --parent-installer-process-id=2648 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\162ece25-ab67-426f-8627-f60fac12315f.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=484131405 --progress-window=393908 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\cdea6fcc-91ac-411e-9189-1218a55f8dba.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\ed49ae20-3d46-40cd-8ad5-89ae0e9cde19.tmp\" --verbose-logging"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc60946f8,0x7ffcc6094708,0x7ffcc6094718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\yb9A8A.tmp
"C:\Users\Admin\AppData\Local\Temp\yb9A8A.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\162ece25-ab67-426f-8627-f60fac12315f.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=29 --install-start-time-no-uac=484912660 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=484131405 --progress-window=393908 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\cdea6fcc-91ac-411e-9189-1218a55f8dba.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\ed49ae20-3d46-40cd-8ad5-89ae0e9cde19.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\162ece25-ab67-426f-8627-f60fac12315f.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=29 --install-start-time-no-uac=484912660 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=484131405 --progress-window=393908 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\cdea6fcc-91ac-411e-9189-1218a55f8dba.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\ed49ae20-3d46-40cd-8ad5-89ae0e9cde19.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\162ece25-ab67-426f-8627-f60fac12315f.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=29 --install-start-time-no-uac=484912660 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=484131405 --progress-window=393908 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\cdea6fcc-91ac-411e-9189-1218a55f8dba.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\ed49ae20-3d46-40cd-8ad5-89ae0e9cde19.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=511671605
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=956 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0x96ed30,0x96ed40,0x96ed4c
C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir956_297566289\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=4796 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0xd63560,0xd63570,0xd6357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=DA4AAA0B_ED6A_4FE4_8D7E_22F5BBDF8079/*
C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe
"C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe
C:\Users\Admin\AppData\Local\Temp\scoped_dir956_1903946841\explorer.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5580 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0xf9ed30,0xf9ed40,0xf9ed4c
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source956_336458281\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source956_336458281\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=393908 --ok-button-pressed-time=484131405 --install-start-time-no-uac=484912660
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=4632 --annotation=metrics_client_id=4701cb00f8b64bab887b00176bbae429 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x188,0x18c,0x190,0x164,0x194,0x71d92a08,0x71d92a18,0x71d92a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2044 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=utility --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2224 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=audio --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2796 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2220 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=service --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3220 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Video Capture" --brver=22.1.5.812 --mojo-platform-channel-handle=3232 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3268 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3572 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=4048 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=utility --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --brver=22.1.5.812 --mojo-platform-channel-handle=4612 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5128 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0x9fed30,0x9fed40,0x9fed4c
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3708 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=2968 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=872 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=2244 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=none --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=3204 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1688,15172387507224043446,13445174104680559729,131072 --lang=en-US --service-sandbox-type=service --user-id=A2A73275-8E03-4EA4-B705-3F8E876A69F8 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,7039382052776547822,14886963652411069895,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.200.45.5.in-addr.arpa | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams22.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 5.45.247.27:443 | cachev2-ams22.cdn.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | 27.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.uxfeedback.yandex.net | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 159.250.250.87.in-addr.arpa | udp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 142.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-06.cdn.yandex.net | udp |
| FI | 5.45.192.146:443 | cachev2-kiv-06.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 146.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams18.cdn.yandex.net | udp |
| NL | 5.45.247.18:443 | cachev2-ams18.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 18.247.45.5.in-addr.arpa | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 10.192.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| US | 151.101.66.133:80 | crl.globalsign.com | tcp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 11.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams17.cdn.yandex.net | udp |
| NL | 5.45.247.13:443 | cachev2-ams17.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 4.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 13.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 144.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 151.101.2.133:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| RU | 213.180.193.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 77.88.55.88:443 | yandex.com | tcp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| RU | 87.250.247.181:443 | tcp | |
| RU | 213.180.204.36:443 | tcp | |
| US | 8.8.8.8:53 | 36.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.247.250.87.in-addr.arpa | udp |
| RU | 87.250.250.29:443 | tcp | |
| US | 8.8.8.8:53 | 29.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 0376000aa72a15ea7cf4fb7c5509f169 |
| SHA1 | a53f4b9b4ef15d523c8791928eef0b1ec2c9624b |
| SHA256 | 249cee32a49522047a413b368c696453b755a068d1ce8358a6add88a3c811a1e |
| SHA512 | 2bd9ab7c130fa3f4a477d5f16849330551a59de7158c72e8c5c18ff2489b76f5ecc594674a850662987e015de4766eb970857ef0e850a6bf0395b50c6bdbe9f8 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 956aa3fa92fca81861b07fb086c5c766 |
| SHA1 | b88af323c50efaef00673f79471ae8bb60a3ac5f |
| SHA256 | dcb6b4da01fd513d7479fd49a4bd2975d888a85b0b45b997c1b56e89b48e1500 |
| SHA512 | 4c2240add515e812e8b053c877cca13b70ce645ef571f11d248edb2587c9b903c6f9376bc42d809911626e680501122bb19fca45f23b2019514ff4e3247672b2 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 5cb5b4ef5928e2dadb10b5616a2a1975 |
| SHA1 | 724d3769e65052c7f28eb6930e66cfbcbc837ba0 |
| SHA256 | 2f4ca7eabb1f23582f1e300cf9cdb80ccb4bdbd7fa6ecfd4960ed31958f0dd3e |
| SHA512 | 5ab39a8d4a2b5e3d68110750031cfe84adc89e9e4b054d1fab3faff9121bfa9bd4cd3c4ddead7330f80abf1521f5b001e853f1362a5d03542e85b98979e34dba |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f344348f2a1e73ee038edebe5c8abaa7 |
| SHA1 | 5b120395d73b9deeb5c2ae8edba045bc0f54806a |
| SHA256 | 611cd7522a8bb49365683dbbc401baf05e307bf38f16f590435ab23288676e5d |
| SHA512 | 70b89e485848761e4507bc344cc4258b7f6bb7cf4542b71d0c78d604451b2cde1f08aa7b52a1483120854d9789e0307c70ac5c230ef34a093d4ee08bf9e392c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
\??\pipe\LOCAL\crashpad_5084_KIHHIJCEAUPKQQZH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 93080aa8d465943f5b7a34d328e5d074 |
| SHA1 | 23132b6a1a531e3aed3129e00e542d11eced1feb |
| SHA256 | 13e9d8928f470e2b7599857a0e2819b5eda4db6c2b5ff98209abffd8490c0a0f |
| SHA512 | 62fba9bc4949ebe33b07acc09460db7c73b0e27b9439dad477ff546d885a3af391a705543f383ef9bf108368c528c6ef17605c16290c5b95e1a4124b5b771ec5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 0d12c001753e2c502e8a62f123cefe93 |
| SHA1 | 46d5278042ed4e98c67dc0214e6bc18f300c76d8 |
| SHA256 | 573d6707a37a8127fe9276c6eedf635407ff8811a83ec92d49d12ba4eb8ca695 |
| SHA512 | b003587142ddf85bbac612914fd04deda949922c2b7eb5f3b3200f399207d5550a588eec242a617ac2ef37abb288fc30f012bbd21b4a8237a901c87abb6264c7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 01de2a4228757bb373f57a5f61f1081e |
| SHA1 | 93edd70e01c8cb3cbc01ff84c7851e3c3497afa1 |
| SHA256 | 809c6e7beacc5a744f05a50c65a9b4f807ba9cc6ab1a47bc040086eb62ed9dc6 |
| SHA512 | 1134a54ec2980bf988043cc504936dcd9521f91d7f35a3ee372fbf1a1a8b4e9c7ab1f7989b325d0abb4ae04a623161c1e505aa921217b5e4a99ec8d1e8025529 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 48cdfef8a8205110f4cef029eba54f35 |
| SHA1 | 6936407ff471ee83b1515ffa0058a5f0bbbc48d3 |
| SHA256 | ba995644294f9d053eef3b882d8948e33a33e7a1289901f9edb1ffaec4ba20ce |
| SHA512 | f6529a3bb89d323e3fe310b6c1f48cf764217bae6edae2916fd42c89887104713b4fa2e58f36345ca7e761df7f599666d63b029c9ca4babc31352eb4eb16a745 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 1c440a1c7196ec440741afce41a1db92 |
| SHA1 | 0678b63775876086a0fd686e1aac82e3f70c1ac1 |
| SHA256 | b9402d76b0afb385cc8aaca1ebac486509e083d513f9a9847f08e4d337d5ae06 |
| SHA512 | a75cacd83d703df0405a0700dd21eae1e9ce750d5cb165ffbac36b5498f5dbfffb57d02c80213f878f91130ae3df879e443323d7a094cdcb5af1cab5cdbe43f2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 7602fa59f50f67e13125a90ba8005df3 |
| SHA1 | c9b8e98c869a7bc9f5e370a8af9bc303b08674d4 |
| SHA256 | bec7b6b4260b69db3a5e1d9adf8c8ec6090e6abc0a6964af2ef1279bb9fbc1a4 |
| SHA512 | 0f61865a6b511237de9cda03d88606eccfdcbf1f9909dc5ed1f0e6cc88fd6f447cae0b756987d443997e50d1f1b2b8f2a22bbed6080daf4a96ee177145193897 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 265e2135085bb9a42d6f68052f36260e |
| SHA1 | b47f0471dd0a41c80287fd1ef7e92a400bb24cec |
| SHA256 | dbb3965b86242ec4f65049e624587d26792ba280af6536734f5af2866e18e8e7 |
| SHA512 | ffbcb7da84e7e972a20ed4f568e3320b13de06b848941c0c9c25e4408a1f77e998ec595c9facb163dc52b711faefa696c90783fac30db56c152200af651e3c92 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 4541f0b76d1f3b65c14af4b5d58a45cd |
| SHA1 | 04cd915863a51b591b916c58bb004f67be354af0 |
| SHA256 | 0f5c990354b074e4320362bbdf1655362be2ef25928459b1baac618bf2abc5f7 |
| SHA512 | fdb7cfb019d77067b349dc7481d42eed193b7c552ede6448088e087e7f7a1b499e027158962d50bbd4a0a7997e1847b82f26f679f4587edcc2b6239560bef059 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 2a257e124dc3a5a132508079770214a5 |
| SHA1 | 6855f70b00b1c3081c711fba64f765262b2cd381 |
| SHA256 | 235b4a4daec509a67007dfdfcda6de62ac10fea56ca3045b4894b063626fe109 |
| SHA512 | a0293c55a0e40c26638457209fb0b8a4e7c8491b74d2699a3e8d3036868516dab0c612301144f434f556c89d495f505128579a04f3341b6b56e0c58239ba537b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 40f2193d082a6384bc1376ff7d1e6438 |
| SHA1 | f405c42c68aa226eb581796162f992babe62ce51 |
| SHA256 | d9ba9510d728e9e72e4a7ee9e23aa590860bdb6caa13c8f87d251f7bd59c3cfe |
| SHA512 | d40b62fa26e1d2549dfa895b6ae0571a036fc0a03ebfaf9b52db412047ac51ad301f3837dd3d3e4dc0ea68315b7df79b3907c1f491a39d1b233d18702230c5ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7d04a18486dbb93cd149817662ee168f |
| SHA1 | dad57445f80e2b4f7ffc8d1aa8965bbd74b9876a |
| SHA256 | dfbdbe1eb63068792006e755ac15f1bd6c1d14e7993ce214bf188e3d7935b4f6 |
| SHA512 | 17c706074fb0a6fd05ae75972b1acf5c8c68960529986619df600d4af932d517ae00786c8abe3e41b39e2af7ad3e36537467b31aff9250a1bb0d5ebf6ecf5f79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 4c85dbbaadea772b4b92bbf27b70cb06 |
| SHA1 | 1edbed56d0ae8dad0b62fc5981afdbca4101214f |
| SHA256 | e840130dec5513d92a43c6a3bff99b6701fff665f1d60f49de76dc6797cb6142 |
| SHA512 | 86f1bc573bcbea28b1c02dca7dab21fe495d128cf479c5f87398ed93e7f133de877ab065b1e4ede63e662f4193e90125c50e17b199dba5b444a330051984e2b5 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | b907e580e652b85a4bc835ca6019ba64 |
| SHA1 | 9a10bf6165472474286c4f23fbe25ab4571bea5d |
| SHA256 | bc86231abba933141fd8ca5f7cb3cd9ca599ee388b831df54f461ba1b4c2c0c6 |
| SHA512 | d3d739fc9bd681dfd722b31f5768a9ff194b4f6d07b27ab18ff0a093dc68a9608b5a4008168b7eef06bfd529b11df6a599e511b529c66447b0905fb624d0b81c |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 2d5b3fa6e05e8121e6eb5affeebfad27 |
| SHA1 | efd9519e8c12fe5fe7cfec220bc043ebbdf11293 |
| SHA256 | 6f05157fb1d7c5fa4ac0a624555949795661417bb86a955d61371bdb32ba4986 |
| SHA512 | ed01eb449b1c65d77d504c314ea1c8a4269dff26ce99c36b8bc8aef5048eea3cb57f5ac37e6c695b000b3c3d497a988bb8b024d5fe3f388c915458099b109fad |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | da89266eb9d9d663bfddaba8e731e151 |
| SHA1 | cc5298c89d2619f5f9f3b5914eaceb5334c81c49 |
| SHA256 | 007c28b90a3a591c0837fd9ca509728f9dae8bdf25e881cd76a96c33a809e4b8 |
| SHA512 | 0ea3c045d0c6603d1414c9a1b8e81c91f84581dd7cb8e1ab0ac715ece851702c447c3fb4922b6584d01be99022442805135625d8feb199c8210cd781285562ed |
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 9f6befc3ce6dc3ef930cd461f795fd2b |
| SHA1 | 445f0f2b0330b16ca3073c18bd0e550b9c1ae657 |
| SHA256 | f960a911e0a99d4dfe5e33f734e4b7f5bd1f397cd546dd0f4baa5583453c24b5 |
| SHA512 | a47ab3d92918a3348ce69077ecf276368b238a6a8832ac1d05d36e197657dfb7136df97ea4ab26ba4234ba784bdad89c4893ba0b353bbb452cff46f276114fc6 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | 667a069f13e5267c2c5d11a86f185830 |
| SHA1 | a481950074834fc22ffc56514d1281cdf66d7ea6 |
| SHA256 | f764b35a9cc442181919601d6a7cf8dc07377eab66783c522d3607f82c0fb6ab |
| SHA512 | 1f2260a6fe4010651918e391d1289e99e957ff3025717e2415bf1c3cdeef3f9c303411203b7f9d517778393410e5473029c2ac7c88b1d7e615a61f2a888e7b31 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 223cd271ddff4c303d6bc963e2fcb839 |
| SHA1 | bb61d1d8bab8af448c71b8e7f5da7ba2bf3aa3ec |
| SHA256 | 4849452a9adfdbc9dc6af583c86e676d3755d02d154c9756d02b58662c064eef |
| SHA512 | eaaf869dc951b82e6fc3312c4e3b0b35c452f7b75d5462f47705fa48a935db4c2783d6f7e9cc4a76eca1a12d8fb950ca3b8598943d88f07bdd76cd677f8eede8 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | fa34b8c7225e37c987aa34de0233e8dd |
| SHA1 | 5bd86f68e934f28c9707e4ac5d5b6e4ab09d085e |
| SHA256 | 7b12ba0879473e6672dd326378d54c149ec6486c3dffaa08ef1b70a43c65f399 |
| SHA512 | 5b5a6111ee6a9010ce0d13575313236b7757c2bcec9cea7d73da3d662a6c25711ca5b009f5c59113e42572f7a72a0b9b9496682e13176c33efebae87d00ea92b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 85d1ce98afce800d3f6e39a54da62616 |
| SHA1 | 70ddbd9a5460157f7432d861c9c4f243c7a2b919 |
| SHA256 | 47bdb01a44c086399051456f5583aeccfc2463f2386cd904f17a77a6ff1527ea |
| SHA512 | 184d14559b00b2aeb522fe4aea4c6057ff5be88144acb089376a168beb7e23bf5c4ef5607d23be0c49890758f2beeb5eb8b8e84becc5b9835aa1a77950f6044d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | f872eeaa850d8a7e3cc4288f203b3ca2 |
| SHA1 | 7f4b24fb149ed6d8cfdca94176de068e0002fe55 |
| SHA256 | e8024dcf0d6f62f440b45cf3cc596945a73ef9c43f56b0eb53a7fd81b8fe554e |
| SHA512 | 8c5235027b769f4ce97a31bcdd986bc37661e80ff20be192794c57b13393e6f9c89455cf10db0892f0a3335733df22063a6b37aa7ef813a7bb8089c935e44cd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 810e85057b6b73293cbb96ba05b8bb06 |
| SHA1 | 8ba0fa91400f77f246d7e0e0bd3dbc5f9e39536c |
| SHA256 | 7736bc9b3bfbd16a6c654c18d17c0a75b045a6cc46b9c18ebe993a5672f443a1 |
| SHA512 | cdadff7717ff1c669b0cc3a4e7ed602e3b4a85103988496429256a1cf281da54e3bd259d8533e013aaa054650503ec1d81fb6258958af4082558091e217369e3 |
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_7EFE5.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | c42129c52c1f76181609363998766d35 |
| SHA1 | 72be9da8f7d731efaa0431eb2d56097ef0184b84 |
| SHA256 | 1ba6bc5d57c44bb64d228bab472fa8cfed1ea2313b6b5556e5be02e0d816381e |
| SHA512 | e34e7afdc211d101a5d93e08f5d27740f4defabfbb8241aa063c1726bdcaa30fe9b38788f89553ca7624b828a49a45b669f67429654055b05b26a6dbc2852bd2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 23228a6d12760ca2e0cdb160a4fdf490 |
| SHA1 | a85b7412ee0c47a234d1e28214e7adac073984b5 |
| SHA256 | 6601c41fa606fffe538b6d1d29b0186465fc53899b5ff033c918b4e65ca3cdab |
| SHA512 | 3dcc9e873ff8d586d2649cec85baa4117e898e3227b5d83e378d26eee6f6591f7fc53158f9a41ea14197dfd7f82d42a37d3c7adb2f5d1f6321c9ec50399372df |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 8ed4f641eacc88b8dd2dfce65c394db0 |
| SHA1 | 6f0d6212d165cf9b74d896517f67779f58266bc6 |
| SHA256 | f0ef2e64dffdd1cc867f0e6f046e31a26a7ef1625cad3a44a74a3cd0be3972cd |
| SHA512 | 9e833b8c925b352232220bf3c74da791bd148749b4914fd2fe6e571f845475b41c067da0388d9446389339f6c503b973f63600096b8976c9f586004f4b8bee86 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 1752c2bd0ad8c429571b9b8d9db97f8d |
| SHA1 | aee6a02b2ff1b189fad39a5a2d95d8e371228907 |
| SHA256 | fefea3c9d5984a3032e35a661fede6805f5e56fc507620b474c4c356b8782453 |
| SHA512 | 151cefdccbcdcc9a7711c81b634c1f4fcbb6edb20404962316126daaa9c3ed23b07e19ba3867f1a45e466ff3a8a5c024ecd3b9b12445c0c31dd3e5c1c4147725 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60B3F7207DEB992031C120EB71F562CD
| MD5 | 94bf0bf032ce32469dd74f4f1f5320e6 |
| SHA1 | 86bff704a2f82816f346a6a374250f35743de3b0 |
| SHA256 | 54f08bfd73dd3477610059c4a1d92723e698def0efa7ad4661584a51d9aab79b |
| SHA512 | ac62c42bfe02a35739dfed5df012bb3ef1f7bdbde1f4d9dce9448812bb6d25891dbacc2591e859f644c95151bdb7179f4f8e355b81a2a38ca7afce4980a79901 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60B3F7207DEB992031C120EB71F562CD
| MD5 | 8dd2f64e915163879390b98b9ab11552 |
| SHA1 | 0bece3fa43e8338dc46ac31bfcb35e38fbcb961f |
| SHA256 | 5fca909ee87690b5ecb793087101cc7b27ab51d79817500cb86ee472e975ec87 |
| SHA512 | 2589a915711a3ce049aedcc31816a5d744166014144d827e50d4a644102c8d48c0f4c52744589aff01a063f0bf32761d503250d272458da0a54d6557f80556d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 669af44ce88fddeee8d6105c3e9baff1 |
| SHA1 | 31cb794ae2b524431823c85c19300d457cc5e2e4 |
| SHA256 | af785166c1434f545550cb6ebb3101165acfd2a141155dcb783f78021cf98a17 |
| SHA512 | e59a0069b0099402fe5b4bdc96d1910fb9f628aff5578dff82982c8d149f98c4f752b1e617b6f87215d46344db442ec860bd9fd5439a78097282932d7af857ed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 42573201bd85974946db05745d875c75 |
| SHA1 | a63dc8837be01e0bc600cd7c498e858a7b3a59d1 |
| SHA256 | f121e8cb24504889086bc40b715b2ecf0dd51c7bb80f498513aa38c252400f34 |
| SHA512 | 533e187c8e0c2d793ea34b826b24d3a5baa9c0b2b84e421c5d6094852083e56c96ee5ee6fbf9fe95fada144e773ccefe44c0244168b40880f0f74cadfd4ad6db |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 8378750b1efe2cd7209be155c899e5e6 |
| SHA1 | d15c939d0970057bc75199f11136981b50e45301 |
| SHA256 | 69658961f13db830c139b9e5f963c87f37e992de19a4c0d9df08ebbb08c17187 |
| SHA512 | 8c31cc5b110b48d2f605b030ca8fb8a1b80c153fdb6936879b807e15bac737c550cb7f733a52c3ead0451e8bb0add0702915151c999c91b1d4da75ecddcf8152 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | e4544c2aa88cd010ce7d940e0ece33fa |
| SHA1 | 3018ae9e88cbd748b0e4a3707f0463661bfebe2c |
| SHA256 | ce385568b2d8d00353d528a1e4a4d7df827c46595aa16329aa2cc52b657c025a |
| SHA512 | 89ff99d224c17cdec0bd27471508ae7704c25593f6e3b7d50922c58bdaa287614f1ded2c6923fa20d498e820e03d3b69027d2a6972ac750129735a574c432257 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | a4458894312c23689225c98a580c930c |
| SHA1 | abf8592a1df4d2cb7f3b6f81038ac89776ace0ad |
| SHA256 | c72e78839ffd3597c47cef9f17a91bbc4f81a376abe6bb72d3cf54177d968054 |
| SHA512 | 91b2452d7ff640f4a0f807399eb65e2c84e88004ad26accdf0afbad673cd05e931064ca774d8554a55e0fef9ac98a0cab447dae03d92a8bf8a6525f1ec0e8eeb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | e9dafc45a166cc3e772a7a9772f00e97 |
| SHA1 | 3be2e17560c6a0159edff4ca31baecfe96cc3ffa |
| SHA256 | 808cb87a9d5eb84b23410df1db782b40e67266fdc82d5efdddec03334553aae3 |
| SHA512 | 09355bd732636f9bb7bc239b0b64a4c911490ed30032666ced06a35cd40d5491dfa25044026107105d9e92c2bc73bb751b955b1f5d662be7317c4d18487c71ee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 8613923b975ee3ff3f4614d3245e23cc |
| SHA1 | 9fdbc2d4245d64f85a3a57788781a441334b8673 |
| SHA256 | 3f40f6c11aaac65aaef7642b1b1e3d0e7af3f962a88546d11fbaee0b059bb3bb |
| SHA512 | 773c51adf7463619fcbe4223d0f8307be7b127d9b8d744a536289235b4d78f26f372c48cb97aa42eb95e88dd885d074a00e48f1de176754a315b7cfa7ecc6480 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2ca0cd7d11488c02e98ed9e6da23fca |
| SHA1 | 594e33cd5308c3ddfce1614e8a5572d5cd0f09c6 |
| SHA256 | 43f061f48e0104f0f91655d271e3b6118d1add9ad033c9e10cea04f0ab65db0e |
| SHA512 | 6ac87a781df258aa62ee74ac1bd053433d39dbbff32b2abfebf4c79b54b79f7106c0e99b39b87f656b0a6884cb93ad561246c84649eb3ee735a8ff405bf14938 |
C:\Windows\Temp\scoped_dir956_297566289\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 863e09f296f04efd5aba5c773e3ccb18 |
| SHA1 | 0e61d5ab1936a7eb1e654c6945d578fd988769b5 |
| SHA256 | 8564776b35b6693dcffd0a2cdbc5cda52423be736e2f153c9598c5dd2928feb7 |
| SHA512 | e37f7b48ce29c2cac6dda63768a02b2662a19fe7394311085adeaaec91cda21416662df47f4dfdd6f3984b37d83c2b5d8190551c8acc33f8318e07e6bad190c3 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | ee333112a0e7b8721b78ea019500c2b6 |
| SHA1 | 7a3d309bc3eadbf4f886e6f2d7ea378e37b15ccc |
| SHA256 | 160ac12cb71f30d8a80dc847fcfdf82b6d1d2bc8a887ff6e191feac42a01f213 |
| SHA512 | 71d64687442b4a9cf4cb28e47932a084b358f739ff344d513d489cf5b5116e3144045c77f107a1b98a15a7ae95ea88564120a017a4f59349f69f08e3fc5ab0b6 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 0218d8ad4d64fa9b9ad700ba1cde1ba7 |
| SHA1 | c5decca57f0c6ebc575a29d2cfa7bf937ff4e1cf |
| SHA256 | b8d00854a10f32680046222416f2197240d1da18801abe79b353ab73788dbe56 |
| SHA512 | 9fc6c499d47c34e02f0dc61cc98155f896eb38f743eefc8ebf1446ddffd2df8e2c2d958846565a35c9882e9f1faad0a36c0a75863e157f90e61afae0297c80dc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo
| MD5 | 0a8228e3d9397b33f203ddf77940b986 |
| SHA1 | 69249827fefcc7409098756a0dcfcb79bf1955ae |
| SHA256 | ba9cad7508d2e860014f4a7c7bb290034dc7cc4def9142bac3e5ff1120f5135a |
| SHA512 | a9d76de78b02b3651e93a927658945fe0320b395f50ac12055dd9e99cc5516408a1a6778ec281aac2e31e75fcf40ab84ff5665b06ae6892d68c349c9a5791de1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_UA_
| MD5 | 61aef3bba55267d45529f487b7e61716 |
| SHA1 | c397377caaced67127eab936369f117b5da158f1 |
| SHA256 | 792f8c1e9de09cec4f4ead577a5fbc15705347266b73a7cbb5c17492d7ad9aa7 |
| SHA512 | a37f43bc7d77cade850f0a85e6b3c0a6bb1afe06fd296ce5dcb17abab4d619003cc0f17e7182efb111fb84359475ebcccd5c283cfdee885e8bac95fb39f7fb57 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 64fd713b1e1f3252886b77e4e606d53c |
| SHA1 | 0f553961541f020d1d9f2d5f16ab0cab72c2383f |
| SHA256 | 1c0f05b4eca7127192e94961f30364d22b91f670e71ba46aad7675ce28f1641b |
| SHA512 | da666313aae61b452b711d92633f356639a029825e440dac0c4a3591f293ab990c8751040b27b3329c5d2ff3e77a1ba7657280b1d08a3416a16e576688807529 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | 94aa453a6cdbd34e69bbe2f4693b4c5a |
| SHA1 | c8c1b8590d2fcb66d9ad8a3706c2a7b15f84e3a3 |
| SHA256 | dddb5d56f63059b6429a67fe0ec143e894b8731368e93cc1f46bfe415af86e8a |
| SHA512 | e83abe3d9000cf285ed5404c0d4cb11a2cef31299796d1fae7218301f4558ee84f9e27d22bdf7a4d39650ebd2de85a9a855787212e38962258c8268e83e3e651 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 3a1e3d1e0463434cbd8deb421d73b112 |
| SHA1 | 0750d36567529bd5ef422ffcb7061957bbcf497b |
| SHA256 | f1e7cf1bd64f05a06bdb6e5d2d2a8457bfc0e111ac6b1293840c5ac0952af27a |
| SHA512 | 9254fba5a1c409875d82d29e134cc102942a958ab5344e32c10ad86ce8e0e84854a405a273978dc90f2538fe4f5d540931d62b89439a885720c46357b02d2ba7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\stop-words-en-US.list
| MD5 | 30c12caa6c35fdaa225f9b476c003aca |
| SHA1 | 99822ef9d67eb7a121fc811162af9e815559cc49 |
| SHA256 | ae6606ea473ca9a9f8913cb2bd2b1ae2e45905d7ddc9638074656d0ed1c08b42 |
| SHA512 | 5c38d37fc59032afa7a626f2b4a78195b95234a7a402010602423a645e3acd90ca63b2be82c20e762be20900bef38104efd4af12930e174c423018fe815c7283 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\wallpaper.json
| MD5 | 19feb60966afbb9d1b797a050278f13e |
| SHA1 | 9874bcea4222a8f56d59c91b7abe603687a4f67d |
| SHA256 | 94cf5e38c38f78a42d70599c469a3969e4b3feb292da450a947d8463a57bfb9d |
| SHA512 | 2abd6fb2bd126ef99a7f0bb79072fdcdea2670d1b296ace2b4f9ebbabb343594b140b6c2728c31af339465619a8ee9faa2e3d64e1847e9557c50a79144d24196 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 31b6342128a20e38a224a3c395f1d5d8 |
| SHA1 | afea42f96d007c0d02d90a2cf7d3486c73969d9e |
| SHA256 | a135978536ba7409f381fcac3befed527e6d310fd4fb6a9e567adbb22e84ef2d |
| SHA512 | 5b53e2a4c66d81f4e3aec91be650c4b151812d7ea8a6ef1ff911dd56933f8153ccf4a9883e406b2a9cf59056037a1e7434ed9c6c102ad446db5b42e1af93ea64 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\wallpaper.json
| MD5 | 128fc7ac1e268f9e506c2d945f3c1ac8 |
| SHA1 | eb9a7130c1bd710fbdb278cf96664313b3ce7ef5 |
| SHA256 | face1c7f9049d15861f636fa1e2103f008fe90b7819228c1405338501ee19a2d |
| SHA512 | ee69306716398fdb6bddc3b6398f39a6de8ac253325431baaeb364ffbaa505c04c3c465769b50f2124b89cebc2e53abd4939fb23842127c018480d4ddad8869d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\wallpaper.json
| MD5 | 1a8908826d2efe5fa817ce6bf474700a |
| SHA1 | f25ed2de494bae4ffeca33071e5c2dc034c863f7 |
| SHA256 | 9c75f591907f6a631ba583bce6ddcaafa6f89a84a4bec8108637f7f471e821cf |
| SHA512 | 1b68183bd466d01ec25b1281737ac4e752263cd88b64e16324244812d46f8f985ebdeb35d065c7aabc7abcb93286e92b0f3d5b0b7173f5aa6e33891c417b6fc8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | ea6753f7a10f9f92b7790c93f8ea2411 |
| SHA1 | 0cb570e8ecc34e16017b920fbcf1036cf1508ab4 |
| SHA256 | b1f9aebdb9333b4b15c2a9339d18e974205cbd4a61d2a0b4d34a25b384a0de7c |
| SHA512 | f7974e99c58696a4d739c4d590f5f50094082473754e6b1fb8a82c76566cf3b5713b1e013126f8fbef0f0c8af2e08d09b32307958c9ed1a1007c04ce89539ec7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\wallpaper.json
| MD5 | dabb663536eef90a540783e707a311d6 |
| SHA1 | 9659fe0463435f3281983ce306ff22fc101f6e57 |
| SHA256 | d1c971a197cb79f1df640994465aa7543bada90059f5b2768967d2b57c6afd2d |
| SHA512 | ed6b4090eba519f2814dc51fccb92cdb703656c77be741f07753f9c84d09394d080158e04bba1ca9dee501b0dff2a21020883e538a6c0ced6a12602b7098676b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 69472b2b8eb07ec616a8e94a492c6c5b |
| SHA1 | aec5df4e15d292a360a5dd6125217ef063ebe65e |
| SHA256 | 6e9ef0bb0853c6c898ec033d54d9d5cfcb68a5f52cd8f9bfff3528a02c73e06c |
| SHA512 | e355958272292bcd7d767af692fb33941ad469809abb6366b1aff2bd4585de6a18b290258799e943f9a53416c9f5c139ccabc47cb337d0e6e4f5d499f2e27aa4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\wallpaper.json
| MD5 | a79af1c34d9d4fcc609e57fbd387924b |
| SHA1 | 6ae1f8730d03cbca17a1c368da8a600157e0ea49 |
| SHA256 | 8c60b18ca1810a5e75950095cb0dfb4bb9c32a18f99e5505cf40c39840b8a633 |
| SHA512 | b95aef743acb3c6890e3ca74fc260a8fdeb134ba399f6e9851d34a47fb2cad9791a64d6214acb956ba4c8b51dd710f8f10fa8c3e88fb1a0f52a7e2214eca16fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\wallpaper.json
| MD5 | 8571306e9021fc89eff3c5ced3e02098 |
| SHA1 | 49d6a7baa6ab4182c4b38c95be4bef1b243fc594 |
| SHA256 | 0529c0be39bdcb289bf29e6a9c774d907b444857cfaa47d3942e5dae1b75531c |
| SHA512 | 7657c0e48b4cfa3025bc33b0decacc22646bde2cedda7f51b98b19a17a91461ebee57f054b64edc58318ef6caef7227ac21b740527144f3fb0bc0a2e7b9fef19 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\wallpaper.json
| MD5 | 7b00cfeccb0f471865d2ef08fa1d1222 |
| SHA1 | 1881d5a29dfe86d6d19cac14a1a4b95b05494830 |
| SHA256 | 22557386855643b706808ea9aed33ac22fa26f58d2fc281fb0ba917cf55f990a |
| SHA512 | b7d80dccfa5f051b1ec8987193857aad83c7365e12f12fa68b8edc6ae0dca1d8a4d846e284fb8e15715b5ce7478dae334da5651b97a68189cb43c74e7fdf7177 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_TR_
| MD5 | 50dbdb9aaec42827cc2eb5d04f9c73a8 |
| SHA1 | 0769ba6c5fe530ced2562107472314ebb2cbd909 |
| SHA256 | c0e6fb42389e71e97b21f50c6dd766172cd4ef76392fcb2305ea747c177b3e21 |
| SHA512 | 7f5e0cc72d3956d7093bef7fc77605294b84fbd58c966b5091aafc5ce1f25788e707c482b40129f28155d8b88660ef6b954f9a682d43be337d84d7dfc175ec99 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_RU_
| MD5 | f95a365fc86e04f9b40d07b361907fdd |
| SHA1 | 5e399608d0491c04014ffae22c9d2fbc80ba79e3 |
| SHA256 | 86984ab8b856af9f74c8f19320edf37b0d77cec81c47d904a140630842ce4427 |
| SHA512 | 3ab98b43da1cd9ab2e26a247f04314c1ea31bcb61bccefdc8f5f458320b8d3b2a9fcf157b52e326e112fca4ded062f50e765ca03d62cfd95ab03a2087fe6ef2a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_KZ_
| MD5 | 9f63f6736c09a29280c8d3b3183f959d |
| SHA1 | ba172ce3c43996316f4c231ce443f880bedc9e9b |
| SHA256 | d33cb20100bd3f182514171f9d41fa36e74ac32bd30c2c44f0d471449b331618 |
| SHA512 | 91948d89a0cf9a4519066cd9b6bf2ee9d5e29270a77e57160354f4e33f3ab73934851136563f0d85d10dfc5acee5bed3bcafdeee179aecb85b8765421e1062db |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_JP_
| MD5 | afc46500500ca4fbd99209621ba961c0 |
| SHA1 | 530792f4d2dca8a77a6253d97c2047d221ba4188 |
| SHA256 | 33e924e65ef2b05e48ada9e95feb4c9c4b4be442f79a04c8d863913f94783574 |
| SHA512 | 2edd0372618df78803026824196a4841b569c0c3cbf4b5247556854201953d492b42b89eca5deb1ee9d8d1658ddabfd534ab97c3ea61b0ebad3d716aa2a40cda |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_IT_
| MD5 | b2354e0b4f3a3a25f9e0637e1848687f |
| SHA1 | 85e3cd44b2dfe0be78befcd8eb6c0776e5c06f1d |
| SHA256 | 2c9ab87ab9fc5f8f8d2f2c73128148167b3cfc52325a40366924a9997c070f92 |
| SHA512 | 2e9ec9ec9bd7f98b126a62635bb24ba42f7da202b6760b77ff97c4d17471300e592bbd9beb13256cb5a61378a574424a836ae57eb046ac195a10415c7c1c1810 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ID_
| MD5 | 38e1a9f53847518a321c65ab8ca40e75 |
| SHA1 | 7fb594a3a407744ff45169dfa4a3118a1bd747eb |
| SHA256 | 51feb3e49bd80615e19ff9a5c86a5a6630ce0b7b7c85c939f90a9255f9f2c12e |
| SHA512 | 2043ccbafdb8740c7cc967618893589c431db722b266c252e0744b031d5b7bc950c804349d7930691fa062537dee9100421f95b8e53c042793f06ef282e5dcbe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_GB_
| MD5 | d05ff01c9126cf5b4fb6930083bcabea |
| SHA1 | 01c12d9e6a373f27e76a474c8ad3daa4b8774ae7 |
| SHA256 | 2060d394c4bd711a83bb9d613c90583fbca220970ee31534415014a9dd42980b |
| SHA512 | bdb27c1bed92e07045087952f78a7e7621d2915bd15672b5fc738d29680de72733e1d6d702be859b4bb0631a18b8a27775abee52e5de5db996b53c5dc6a75767 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_DE_
| MD5 | 847356d02a4dfaeb0449153805dc89b3 |
| SHA1 | b608ab76c78ca53787191866dccd447be841c61c |
| SHA256 | c5a232993c677b3109542bd974336ad8dd42830319be773dab75c3e147c07317 |
| SHA512 | c5b01b532ed42c056db108f6bf227dc3773640dd556278c3af0a7a7229bbdc3963ac0286d4714884265e189440f04a31addd5a36002f22ada5ae8364c7e79a78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CN_
| MD5 | 5fb2a63a8a3cc86330484f6b89d17bea |
| SHA1 | 27a01c90bee60fe786888d641170768f76326734 |
| SHA256 | 0fb259ab08ceb8987ada8b362a48e0bf54c2063a7c374203dcbac8dc6558b056 |
| SHA512 | a87165e9a0eb49c04e03a4764505770ae936c8cefa346c41b47e39e90b31b33fdcb9cc0ebf1e706aa8e3ee34d81f5a815d4f9587a022c64a73e374f35c8de4da |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CA_
| MD5 | 9644ce7d7022710f9e3d15ca62652130 |
| SHA1 | 9501c256b77bf4f2d15eeebea872394be64453f7 |
| SHA256 | 2e9b8194da778435200d9eb756d4356e0741ffaac24e7f8fe064c35c2b572539 |
| SHA512 | 81e1cb5b76a19e07f9892fbbb016594b0545cff56e3d7b5fc124c9c54746d571061748f0388dd911097c03fc379dc25235db21cf8ce141396c4a712368dc8d1c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_BR_
| MD5 | eff751f0d80c5df86c5edca15aec9a4f |
| SHA1 | 49607e819f796d34d1ff7c1c894604f2a5de4b56 |
| SHA256 | 18b6ae3ebec51fe0a5398a53a3296b2300e75690b2f5d9763e68eca8e938d9c0 |
| SHA512 | 2e486efe9ec6c65dbef2d98f0f95f87282a210068118c71d3ad33fd6400e01b49060dac926a5632e317b5e3ed04f66638e179956531a299b31dbc249139cf902 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 3de654254527e859fcf7ce3537ba462e |
| SHA1 | b56f440f2160a160e9cc02beeaf99d0da0a40bac |
| SHA256 | cde938c515a797c938a884e847164b4c9ff5cd4a7fcbe3809050d2bcdeaa4b28 |
| SHA512 | ef58b6116487dea1172afabecd2f15ace42ad0f3246c7dbc58c7a33a10e7f68af3b21111cf122871110e2d971cc598624496b6dce829bb60d7ed05ebcb05097d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe587a3c.TMP
| MD5 | 6c6ba38b8e12fc37ede595c68456c664 |
| SHA1 | 722228efbce7aa915dbcb3d86857acef42edd8f9 |
| SHA256 | ade476c1ca636b2dc2dd696507b9ee072a6d17f728c59858176f9e38df3e23c1 |
| SHA512 | a841e05a21689fcffe1ca1904e5675492fb4b4c84f8cb9d1d87d47f029b6a0af8fc312eec217f48476fb3debbbcc969d8ebdc160c23e1ebdd3691998cf6afa21 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | fd36c28b3ab567253024285c7055670d |
| SHA1 | 5c0a45917c87510ec091069457bf7b2b86bccbcc |
| SHA256 | 5e767f226e7dc4491cf06e42ea8e142cff766ef0ef6912a6eee8e449802e6fbb |
| SHA512 | 09611602fa675b624f334c43fa74897b6a877077ef3be116ae1f35df0d40c6898da8a5d217edd3d68b3890f4add20cad576e5d0b4bb96447cc9d4d6f17356c8f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe587c40.TMP
| MD5 | 4263acdd42e62d8ec12ff04ee515473c |
| SHA1 | ae619f3ffb8c349411bf9bbcc379faea9004d189 |
| SHA256 | e787a21284182a3cde08aca7cc727d051fb7dab5a130222f06b9051ff2dcc6eb |
| SHA512 | 22e16bb5f71d07fefcc8f07543b7b301a2245384b101deb3d23b36cefd96728ffb748bb3db04fc2270ec6ed4fc84a7a02e0941fa99a5d6ad649c4549b38ce6a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | a06388a2446176165ea1f33cc8335d84 |
| SHA1 | 9e5d88dddc9e93764a58cb0e140ee1a4ae5954a8 |
| SHA256 | 365fc45ae9db4fcf3f8be96d955e9c5ef1a06492744dadb6bdb2a56ee931ae54 |
| SHA512 | c14f57e964e9f87c743773b04b0d3f14266354822f6eceb8d421fdd99169097f34bf00a750e31b93645eeecbb4fea1b20f5ebbf7c69df35afed48d50a4bceb68 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\964490f8-3cab-4484-a3fd-4bad0d0dae14.tmp
| MD5 | 293659d19968aeb75662ec7083b2b6af |
| SHA1 | afe8897be2181151bc3ef02323c2145e6372ce4c |
| SHA256 | 67e421e2c32f6c92e220a1f19ae98398eb7984d1841d830b489686749ebb62ff |
| SHA512 | 97025249472e14dccd49839ae6b9702ae4dd2ee469a3e79af929c6f121b2801b729cb8f79657a87568fc32eb71ab2b65440afbaee5061694fdb89b3d7bd2fe77 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\d647211d-7313-499d-90fe-2d3234783bd8.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\081adcef-7ea0-4e5f-9bb1-1b938c3db511\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\081adcef-7ea0-4e5f-9bb1-1b938c3db511\index-dir\the-real-index
| MD5 | 388f81493adc0e4e31bbd43d35209754 |
| SHA1 | a29abcee688fb655c4eedcc0d174d6fbbe030359 |
| SHA256 | 9afa21b110da0bf62b3cce2175e6cc0e0dea8b85a33a0769c830c4b2d40cf56e |
| SHA512 | 09a21fdea67ce61b094882a1ccad8d9158ef391537eaa40ae4c2875e902affdd99e68148a72ca1474d77a79c01c67e8deb1bc0c57aad736746ba76efe4a8529a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe587e05.TMP
| MD5 | f0968085101f78a5781aef95d496b006 |
| SHA1 | 9db07441cef23b2b27a352e6bd6f61e84a56ef1d |
| SHA256 | a23dd2c46af797c6e43337ccc2df6b5d140dca6f4e8f8a1f83dc4cdda73240a0 |
| SHA512 | 8200e9c282f807b9b3034046a74a5897dd8707200647d42197f92ffad790c7b604bbe393eacb9799028bceb4f0c08a08ba445712da6c4ad069b2f9c1eb6d3035 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | d43fb0fe2357873f15fbecc9039161df |
| SHA1 | fbdf9a904d49876e299f209b17c6f8db15c6e8a0 |
| SHA256 | 7e3676f4186ae9f7177653ec14978202f6a346ed94a9e6a3ddbb3280e5d58515 |
| SHA512 | 9253338cfd7cfa9c4591ec985f29705329a2c2a1050396f19dbc2d3eb46a70ef95c5b11c0cb773691f0dbfbb0489255ad64e5fe3941c2e6f372bc60f1175ee23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 912faed941a5c828531be1fc43077f66 |
| SHA1 | e6d11d71de817990bd00f199429ecdfab1051015 |
| SHA256 | 01ac349e75a1b9b49a592b72162df4352756f5e8aec41396035b30d013cd67fe |
| SHA512 | 1a943ce1525f5754b7ee41162cd9378a0f23fb5f1e49d768bba9f2880b9bcf03450bf5ea5af0d98600a4c416a520c176d7c8a5c006e21a52ac7072c3c1da5982 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 4b020e03ce5f53743b91d4e1af3ee515 |
| SHA1 | 59695c86ed25e1484aa9edc3e918570f6ab0423b |
| SHA256 | 5071028e3e722bd2d569c57a4a83e26d7fac62001d94d7d2d21c70bd85f52231 |
| SHA512 | ebddc4321b9e9b5b1da220581ea2560fe5b9a6b6cb201e95fb65fde9105e04f9b2d69c2789901e9e274dc1278da782761da2dc6580d9ffffd9f1543a4db8ca83 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State~RFe588037.TMP
| MD5 | 8b0cf166d4adff307c00b6964c831609 |
| SHA1 | 6fee40cfcc23b6abfe591cfc66132c8ffb38f8b1 |
| SHA256 | e456397037049ccfc10cce6a0cb33bd491a0f5d0a71967a630d7ebc80d970086 |
| SHA512 | 66b826e4c61fabdd6480172fe53f94d8ebd2bf531d627e2cea91b8a359792277abef8558b2599891e9e341ffab8e790e1c2cc7cc5ac2150bbef76bb2396482bb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 9b7ec2ceb138dbe72c0cd81ad7043784 |
| SHA1 | d288236a5bf5a5a8285e16600587b1eba42eb38c |
| SHA256 | 9a6443ea6e3d991980d577211da0919a47c628166629faa8c393edc3594929a7 |
| SHA512 | 4f91bb0f9f75b5115b461262c6b78f71e62a7f5e6c51a7acd5756847c7eb0310efc0e260195354c9fe49fd1c2af1c04c9851fea5a66313c27f14526f5682b2b8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 72515b496aeb8a3ea1404e1656e5c6cd |
| SHA1 | 666490fa7c845407887c7a91658a826f30d35445 |
| SHA256 | 1d9e772a2f73f582d825317e744720ab8e10b59fb21e7da15247f2adf03538b8 |
| SHA512 | 6cfae3299e76fca95c1072c50dcb7d5f24fa9ff4e4ce29f9182685595f6e092a1551967a678bcbc1d50b0fa63784830d28c9e55aabb8d334fec586a8c2f977d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fd132fb9f1b3439be3c2c93e9668aa91 |
| SHA1 | 7ef1895210bc1d1a9a6eb1087df6b465489d56bc |
| SHA256 | dcb1ee28f41e187a499fb371c4ddbae44edf035c9134baa678cd087eeda51dcd |
| SHA512 | 28b709a8cb8fa2ad3c865051532a222085c1fe1ea1b224126bce05d8a49f689c9036a0d7595ddd372ca3f3b9febf8e32db538adf3fea2ffca0a524ce21c5429d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e60f2edc3431c27d033d72d24057102c |
| SHA1 | 741dbf4278ea8f9a45a579c87cb195445c4a53fe |
| SHA256 | 867056f7ce42dfb8e122403df5bdb49ee4f172d51af4ea06a2b315627319ee2c |
| SHA512 | 2fe56f9bfcc838186b27d927feaf0e6eb2b2efd4baac0fec0049e15a8e4110cb8cb8cdb0ff4262bea7160c949dc2cb2d370f53498e088ea603a10b1ee5929739 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | d0db55a002c4529a2647da02eee67f5a |
| SHA1 | 800dafc61433fc873c31c713cf57edea35bf8c4f |
| SHA256 | 90609f706d2649391a0bef9bffae76b978f3b4b1f83261f707f5453ba87c60af |
| SHA512 | 74a9b594a4ed06b6dd531a7745c62edce495941edd5ba6140d09df95908f56150bc743f1b5489c444b731c84ed361adb32badec15346653c076c46a8b2f03446 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity~RFe58e181.TMP
| MD5 | 4478022cadc58672d008af7c1ce2d586 |
| SHA1 | 3fc55773f701755aa67d61f043f949c436881961 |
| SHA256 | f28d80f5ff7d7142ef4543d06fc5a1effdda19ab5398d380b8c220b32968fd03 |
| SHA512 | e6f08a74f19ac91b49709eecfbd819d18bed301ee60a9d068fb478adfe179beeccdf416bb85dc014726c3ffb255d0a976af2b828068b9efca3485bb62c11226e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | b39fc8a98d2b128e03226140320a6f7f |
| SHA1 | 40395ec04795b36e0ff97c4e6e828a0899ff936d |
| SHA256 | e55520b3b83fdc6997e60e62f7a7aaebc84c401c9707c1675caaecbc44d8c0fc |
| SHA512 | a9ecb76f609552fd4f109ae17e4c2c266ebd141abab3d189a93930f63032c710959aac80811432e00ab533e81bb87b01b19bd90c65a3abb84facbfca6c668336 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | cdd34828b338c4a2c383d3fdad28372c |
| SHA1 | d47f35f1bea1b9e6befb101f9815fa132b5cf106 |
| SHA256 | e936e3b72d175adeab76783e97d6881ae610afa6478189d2efa900933d2b7947 |
| SHA512 | 41247be1d653236a4baa3035b981e506e20bfdb069c93e669c260346c790aa1f1933ac82185b3d60f3791f46e6fbf56bf0028d7b086e5184c7031f60f1ed38c4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | cf4b12aea212944c599e0626492c76b2 |
| SHA1 | bcb4818ccc6e095ccb691c2d32cb08da8385062b |
| SHA256 | 83e4ca56c7b2ca01edd9f610a5ee511c62240972f87f1ddcdd1f2367cd358a85 |
| SHA512 | a392fc12258a0eedd8d971cd08180733a913447aa3c4506cb90a85c66e14d4cb08fa30a78cefa4d42f7a0b1ba5f8e9b1dbf6df38a3471bbfc93e6c29d571b4c5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\002a5eed-b84d-40d5-b180-c424430df8f3.tmp
| MD5 | 5898dcf7e5daa5f954ae1d69f2ffbd06 |
| SHA1 | b13e0d328941e38985bb9e52ec0017356541b8f9 |
| SHA256 | 738568215b63f56ecaeae89e27c4a454f68ab984517d978c19ce374b19de8cba |
| SHA512 | e2234a5b27582305f9be37f59b98e1debcc7784a2776c41f1fcb82665dadf69999fb4c610968001101978ce95c4473cc32fd801785c9177311a1ee74967ac74a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | a1777985f5d2ed219b9e77580f9faeee |
| SHA1 | fd6bf5044c2d39493355375dc418bca8258e90e5 |
| SHA256 | 0cf9798e8b95c5884e859b1e51587d8f82bfa90ba1f171c6d9e58956a3c33efa |
| SHA512 | d6627f47b4fe29f20f3c1f428784d32858dd4fa8619718f841386f27db3b3da781545901c77e1a5760fd8c6545852f6265a085eb0e24217280c2b08cfb6c997b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 3880963b19ed9a3e0713e3864f3ad7ee |
| SHA1 | ac69f1ea339c67d8ad0318c24f008fd3e86d3898 |
| SHA256 | 2a431421673914c827c825c2362d73e18ea8f90e3bdd83b033e1ba876dd35b56 |
| SHA512 | 2a4184ba1c069451e3565cee3c7384ffcbe04e16cef72789032c3d8bfbeccc41b2f963d9f6125a3c43be50e2b26b375244282befab50caed7baacaebd3a9b31d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 932bec12ebba59a26b20a47ad2faf925 |
| SHA1 | f9ba2aef8012ed0a4535811d4fdf7016d1459882 |
| SHA256 | ad4e93b6d792079ff78f66a01df7a4760160b9045772cd7b0817eea7c21a013b |
| SHA512 | d2ebdbd54bdd3ed24338eb8305e3f9662cef842c286879e1c5dbf464b1a2ff5273a47cb98d683e2cd3ecc5b44e61215394488879102ff8ab052b1c9457e7e5b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 7bdc48278eceb560c70b903ca509ed69 |
| SHA1 | d8cee2eb9928fe59166590e7836e4dfd28fe4a14 |
| SHA256 | ee76bb3f3b9eb37e50e80890a84efaaa91da07ce986c8e87d7f2245c3954fef0 |
| SHA512 | f03d0b6d2af11dbcca7fea3dc349fbc4da5537882debb817959a1064acf4cb1512cd11b27d9135bdf600c2ed4158e5704cc29db75bea059247baaf0e8259fa02 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State
| MD5 | 807bd278531ca473bebe167928435219 |
| SHA1 | fccb160ec62924b6e87d718c2a512c620d1e7471 |
| SHA256 | 690a597149f498e8f9e7675ec845c16e28054d789da7953b9df283f4a923e91e |
| SHA512 | 32e5346879d0051b665b7a6c8bed496c3e260f879956eb8f23b3e4041ec47f68bd723bf5a190fd3b9132f7f048fafba69bbe589ba874daaa2ea68b8f04908bec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State~RFe5992e0.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | ed476488f8f6d9e612545c4cffcb80a2 |
| SHA1 | c03ed985eb8153c37801826b9dd3708cb428bc8f |
| SHA256 | abe0b9b90ecea26ff7c41d1c29167826c0d36260b5e860d98804ea1dd1031e92 |
| SHA512 | 56b9e8f91c5e7f8d16ea331be31b57b5c18bb3a16391fa6feac3997bbfbb847eea94b3cda05c9b435b89e7225f6b56214e4c60959b58897b234c44142b97a3a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 3955b9b2d8376a0c7be5f6a457507a50 |
| SHA1 | 48bd9cc98a7ed404be389423197f3967ea50ca7d |
| SHA256 | ad14eed383678e3d0185826ce6339d68e92573964ffd9f961aca070862d3e440 |
| SHA512 | d88c4a327275b1acd94043ba69af881f24f87ae88f3b625c67d6df1ba9850994fcf1074fbff8be02fcad6d838574f377c13bd5c9d6b3dc2fffe71cf4c1ef26ae |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | ec021b1deb5c1c6bfc3424ceaedd3ea5 |
| SHA1 | 2918e8c868c5846d8d53ab575647f2ce11e55c56 |
| SHA256 | f2e04a1882bc6009ffa60bb931c00a7896d65d76b9167712a023f152098645d4 |
| SHA512 | 3844f4afbf784ba00045de58c87a65fd60109f85e540823849d469c014dca1fa1d54f2562b9167f5ab64ad395d1c8bc84fdc2dc73b406d4e41ff4dce15c118ae |