Analysis Overview
SHA256
8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed
Threat Level: Likely malicious
The file 8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Checks computer location settings
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Checks system information in the registry
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Modifies data under HKEY_USERS
Modifies system certificate store
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Modifies registry class
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:50
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:50
Reported
2024-11-09 22:53
Platform
win7-20240903-en
Max time kernel
150s
Max time network
147s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UDYC2PQW.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\7ZXER6TY.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\7ZXER6TY.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\ZRNYNVMQ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\MNECPCS0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\MNECPCS0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UDYC2PQW.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\I8UMTHDT.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\NZJGQ3DZ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\NZJGQ3DZ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\ZRNYNVMQ.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\ULUK2JH0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\ULUK2JH0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\I8UMTHDT.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2436_2045106729\temp\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2436_2045106729\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir2436_2045106729\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\yb981B.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf600000000020000000000106600000001000020000000edcb924d466247c3eb4bcd4390212b736db47f79730d36dfc95ef548f5494afd000000000e800000000200002000000054cdf50a4dff9cfad9844ff95d5f1fae95b72f255c7f6914a415bebb3ff9bd14200000008c671e93037ce93d0c98f7028d643a7ef8014eae42ee7a27ed991df958d84b2340000000c5a8b98525a24bc6496e6b5d3c9fdcfd5cb3e7b992a6608c9e8c364198096615f4b1334902c4e7b44dbe17219d99b91a4c9f664caf724a3db6d647a158e7ec1f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a7e3310a2b0e6e498bd88e48ec67abf6000000000200000000001066000000010000200000000c410ecac33748270f6d290308d9395c7ebe30c03a36db6729c762a6644f6e0a000000000e80000000020000200000009acd606c0266ec6e0066e2c25413e9021239c222ffa9fd17610139328b4c4b1290000000a565d173f82047446083e3aed3e18a30e8972bed609dcd3b3bbfd0a64a2b1dbfeb5d0a82f4bc3bd06d0503d8c7564f90644910ee7566e28019fbdf634f17170ab2da8956140eb974f838e6df36202ff7be6a34fa425ea6e31dde2335a41539b53472dbe93e26c9263b1395f107f4bdc0fea99c4fca41d8e67c95429525f996fbe9f36f568c63b901d32d358f146b3bc040000000cbda23bb77a4ec7a1f1b1fa7a3ded004c351d5c7e2712617aa3084fabc30cf139d93e6938364e522b87fc6fc26a108ab8e7feaed66609549d7caa82b36a4dd46 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\NumberOfSubdomains = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "27" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "437354524" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 80b47bebf932db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "48" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "62" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{14D99401-9EED-11EF-A160-4A174794FC88} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-87-14-80-e5-b6\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{61FB18F4-1240-4F22-88E7-1947FD9CC3D5}\WpadDecisionTime = 20335af8f932db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-87-14-80-e5-b6\WpadDecisionTime = 20335af8f932db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000003000000090000000000000000000000000000000400000000000000000000000000000000000000000000000000000001000000020000000a7f009f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-87-14-80-e5-b6 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{61FB18F4-1240-4F22-88E7-1947FD9CC3D5}\da-87-14-80-e5-b6 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{61FB18F4-1240-4F22-88E7-1947FD9CC3D5}\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{61FB18F4-1240-4F22-88E7-1947FD9CC3D5}\WpadNetworkName = "Network 3" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\da-87-14-80-e5-b6\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{61FB18F4-1240-4F22-88E7-1947FD9CC3D5} | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexWEBP.OBQZ742VPV3FSQKUTIFEPYNT6A\shell | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.crx\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexGIF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexWEBM.OBQZ742VPV3FSQKUTIFEPYNT6A\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.css\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.xht\ = "YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexINFE.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexJPEG.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-109" | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexSWF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexWEBM.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.txt | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.html\OpenWithProgids\YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.xht\OpenWithProgids\YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.pdf\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexINFE.OBQZ742VPV3FSQKUTIFEPYNT6A\ = "Malware Infected File" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\yabrowser\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\yabrowser\shell\open\ddeexec\ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\http | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.jpg | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.shtml | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexXML.OBQZ742VPV3FSQKUTIFEPYNT6A\ = "Yandex Browser XML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPDF.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\https\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexJS.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\http\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexBrowser.crx\shell | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-108" | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPDF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexFB2.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.crx\OpenWithProgids\YandexCRX.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.crx\ = "YandexCRX.OBQZ742VPV3FSQKUTIFEPYNT6A" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexINFE.OBQZ742VPV3FSQKUTIFEPYNT6A\shell | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPNG.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.htm\OpenWithProgids\YandexHTML.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexWEBM.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-132" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.jpeg\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPDF.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexCSS.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPNG.OBQZ742VPV3FSQKUTIFEPYNT6A\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPDF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.xml | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.epub\OpenWithProgids\YandexEPUB.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.htm\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.html | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexGIF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexSWF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.gif\OpenWithProgids\YandexGIF.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.xml | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.swf | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.webp\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexXML.OBQZ742VPV3FSQKUTIFEPYNT6A\ = "Yandex Browser XML Document" | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexINFE.OBQZ742VPV3FSQKUTIFEPYNT6A\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexPDF.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexEPUB.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexFB2.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexBrowser.crx\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\http\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\YandexFB2.OBQZ742VPV3FSQKUTIFEPYNT6A\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\.tif\OpenWithProgids\YandexTIFF.OBQZ742VPV3FSQKUTIFEPYNT6A | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\ftp | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_CLASSES\ftp\URL Protocol | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe
"C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe"
C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe
"C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe" --parent-installer-process-id=2340 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\1800012f-9048-4a79-be47-c4a08c7dcfea.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=237233000 --progress-window=131538 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\f8a0d886-7ad1-4db3-ad7c-dd0e59212141.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\5bc6e9bf-9fc6-432d-853c-ce206a7465ea.tmp\" --verbose-logging"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:984 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\yb981B.tmp
"C:\Users\Admin\AppData\Local\Temp\yb981B.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\1800012f-9048-4a79-be47-c4a08c7dcfea.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=237420200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=237233000 --progress-window=131538 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f8a0d886-7ad1-4db3-ad7c-dd0e59212141.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\5bc6e9bf-9fc6-432d-853c-ce206a7465ea.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\1800012f-9048-4a79-be47-c4a08c7dcfea.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=237420200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=237233000 --progress-window=131538 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f8a0d886-7ad1-4db3-ad7c-dd0e59212141.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\5bc6e9bf-9fc6-432d-853c-ce206a7465ea.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\1800012f-9048-4a79-be47-c4a08c7dcfea.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=40 --install-start-time-no-uac=237420200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=237233000 --progress-window=131538 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\f8a0d886-7ad1-4db3-ad7c-dd0e59212141.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\5bc6e9bf-9fc6-432d-853c-ce206a7465ea.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=274563800
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2436 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x1a0,0x1a4,0x1a8,0x174,0x1ac,0x121ed30,0x121ed40,0x121ed4c
C:\Windows\TEMP\scoped_dir2436_2045106729\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir2436_2045106729\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=1312 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x12c,0x130,0x134,0x100,0x138,0x473560,0x473570,0x47357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=33422687,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=D9A8A360_5BD9_4CA1_8E87_3CEAD1FE4B2C/*
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2436_1547537189\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2436_1547537189\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=131538 --ok-button-pressed-time=237233000 --install-start-time-no-uac=237420200
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=1068 --annotation=metrics_client_id=7db37f3d2f104a0ab676f492aa6710d4 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0xe4,0xe8,0xec,0xb8,0xf0,0x70792a08,0x70792a18,0x70792a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1104 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=none --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1360 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=utility --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1500 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=audio --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1992 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2016 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2116 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=service --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2712 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=none --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2808 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1096 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=none --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=500 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=none --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=1976 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=none --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=1884 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1092,10462385068013655802,5079397542862416408,131072 --lang=en-US --service-sandbox-type=service --user-id=FA6EFAB7-C833-43E4-B178-5CE613E821A1 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=552 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-02.cdn.yandex.net | udp |
| FI | 5.45.192.6:443 | cachev2-rad-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-03.cdn.yandex.net | udp |
| FI | 5.45.192.141:443 | cachev2-kiv-03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams03.cdn.yandex.net | udp |
| NL | 5.45.247.53:443 | cachev2-ams03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.19.117.22:80 | crl.microsoft.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.217:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | cdafd294e75df36890ece2acbd0eba76 |
| SHA1 | 1a2722af6e251a7ae8d7fadd3d3e0a121bf3c0c7 |
| SHA256 | 69d884e490922375556e9031409ca832a252f074adeeeaf1dcadb0cf2689a273 |
| SHA512 | 624d08c2b2441ed8b307cd24485abba2bfcedbfbafc68aaebbf79a218edb8b4390a2965b47d23fee8aa6470ab67d3051a6b3c36f48cf2c7cf0023549e995d490 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 5d05ff5eae2943d3b38143315ef54543 |
| SHA1 | 2781fe0850b0eba122e0461b4afc671c6fe4b82e |
| SHA256 | a9be74dc921cd13efdbec4f2188eed10f3b190030657f32a018b6b8d1938e4f4 |
| SHA512 | a0ffa62e8cb16a2e3027ddccf823e237490447fc2aace01cc182ac19ce04dd8d1e6808aa188d0c813592d1bf4b273f3c73e40a531426fc1287e4f6143b490376 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | e3c982282ddafddc813a6a3994214576 |
| SHA1 | c5ad6c6333efd2c53685de2fc84a5bf115ded67d |
| SHA256 | 3e5c7ebd08b4e6cb6c050de52fc8cd5f419d21a04140895f825101b7900ed101 |
| SHA512 | cfc41a90ca2160beebc38190d99e696188cfd3e793c6f14985de8789775f7c5ff7c3305e0c3ea6f475e88b48580bb3201b228fcbe0a34beb3d40e81683f18437 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | b1d28ce3c7891bd32a323a7023e386d7 |
| SHA1 | 1b0c544e52526846e244bd1666c6bdb9b4d4f2a1 |
| SHA256 | 5138d8fae018c1fdae60fc4d8f56074215cc725e60fbac11b33e9e8b82e50d2e |
| SHA512 | ee3a2274756fddb38c39e24dcaf3c950f1b9e3169acadc0ec06b2b5f83490fb9cb09c38e12ac7c2d8348a4eb7bbbfb80dacd6e7c51e31b07b2416af95486dca6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | ccb26be0ac8db7c30985861e39d9ce54 |
| SHA1 | c42b3dd24678158c4151bd0c657e38ba0d08ed46 |
| SHA256 | ecd2d2b7a8b1b8bdd399965f25e2cd5d35a4554d6f0aaad6b1e6ff0c688827e8 |
| SHA512 | ab69718a8b2edaca79f761de65d1618e7409c9319fb48e6fd9968959872e5f9fc2a32ab5a0c17b9b746fabf4088f6211f3e0d72000aeffdb3b383b369e315a2e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 6b5cd7066d7682f455a7e52e7027161d |
| SHA1 | ed120b31efe51f63b8345f33e858829244587c59 |
| SHA256 | 9679ca1b0c3fc8d46a48a931df8cbb2c0291c473b2cbf0820a9612648e2b6a18 |
| SHA512 | df4e3c9c75b4f71198ea7e36f350ceac899c42c5408a353bfd387e2c517f0519fc35db523c6d83cf497215e3031b1a041d1e2ddf00ab28e5b580e54186686839 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 9ca001798d122ae5eb7d0218784e4ce8 |
| SHA1 | 51c1cea4bdaaf5505ba09d554822143a7cb926da |
| SHA256 | 308692cacc05201b200e46f306a8e4f3ecf1d87e989d7a6efc950752e9fa1b8d |
| SHA512 | 2c4a0f8e0132467fa7b0c420d93e33e6529d35416e57daccf690acf876b055ea4f325be277a6d292ca9222ecb42d04e609e2cf3f1359508f5ab10116073dec9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | cbff32ba3e1e1ef7fe1e391f1dbb36e6 |
| SHA1 | d91395b2315c19dbc4e05ab018a0df7e583dd56f |
| SHA256 | fd92deef48ccc95d1cedd910c6cb68479f11b8b73c20a16f851a88b00ec27b9e |
| SHA512 | d8f230348b2b1c4bd775d40e4b59915d758a7020e9f4c3a7ce4e94d7e51507af2e3168497193f86553823f2f400bcf9f20ac9fe0d8df1fc7e24aa0fc0dfafcee |
C:\Users\Admin\AppData\Local\Temp\TarB638.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Temp\CabB636.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\81B9B36F9ABC4DA631A4713EE66FAEC6_6BA9632DDA5E7BEF7185565C8D7852D6
| MD5 | f4c57b9186b880b16c842bccde751870 |
| SHA1 | 492c881994a0ee9c622fe19dbe4ada55abc0a079 |
| SHA256 | 4c119d67161e4d2a458a4b27730794d9046f57f9187bc1b9f5e4846a17e94391 |
| SHA512 | 7d965eee9730c29ce73967f28791ad03ef30d312d0749c3a9ef1e2f663201ffe8512915260506b625e25af128030b8f3362de89f68a5a6179d345e11bf55bb87 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\81B9B36F9ABC4DA631A4713EE66FAEC6_6BA9632DDA5E7BEF7185565C8D7852D6
| MD5 | 39577690a64c164c2092a7326230c214 |
| SHA1 | 99b9cb2d60cfe0462cd1a8aad3ffbe39308b5eb0 |
| SHA256 | afc937c69c69801c7d99ecbf514f141b332df6957a0bc11923cc371823672264 |
| SHA512 | 210e5b880af480917596815a09c9f57a20c49158659c1d7b594d0d9312d7eeccd4f5a238c052094989719a737a003890286a9a45794856f5230d0759d9b52c4e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VT9H7T7S.txt
| MD5 | 03ca616d8b2bba9c507ff96ede1795f7 |
| SHA1 | f4c68df573fded3c42146e1b6bdde16343ad6e52 |
| SHA256 | 92055fc343db808b6f99f4dd8efe31f8fc4bec0adc31646d8e30f0d95427d557 |
| SHA512 | 065873907e1543151aec122cc6592e31451ef7b4e019bce605fd0462c71abfe1cbbe94e19c53263095a3b14cabcea6f69df40c848b9a0adafb3ad548d712ea30 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | e878e2b4d53d4a2a21120ea2132d05e0 |
| SHA1 | 22dd9f652105866eaa47669fad49ed23a253fd85 |
| SHA256 | 64e4e897746883e5eab02082d932833d9a5bbbe12f25cd4a61b690f38b07cd65 |
| SHA512 | 62db5a6e68e1585b1a61b4e5d3f0e65a73f46d621880c723e2bd8ab2003b52cf295476e6bf2fb8a3f3948508cef9dfce63ce7be9bcb4ac37efb2115681f3c52d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 504b008e68e18b4d03fe13bfcdec3c96 |
| SHA1 | 20d6c529581cb9309941cc826546e41c59924178 |
| SHA256 | f6a6bed6ae4d6af60d2deff2898f32d560c77c7ae8159c30b09e7e18ce78bb2e |
| SHA512 | 8924cbe3b518ba2bb7f0d7c87a4190c235e6404eb198e0863250dce56eebde3185c10a6b0811029c58f68673e10eacd4230e5c0881266ee01169bd5b2a41c79a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | b4592bce553369cd0bca902d4bf1bfc1 |
| SHA1 | a9853b0e8ab6e4a4f71268aaffef4ce9dc4fae31 |
| SHA256 | 12d58ce1329bd6dc8aefae491dfdac8bfc129042a3a5221a83d3436dd30c0708 |
| SHA512 | a3535f38af98a075d54695af56f0513811e6b5337b4ccacb982cfced28f7c5dcf2e3dd73c367d598b948386f9fbd61eb2a9cd8cf1079a872e3bfd4d490089e47 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 6e8032ba97668d28c62ed2b6157e3a3d |
| SHA1 | 829733a489c9cfc2919ab8032009d4af4abe952c |
| SHA256 | 49a5d083ea6a5b16708018980ec37d46b39a4a132c26f260bbba00db8dd3106c |
| SHA512 | 6bad8eb44098f582129a1e2f7c6860447f3710b8161176b83df5445c526cf7cb5bbf4e07986fc8b5cb69f040a6e2098c6ed5e2074237d447b18382f93fa7aaf2 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\gsz3hkd\imagestore.dat
| MD5 | 3439720dc1fcde0a25b055a55547c398 |
| SHA1 | c0967864db3b94f8280005d4545d4635414c3cbe |
| SHA256 | 680cebedda5e10247684ff3184520a4fefbfd255666af7c35848dd1bd936ca62 |
| SHA512 | 9da4a76538853516dfaa393f9e665705878947d5217fab7789e2bdab2577b2b26ae1d5f7fbbf22103b850410833e883bf31b9ae38b31e0d19e07ae05f8a50129 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8452S9S3\favicon[1].ico
| MD5 | 5bd286ded38badeda66e9c395b814405 |
| SHA1 | 49e2213a60c70825b9552505cb8b7334a3a29a40 |
| SHA256 | bdd8486f2d838c7d9b0e2dcfe732a52c92f63879525206c2662905a051dd31ea |
| SHA512 | 96bfc9211f0f1c1c375e49ebcfec9e85280bba64352a4936b95e15d5128e77e9b4d5ba60cbdd76f8e39ce7bf537e8c77fef218e0b24856f28fc34671fcbecd0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8d1f5da157a6637793ea42dce2367ad2 |
| SHA1 | 66e6f532cf8f07fb87faaa0df9f70f5092d6ca59 |
| SHA256 | c43b4926ae70bc5c520442334e2fd03cda0f0befccd9ba6232e81ce57de42334 |
| SHA512 | 5b0d15bfd6a8690c5d1ca51ad9f14d4656645c397ba4e9b5af22589f18fc9b6c493f697d0b80255c25ae57d21137eb7c6dec9ec2260103c898a8baa4b972a12e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b81394982e89daaa95594ed7ef747f43 |
| SHA1 | 544e3d7be8fc69bf02a226561bed0c2c12955888 |
| SHA256 | 11e2c55f7c8a1e30d991c8400f34feeb7f1409d59ded53e0a4fa27080331de96 |
| SHA512 | a307a682bec6bb60c74485f8973ba6ea1cfca7c6c8a1a20fd96039fe4eefa910ae1ca19d5b2891c4a75ae59114a3c9ea5d49268b4a99653c6acd1524a3cd5c68 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8622489490cf14ccb8bce418d654012b |
| SHA1 | 2b9b50f6da36b6fc1eae649fea4336eb489666bc |
| SHA256 | e9e99c5fc8b62c6d1e21947ea315280c034026c99d4b003edaa82cf6d403ebbf |
| SHA512 | 2595a252c1c60f3ddc3425af04d56224c656813d5eca67877b61d023e3b40018c335197b3d4915723be27c791945a36de20163b3452d98c436db6780772476e6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7af53507cda436c39f098c78c62dea8f |
| SHA1 | f770f03b840a4875e5b3b388e8f816a3edfd9624 |
| SHA256 | fafbb07032e95dd8c6f89122ae7ade9823eae37d5600c4018646ba5181391896 |
| SHA512 | 2061e6d765d6acb20883495c0c044852efe7bd7a510fa27f66bd720e94d29be5029d263990246f7c99b490b4c2558a504bfd081ed4eeed19fda5af80df937c2f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67d8d05a22e10f90c051dbb216058257 |
| SHA1 | 8e15c7f76a52c65df70eedbee35f840a2a15da69 |
| SHA256 | 86c85cc38ca646f85010c7ddcf0946208d8540222ab73d55590af90c7626d22e |
| SHA512 | 211efc449c0e43f1dcfc3d9fbe996ea5c26e598f4e4c9e07d499fa3e703615ba133c156a6808d9fdb70aface26013c35b5c25efa69a259fb02bc330335bd4202 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 00ae00501a732adf0fec89b4a2f3b5dc |
| SHA1 | 5ff5769235ca82d76f42c37c7398c16593becf49 |
| SHA256 | 526124b642819dfd593749fbbf05a199bae4a03e3eca43815be922e1038936c0 |
| SHA512 | cf8e9171f08f59a53ca5ef4c122182e700589d75638cc0fe580a8f1fd511eb416230ff4051b6e562075fae802d1a314ca226874cfd1e5d681263500d11c9c49b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 81f22614a62f0d1a4d508c7625bea837 |
| SHA1 | fdcb645bfe190b397864cedb5462f09c9929e372 |
| SHA256 | c784d0f07e428f8f258a20f8a6515b6f8dde87d1bffe18293554ddff20a44daa |
| SHA512 | 61326e054d9121bd8125a4a55113ffa9c1a144c9af210dea5b93ab0c3476640059e9eb3c44dbc5640d3980134963866b7b96d39b2d282e518b9b9a8c600f2733 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f2da37448adfddbadecbbfcbfaf459e |
| SHA1 | 12e8d3036a45e1d2e5a471ecd8baf1fe56c64694 |
| SHA256 | 1e192cf85ce14e99ef98ae5c81607929d26ad0a9e654f67f16871220e8f6e1db |
| SHA512 | e3687770aecc708908d835043388ce7242aeaf8c382f06ce9573c79d6e76ce87310e091c3b85beb4a69427a9b4bc488c23a45d6135e2d950c26147412a7d1a06 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\RO6NS35W.txt
| MD5 | 2d1ea7058b74b26f6a67136b4d1583b7 |
| SHA1 | 949cb849695abb51fa5cd141ea9f2dd81b61181f |
| SHA256 | 4d0e60dbe4c7d44b6cec48fd473703af881ac4c5a96f4d626071695543f3e203 |
| SHA512 | e87dca726bbb52616d7eabadb7950287fc867e9c2c65fdb61b9a8274cbebc746042f80c295a0559373fa20a4cbf7b9ce7d4f3ffbaf88e1d58a398eb5d9cc0ff3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 11b0e1ad2f8b4fee12b462133b40df8e |
| SHA1 | c8ed6802d6022086c090dc91b9dedc6bf008d453 |
| SHA256 | 72e0bad71a3f3ae11d390eba14150839f4d585e3bbc9e7a9878cb2beaeeef4f3 |
| SHA512 | 2f5353d9dc05d87ed7e1d9148f194c20f3482c405ddbc512d9e522ad950625793d9462999d4b61cf0cac7be5dfb38459f1bd37227d0da7793d0899e41588d6bf |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ef0b07a5e06c31ca3990693378a73ff3 |
| SHA1 | 7ed8599b2d97dcec5886a97839e59b74f46943c5 |
| SHA256 | f20ab50c00f5982fb698d3a1b1029d9bbe239f4e97be13ad61b5a280c2490c67 |
| SHA512 | 2b96c8ae7116eed6ca1880ddb4ba21985b5fb4956cabd8565829db7a1ea1e7087ac9de605b44e7087daa9f5b5fd5cc2f53befb6c97b52011d15b716ec5d981d6 |
C:\Users\Admin\AppData\Local\Temp\website.ico
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 9f6befc3ce6dc3ef930cd461f795fd2b |
| SHA1 | 445f0f2b0330b16ca3073c18bd0e550b9c1ae657 |
| SHA256 | f960a911e0a99d4dfe5e33f734e4b7f5bd1f397cd546dd0f4baa5583453c24b5 |
| SHA512 | a47ab3d92918a3348ce69077ecf276368b238a6a8832ac1d05d36e197657dfb7136df97ea4ab26ba4234ba784bdad89c4893ba0b353bbb452cff46f276114fc6 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | a934ffe21e67d70785598dfb71e7eece |
| SHA1 | 00fe6d6b8093763ddd4677637b29d0bdadbc1520 |
| SHA256 | 9c453c98bd8fc91d7f01c1c35ebc0652c73cad5d27a62e8e3f7050530d12c864 |
| SHA512 | 9e7fc6e532eff3a57de3641b2f72088ab564b4d56b7bf5f6d919a8a152ccf8918048bb5e14d3ef2d829ebba4779e9d1e37c157f3b79893e103c7514a88cad78f |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | fb13ff20cd380d5e3855896ca48d041d |
| SHA1 | ffaa56983ca0f8a546072c8d53da581520a2bf49 |
| SHA256 | 6bfc6704a02b75f7f2456c6c195f18f5af7c18fbe3ee1d2abffa876b6ff3992d |
| SHA512 | 7cde555322089eda5b0ef9396faf83a191c7c275f3f756d862b232ce1be8d179d7fa9363c48d0d7a54b781612712175563ddeb4d838eea21be3e2cf3b216c988 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | b80108802284e0eec060dbadc460306d |
| SHA1 | 545eeed9d0d999d485e58fee28884324e9e043c7 |
| SHA256 | b3eb9bc311f7cd41fa65ce8c1953d38295a1674b5620b2639c37d8a3c7519e0a |
| SHA512 | 2dc8be6cacb499129bd69092afc7a9017d167ab30760a0aee515101fef45d2a2a82d929f35104d500809427393222b66535f665e0344094ed8903e2b66bca06a |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 31bf76e62e19ec4a2a7d5a9c1ecb3f48 |
| SHA1 | 310d41dadfbbe034060c0faa3fcaa508cb8e1a18 |
| SHA256 | 5a2955514e66bd398701ca0b44f1049df92e8cdfff577d48106ac6f23ec95f85 |
| SHA512 | f0e3669ae544b61dab258fce5701d5d391a696aa5cd56c4416c46c9ff9ce816b1fbb93d5dd85ac76585db98b78d3b85dacc3793cd3b46c956a391cb0bb70b944 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 95572665db9e46c7551e9a563a133a68 |
| SHA1 | dafd4ff19223a6fc223ea193c88a0d5d2206201b |
| SHA256 | 97c458d56b503f0a41a5a13e4c5f593a6fcde27e8153edefa2def246aa05d274 |
| SHA512 | c688139935bf005b91b8ece6223b8d2eeb7862f1eaa94a828474f82426e8f545996a0c5b7415412a8fa3ca77ebd52466a9ef9aa32e097f6192e12f6216fc0959 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | d443e6fd8e15f2137e5d9053fd8a1c08 |
| SHA1 | 85b290c82a8b185d1e015c5036e707dab09b2bcd |
| SHA256 | 5c07f0f30314267c10ce5a60780f81bff18c5608adec127e14dd3431b7445407 |
| SHA512 | 4a25898d61485617098140dc2d4c4f70d1e0d9adecdce2be73b268c07face513af720675a8204ecd8ab544be36c9eb8f36c199a4d94a898bcc4633c24bc35434 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ca97f833c2fad9fa9c6c7bbe5dad2b11 |
| SHA1 | df344ee9281d6aaefae5ebef8d287e782bbc6827 |
| SHA256 | 85a68757a1c61794baea6c22b1601c94a5272c3c6d28cbc603dfc1b6176a1e9d |
| SHA512 | ad0b4a388e971253aed658d7f4bdd2030280934de71a8efabdeb1f090482eb3f8b75d7765c41c39193e650f17621dcf6e267b667011b26e71b00c8abbd7b6c9d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | caa425fe84b20b582890a12c40235547 |
| SHA1 | 462c264dc2c7363a5429c4f8172fd7f88fa33e51 |
| SHA256 | fb04cdf9def0676e5525b2a5ecd93f8281ed9cd061fbaeb64443982b3ee2261d |
| SHA512 | 76485b46206eba39a4a08df3a38f916c0ea224d542e5ca8177a9acfb355d80da07c2cd1e589abafdabe8615d69db116a53e748f3c9241c7549f5adef40ecc83c |
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_62B67.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
\Windows\Temp\scoped_dir2436_2045106729\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 39b45c9b4b2a43a68768ec8998173a74 |
| SHA1 | 7e999557d580fda5511f248b282bc24c253601e7 |
| SHA256 | 0769cc34c72b5a98313b7f9c0c69700ea3f75c857db405c00d3f45ec336336cb |
| SHA512 | 6180a95ebd70ac913b91536d4903fe51d6775d697cde26d09e16f29b82581276726d632b7fc50ae71a8992b94280b0d45c877af0f122c641332ed5717a8d8d17 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 204e48dd2b459309d7f012ce13171977 |
| SHA1 | 9a53502cbb30954f6cff2427532fe21c9b10e973 |
| SHA256 | e36264a3022c2dd287ba509a4d48c602cd748b4d825f6d484fa4a8bc4c93e7e9 |
| SHA512 | b63fa3e6186efa3b97da3f205b9e10b9a7c7793db286bcff1c1d3e4663f4e36365906646f2f8ddd361fed634bed06bcf631a00a6cb3da7792dc59130c057d499 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 8570b4dd937f7e373bfa5faf5718315e |
| SHA1 | 130cb3e2d23712bd63335c86ed39f6c2e0829cbd |
| SHA256 | d3b6c5a3987554397aac1d9e73f6714fa1366925a2d72e0623b2c2c0713f0525 |
| SHA512 | bcb1928b049f2fb859b36b65709e9d523ddef133113a9cd99080fe3f02a8fb3f802f5d52c79fd4ca66b9f47d0c1b9df6e1fe3fabb0ea3f41e2a6570765a7eb5c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 0088a6d17eb6723783528b26cc46abe9 |
| SHA1 | f7b2abefd73735beacdb1511211fc96cd4a7b19f |
| SHA256 | 7c0677d3ddb7c4354b5f9f49b936de99b988a1ca1964dbd23d9edc54179ad167 |
| SHA512 | 98d3bcb7fdfc1d56492ed8167aee4b42c7fb1da10f7ec4f54edceda49df785944adfd7e5dba3474898cfda11d8d6d9019c0d5ed67b10fdeff2603750070a0082 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 6e76f4d7c4573d2a3ca66fbaeb121e24 |
| SHA1 | a70119a2532f9c6ed61726b03d843922a06dafae |
| SHA256 | fd1b70bd6aea73d343e2eabbc1065717db60fa0e1efc2176b2cf4dae67a03087 |
| SHA512 | cb4bcc0eb26d293136e1e9de39f4de4b1b542c7e66ff6ea15415a39268e1a7718abc2e83bb2beac560c8b4ad48e2a0bb96d7d80da6388b0d3654b5f48387c288 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 6a40445d6d6a30e9cbb645b4254582e1 |
| SHA1 | 82fd2634b30d3577f61753c5a9d3124db31d1ad4 |
| SHA256 | ef42e4c942b0bb19cdd8f6014bc86134f8b58f7159aee823b39f6a4cf97db355 |
| SHA512 | 388a012416c43a9dc47eba28087e7436deb53e3ac0d7126ce6b92c981dd5490f6075886d615f9a29853f7f9420ab0c0016f3db996a31689454819c7425b6cfc1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | f4ec50ec94a07abf0850cbc7a866200f |
| SHA1 | ebafdfbbbee590f3b8b33089db81b912003b865b |
| SHA256 | d493a5d57d7bbedd7d1e2bead74c02713bfeac7078163ba7059667129da712f4 |
| SHA512 | ad578eb6d79a6d2c94cf5dfac213eeef3cecd2e6219b5560e3a18522a3c471c4408a80253fc2f427778d32bafc3c2e016e3383372238caaf36aa490378fe3b46 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | cb4ad326d5b72f3e640c8edecc538a61 |
| SHA1 | 44bfaa6192b79a469268ab4a1789b7f20bf69344 |
| SHA256 | 0d984f660e3adfeb733456f1b7ba43c5b94d1fa645db7a3c99a804e9439751cf |
| SHA512 | 41746b6cf931f19bdbbade277442b18ebc042aa012ac5172f214f7b9bec792f2acc5c232ba675a27397c3bde96267133d31218d586c1822975d3a718ce2dcba5 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | aa1968aee80b693f8de38b32f8d27768 |
| SHA1 | caf0c3bebfcf44061f68032d237a9d335be3934a |
| SHA256 | 1d6a26715b665a26b9d2ae3901c7ac5b4e65a432887b4c42e331920cb787b226 |
| SHA512 | 69ba09aa50e8029a375bb308b6a41f4ddef4c8e004aba0bfad49c3a05355cdecb364581fb7ee44059fca7ab2070357cc3a2b20f6b05eae4d3e59a8f153776d71 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 33aa9c9f5cdc5bc2fa69815093462fc0 |
| SHA1 | a38e61ea0b4dd8a629bff836cd41685a6c6f5b0f |
| SHA256 | 3f02d7fd95d46b18f3004b5bbcf25b84ecb09d312c63a6580c001c830c19072d |
| SHA512 | 4a520e062878fc0f4339b1e0479e062fd8a0df3bf780430ea6aa862b0fce945ff2ef90d15c870e7345878d5def513bf5f5e30a8a030e90f310eaa23866829a96 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
| MD5 | 46f71ca6aa30fab6c6d22dc5e6e1ad82 |
| SHA1 | 76b5e3c67df9c127331a5d7138e06cc9766f0a9c |
| SHA256 | 91a201ae40e18022035d1b31f6948770690794b8547d25d91ade84980d3040b0 |
| SHA512 | ae6810c228c8d274c66bebdfe6a344e3bbfb445c798eb443de5837f41409c4d5efbc44e65a8d68a410d111e41b1abb4cdefebcc824253954344f4f1e74dd5d1d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
| MD5 | 86b97526f262ecf87ed7ecd6c7eb4218 |
| SHA1 | d009c56e5fdadb73975c253a14616098dc8d243d |
| SHA256 | 33919f6b6975431c22a06c41c32e5f7092860958c68e453eaff9781bb6ab274a |
| SHA512 | dcfa8730ff4da19ecdf72507f36fac86f47c6133a13499605de9a70e8533da1984ff7f5800dc9a597c27b4649f237203f5400e344e22d3b3eb98e2d63f34f20f |
memory/2436-1528-0x00000000004F0000-0x00000000004F2000-memory.dmp
memory/2852-1641-0x0000000000080000-0x0000000000081000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\video-13375666312918800
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\picture-13375666312918800
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\preview-13375666312918800
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extension Scripts\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\07794906-ca8c-4b9c-8687-7740f2003da3.tmp
| MD5 | e2193e970559351d0156f0bb2e69c5af |
| SHA1 | c4bfad90a8d35574d68ca5bf08ba8e08954f98ca |
| SHA256 | 37ce12e1403dd075fdb31ef5e0f353ac889c15590274d291b046eea542c84c0a |
| SHA512 | 95405f7c846158c674170b8720ed53326f9f1a216562c8d47aa4e7e0e02e93439db6a5c980a1eeea06344600da34864fd9075efa12010b4245cf04840e540caa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\56422ab4-9491-4e3d-b928-1e4c4d06512c.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\206b30a8-8b74-4957-9cd4-392b1ff240c0.tmp
| MD5 | f6d0493762a2714445b8a07bb8cfef18 |
| SHA1 | daf9330a42e61fd38b85e1a7e65ae030669134a8 |
| SHA256 | 0158a98f43b21d3a434d3f3e4db5c44eb9cec39906d5bed368bedba26ce742dc |
| SHA512 | 878e2788dc9cd5a6018f8de9695e46b6d91bae01d8e31b024eda1566475e9d3f6318c3e3e4d1ecc8aa089f3af30f73d5caaeba7cf86d3e60a5a24f9a7ba9e8d0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | b478a22e1a2a4048be8a5b61bd77ba3e |
| SHA1 | e12dddd5623c51d5f41a11f66f7704b8441a85aa |
| SHA256 | 9ccf0c1dfbccd2759dc924f884ade1c6e425a28d27ee169ad5d8e5f1ca73cf75 |
| SHA512 | 8497ce0d84c37f4facc36f6ff9ef644742f42dc2d1a4fb6f32e172490f63b5557bf1803f522917d6dee589d89f2401bc66f7b3e7f373929ecd75c20137d9256b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\d130111a-10b4-40e9-a8e2-2503c90e79a3.tmp
| MD5 | 6fc871375a5d1f47ab2508c3109b1ba6 |
| SHA1 | 0fa3bfb9f7e52895e4f46c49dd6a4d6fe5af4edf |
| SHA256 | e68c4ac8cc7a3e07f2b1c02c6ee67ae0f83a5600fa7fbfe6bd17dfa9edc4b75b |
| SHA512 | b5999a7305c41218374652145566a29d42fe138ab4961562454e10c348c180faf7c0b35810e1f9d31c3684a90e794a08bf5101c2c4bb6bda6ff54a2c99520ae3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\e2aec08d-52ad-4c4c-9d4e-160200a10b84\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\e2aec08d-52ad-4c4c-9d4e-160200a10b84\index-dir\todelete_82e8a25a394d17ad
| MD5 | 388f81493adc0e4e31bbd43d35209754 |
| SHA1 | a29abcee688fb655c4eedcc0d174d6fbbe030359 |
| SHA256 | 9afa21b110da0bf62b3cce2175e6cc0e0dea8b85a33a0769c830c4b2d40cf56e |
| SHA512 | 09a21fdea67ce61b094882a1ccad8d9158ef391537eaa40ae4c2875e902affdd99e68148a72ca1474d77a79c01c67e8deb1bc0c57aad736746ba76efe4a8529a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\f78bbd38-4967-4bde-bdcb-d8e3108b82d7.tmp
| MD5 | 92492ab66abb667bd041730f60fe61ab |
| SHA1 | 4cf218a166f6b03a9aeb3985fce07d077054d05a |
| SHA256 | 26ac8ceba3d6d53c0d98db04dfe1a79f0def573ec160909c25d6ae3e99bae84b |
| SHA512 | fd09041b8cddb02dd3909b95e1df6f7ab00637c41e4c50fadb3b510fc0e8f81cf5f5341770ad5e17910cdc136c54968893e9d0620fd35a8b03af83b33332d65a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c16581f23a2db9d4b54bec7f81535b5 |
| SHA1 | b52b4c6acf385c93a3b9d400489b0a1e3c95bf11 |
| SHA256 | 1e3ace1fcd9b616dc11c4bc1697981c25e238cfbf4def94fa85a1173f8dd0a81 |
| SHA512 | b42a515cfb2aa2837d1f81c5636449c793f6c1a9b88cd225d582afe5b92870f91517c471a0a3800aa5aeeba367866ff576ea11671099a5f9eb2d9b5f9479bc02 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State~RFf77b329.TMP
| MD5 | e0421ebbd5db32417ae486536b78ee10 |
| SHA1 | 2a1379ebce60c7ff71dcb5afa51248a71cb9f74d |
| SHA256 | 41a54a83105fc8a9416339d98fd9d7184d3ec1523806fdfb7fd514cc0423112a |
| SHA512 | 968faab230ad4e6a0e86cd4e5406ba9f4165c013944687a0798a39cc709f002b1b8dd6c868f927a6f868a0c53095703dc931a44c73a60a2abd93f8f788ed0af5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 80c7d84752e9223c0f81aed202f75bfd |
| SHA1 | 11a070f4320d2b02d287aee5bd2b9c3dc81ffcff |
| SHA256 | 06f144006b0647ed2389cd7b963165f9c48f8837c5eb2bd50e40fb7431a478b7 |
| SHA512 | 8a9ad7fc3278970ba08c6550d67bbe49ab5ccac9e4b4ef67287af40f5638d223aedf7b7a24a4ba0347bdc8880edc1f4abf90158ac43ed8ada7023e41895925fa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 25ec1e967b630b61bc73035287e0fb76 |
| SHA1 | a424130d87cf0cfe30d1a52b9e43718791dc8d3c |
| SHA256 | a65e4b1c47bc2865b0328a0bfe0b571a23b5f28c26ba684f04bc016193a0ca28 |
| SHA512 | a924c57ffd2e72ed4c6d2a0ca8020dcc0f3868092c486b7be7541180ee609ebba8b047eaf8953531737437dd54f5bd1273670e93cf83e9700120fb6421628cfa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f263c90bfd49972efef316af45bf5fe |
| SHA1 | 10e4afd494c836eac9aaa43bbfe17676b817ccd5 |
| SHA256 | 6ae8ec83b0eb1e811757a7c190b25b3c4cfd03657d30b8db93b79c9d4e7cb217 |
| SHA512 | c7812390e83489d0766421f1cb070e75ab1735d1a1a20179333435091819a3367206b2fbfe308d42534c49acbfb3baaeb6250852bdc54aede71c72a4228443f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cf2cd1995357c8f75b396280a50fdd92 |
| SHA1 | 4ad44b5101eb3f178b259804691edaf93e58c4ac |
| SHA256 | 2a13db827c00132f88f9c9bcb4908eafa4cee6504894b3a36ec876fdd2e40ec0 |
| SHA512 | c854b239f587c50b3ab7fa22e947bf57609eb998ee96b930ec96986311842ecafb0717309f2bcf5776da03762549a29f07d2afad6019841103b6b448c623042f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | dbdd7339aa1ff97ea29e6566b61ff9b9 |
| SHA1 | 1b6e01822e72343e947ba29ed14d5c73de5a0664 |
| SHA256 | 90f084c6a6e1e2c50fdd5b710d8059152ae8276172ce343f548d7ba2f308c29b |
| SHA512 | aea022e53664f9fb197d3dca5e9825ca9202a3c07e6b2fe1d55677599f06a7a44c6330200456de279f6e414d91edb8bb8c3dd3c8511211a878d62fd9e510cb6b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 708ef7fc34abbe99aa9b589e16947b5b |
| SHA1 | 0a5e32e55ea94c63564c6c3d70403cb2d442f168 |
| SHA256 | f85fd1e2d42fb954fee310ad74833d99d96e2a22b2046ac5bcc30131e926cedb |
| SHA512 | 12b20400ce0485c066c72c9787b9276173c9e9e1beaf320bb758e95ff784d87cc596a1f931548329fe919b107f1e6704bd33d6b888cf5b61285103b17f7e0acd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3561a6091c11c82ef085b28b2006d929 |
| SHA1 | fb1745fca4b5e21aca102185da527969d6a404a4 |
| SHA256 | 487e0949fa21177e4b1f2f5e35c5259055e9bce540c7078f7d17152d3042b8bd |
| SHA512 | 530985437341f02f611bcbb020263fa6d141d91edc2efaa571302e5bfbfaa7a01399446078307cb1fa3ff1ffcacdc39f065b94198879fba6bbf030107c0bbb9c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a4f9f3efa2d51eba1c74f4645cd10a3c |
| SHA1 | dbce6b1532d068ced7061a6f1450020af548896d |
| SHA256 | fcbe294b7e24bc51b036a4e81dbc2d4b65fc962245b559b17cf0ba88361bb5e5 |
| SHA512 | bcfc2393491efb310ba3da7cf46a5974e8481b883a5e93ab6d7c25b6449784ebadc8e3f55cebc2ced1af83d9f9e43fea58ec43b7d8720c65df1aef39a6763352 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | f52a63da25a4778420a02f563ea925d3 |
| SHA1 | 990b1543da4b0fd4e76c581fe7a216f4f63218ad |
| SHA256 | 69c1c8053c78b11de93c3de5438e2493ca79d3d2e039ad8cfa663f58c76e6947 |
| SHA512 | 19bab6078762c46f56842e2ddf094963723ac7f9dbc1b3b881a245559a29411d990c2886892bcb94ebe8e93a70ec2bbfea91a95963926eb3a3da8a37d6dc70e4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 6d426dabf5ac0c5b9e1143074a8a86d5 |
| SHA1 | f5624c68ef4c3485341be441e561b924e3d9fa69 |
| SHA256 | 406506370a73413c09b031d34633e2d7342c29bd81e274f1afd7acbabff47e36 |
| SHA512 | a8460f6180d975360515be410ac2d8258c4ea99dba956302369918ceecd6f7a0fafa29b1d4ca7dc83dd9514cae0d267fdf6169813bbda8fad4e38d4a2483212b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 49cfdce6faf0af327fabbab18ecca545 |
| SHA1 | 89a425315e5b9909fa4a08c28eb0a21ebddb4c95 |
| SHA256 | 7057eafcdaab17b8a93f1e8a7948ff1333a051a990dde691281ea5bbe032bbf6 |
| SHA512 | b7192c02f56d140851fd33556dda546e0302b090452c1612449ba39984712c14b35b1209eb7721eeb159ee2bb67ee0c211db4097f6472cdf19405c745296f4d0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 9218868098cb42651c0d815d51ba6f9b |
| SHA1 | c0e06461898f679c2316e6172c2396e86c341ee3 |
| SHA256 | de5509af0c8daf1f5ac71520a9b98c90e49d0d5a196f88af50f2d69e51d576fd |
| SHA512 | 5336af7ded9be0d156ef49378677e1a5a693dda2b79fe96690b05114816e75c1f0e631c24673f3b2bf7b99d3bf46044ac2516cf89559cd97c28c4a6410c557a4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | e481583d047f82468b11add694d6cb04 |
| SHA1 | 00cd6b5f86fba1f12f26db2b537256dbb34ddab8 |
| SHA256 | 48ee8b6f88ed267ab317795ebe44dbb440b58c142b220a88832561e3de212f00 |
| SHA512 | 96fa566c896621b0c3436df664c7c6de89de772fea6c1236604071136e44f6e53adb27c2278eb056d601679ab0f4ec40ca426e2c9140d0d8f4bcc962190a9d09 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 61050e98c509febc646b0586589e56b3 |
| SHA1 | a20bb9280f180980614454e6e766f26e2b019cac |
| SHA256 | 1b88c9e2af77b789020bf17ddb004c680a425597602649bf3ddcf4b27efd3686 |
| SHA512 | d73994b55a500ba36efe970e057a6f18fad1517af066c2f4d0dfbac7a8a29026c05b4565e2db7c90532735c4a8fa48923848a3efbe8b324dde73ce230874d6c7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 8f696385d3ca112d2cd05b424a867893 |
| SHA1 | b62ac9984a4cc3de078afe009c1de5c7fbccdbfe |
| SHA256 | 1631a75a6ab216830872e34ed5fa19d9441e2b1ba40540c2407c96c4da00c43d |
| SHA512 | d871b959e892051ad68096341a03e1aada01b208758de304d7b9414d617a61da91c4fd3ba62df41cca67931399cc635e2c3857efd8c346d11d91f06e0e5d277a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 0ee9d2e08d5226984c3197494e57667f |
| SHA1 | 953fd9e261fbd611fc21a829e6fd3170dec67b46 |
| SHA256 | ba32ed1250f59beda621182b4542bcfe598aaac1344a153d874667f8e1099747 |
| SHA512 | 61de3432cbbba70e148ec408b120161409414d22c1313a8aa7e7482b516dca6034113077e696556a86ad6058c5cb2ed832d6696f1145f2d1db3486f8079804d5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 316caf9e980b7b833ff0053ba3769621 |
| SHA1 | 3a2c43529360b77a52e63482e992ce9c3c7aa1a3 |
| SHA256 | c7d6d4ac041e57f34d50f256902eb637d07c9b3718423084a77b718a719c92c3 |
| SHA512 | d30f9255634cc67523fb22c12be668dd59f0e4c6c7a731e77f15253806fe1c326569c0c7356ad09a169d098eb11f4056916ac27be218f9a2a869a125006e3545 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\cc7ee67d-1714-490f-a57f-494ab3d76492.tmp
| MD5 | 0b1d4f5347ee9f74d4160767c1469207 |
| SHA1 | 0f3c9e1da80c126afceb89cae26a47b21483acc0 |
| SHA256 | c271d98aae2877e7c5ec3fda3103c06e34cc6f7319e8994c6a6837e99d35a9fb |
| SHA512 | 46272989e314573c2d247fc8022966dd5b575c8972fbb79cfe1eff5e6124a8855f6dd5b2639fdfdd3fc37041ecffa459d1e8b9932bbeff4f39d85c7e09e89373 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | c1d434870ed417d6054a15375854c45c |
| SHA1 | d7dd517bfb24cd8fa00cd5f9a64e9790eb53b21d |
| SHA256 | 65dc009759d41db8930d3520c1221fed3944ae74b8f4a756e9b57236eab4cdff |
| SHA512 | 491106fb7c3996af968f2132edc32c717ddf1b4a01a3499f44cd4b069b71a20b48ac6d84fbff69139f3329918bee131e097045f1a3610380c9c9ac8abdd46e4e |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 22:50
Reported
2024-11-09 22:53
Platform
win10v2004-20241007-en
Max time kernel
147s
Max time network
157s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\ybA807.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.crx | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexCRX.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-104" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.png\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.html\OpenWithProgids\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E\ = "Yandex Browser HTML Document" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.html | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.xhtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.epub\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.txt\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexFB2.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexINFE.V7UCG3NSZVD447JAIOWFWLOG4E\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBM.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexPNG.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.tiff\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexCRX.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.pdf | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexBrowser.crx\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\",0" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexBrowser.crx\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexTIFF.V7UCG3NSZVD447JAIOWFWLOG4E\ = "Yandex Browser TIFF Document" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexPDF.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexINFE.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-135" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.fb2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBP.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.infected\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBM.V7UCG3NSZVD447JAIOWFWLOG4E\ = "Yandex Browser WEBM Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexJPEG.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexPDF.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.shtml\OpenWithProgids\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexEPUB.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexSWF.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexINFE.V7UCG3NSZVD447JAIOWFWLOG4E\shell | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexPNG.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBM.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBM.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.html\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexEPUB.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexGIF.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexXML.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\yabrowser | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexCRX.V7UCG3NSZVD447JAIOWFWLOG4E\ = "Yandex Browser CRX Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexINFE.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexBrowser.crx\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.tiff | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.webp\OpenWithProgids\YandexWEBP.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexCSS.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexCRX.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexJS.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-126" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexJPEG.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexGIF.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-107" | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBP.V7UCG3NSZVD447JAIOWFWLOG4E\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexWEBP.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexJS.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexPNG.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexTXT.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexTXT.V7UCG3NSZVD447JAIOWFWLOG4E\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.xhtml\OpenWithProgids\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.xml\OpenWithProgids\YandexXML.V7UCG3NSZVD447JAIOWFWLOG4E | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\YandexHTML.V7UCG3NSZVD447JAIOWFWLOG4E\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe
"C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe"
C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe
"C:\Users\Admin\AppData\Local\Temp\8f702bad1aefdc220b8597d3321fa11b61331c10d76416c70505e9ce73fd73ed.exe" --parent-installer-process-id=2244 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\5f44f3db-eb5d-4ce7-b4a0-e131cb424d5e.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=492741203 --progress-window=328084 --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\b35fc1f8-4a86-4bdc-8edb-97168c6f3de5.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\e5a829a4-4749-4a9c-a2f0-72c0e8faffac.tmp\" --verbose-logging"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff83c1246f8,0x7ff83c124708,0x7ff83c124718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\ybA807.tmp
"C:\Users\Admin\AppData\Local\Temp\ybA807.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5f44f3db-eb5d-4ce7-b4a0-e131cb424d5e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=21 --install-start-time-no-uac=495366263 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492741203 --progress-window=328084 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\b35fc1f8-4a86-4bdc-8edb-97168c6f3de5.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e5a829a4-4749-4a9c-a2f0-72c0e8faffac.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5f44f3db-eb5d-4ce7-b4a0-e131cb424d5e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=21 --install-start-time-no-uac=495366263 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492741203 --progress-window=328084 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\b35fc1f8-4a86-4bdc-8edb-97168c6f3de5.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e5a829a4-4749-4a9c-a2f0-72c0e8faffac.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5f44f3db-eb5d-4ce7-b4a0-e131cb424d5e.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=21 --install-start-time-no-uac=495366263 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=492741203 --progress-window=328084 --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\b35fc1f8-4a86-4bdc-8edb-97168c6f3de5.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e5a829a4-4749-4a9c-a2f0-72c0e8faffac.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=509148873
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=2172 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0xeded30,0xeded40,0xeded4c
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir2172_1625947472\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6016 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0xd53560,0xd53570,0xd5357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=AEF2DB0A_CF0B_4376_9C36_B5F7B32589CE/*
C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe
"C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe
C:\Users\Admin\AppData\Local\Temp\scoped_dir2172_1372208555\explorer.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=4144 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0xb5ed30,0xb5ed40,0xb5ed4c
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2172_787146391\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2172_787146391\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=328084 --ok-button-pressed-time=492741203 --install-start-time-no-uac=495366263
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=1320 --annotation=metrics_client_id=649d4b373712447eb622734bfe99ceb5 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x184,0x188,0x18c,0x160,0x190,0x71ac2a08,0x71ac2a18,0x71ac2a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1856 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=utility --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2236 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=audio --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2848 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Video Capture" --brver=22.1.5.812 --mojo-platform-channel-handle=2840 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=service --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3464 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3588 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3712 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=3080 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6284 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x340,0x344,0x348,0x31c,0x34c,0xa0ed30,0xa0ed40,0xa0ed4c
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=utility --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --brver=22.1.5.812 --mojo-platform-channel-handle=4628 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3356 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=1600 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=1936 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=2940 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=none --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=1808 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1708,12667595698022843951,10579207697635969919,131072 --lang=en-US --service-sandbox-type=service --user-id=5C144FBC-17EB-459C-8393-5DA355B331FD --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2256,14883893985356808882,4902844271072677197,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.244:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams17.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| NL | 5.45.247.13:443 | cachev2-ams17.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | 13.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-06.cdn.yandex.net | udp |
| FI | 5.45.192.146:443 | cachev2-kiv-06.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 10.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 146.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams03.cdn.yandex.net | udp |
| NL | 5.45.247.53:443 | cachev2-ams03.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 53.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 105.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | 142.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-ams21.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| NL | 5.45.247.25:443 | cachev2-ams21.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 25.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-02.cdn.yandex.net | udp |
| FI | 5.45.192.140:443 | cachev2-kiv-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.209.201.84.in-addr.arpa | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | api.uxfeedback.yandex.net | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 159.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| US | 8.8.8.8:53 | sba.yandex.net | udp |
| RU | 213.180.204.232:443 | sba.yandex.net | tcp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.204.180.213.in-addr.arpa | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| RU | 87.250.247.183:443 | tcp | |
| RU | 213.180.204.36:443 | tcp | |
| RU | 87.250.250.29:443 | tcp | |
| US | 8.8.8.8:53 | 183.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | d84f8d5ecbf9ec051897fe517ccbf406 |
| SHA1 | e2bdfcf2c544d8d6a66b15f2529425f483cbc389 |
| SHA256 | 93fc4f5d5c88933549a351615d7889e344d2657190d8926726bdd71bd5661dee |
| SHA512 | 5fee10ffbeb431ab66fa7253377e4ca0f8c99e0a2566f10d92bcd06d58d0f104dc4cea8455f829b9501b2c09d6cb7d53bc812ff8286f1e4d5557f6e18a58dcb4 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 34370db9f3248f1afe6a4025ea489098 |
| SHA1 | 464e5733017600105e6ab9b34153e0b696f840d7 |
| SHA256 | efa4bd8fa5fd7bd95ed21ba0aa22fa4fbf78367f2fa0c39ed22972dfad2b1bda |
| SHA512 | 36809effedba0012bb9f6ce4064db4e1f1cf1fbff3a806bfa685e5af600b1133169b64a0103349e2dcbf85a6375ad64c7536f9bb6b992f376cddfd2cd6d85807 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | d6ccda99d63728ab7c5e704878f69cd0 |
| SHA1 | c7a43ffdebab0a1d82bfb9a905b276fd7e1220c0 |
| SHA256 | 1baa4ab9f88bc71af2d1da4e48d0df80a0109587137f1fe5334b9d029605e03d |
| SHA512 | 2aba740d748fd54d933687839d6a469b3b29dc4e33dd1f0378148a2382d3a05b5aa89f68b53d89da7af018f6d24dc2b667506d376b23e2cef5321b5d2cdbd5c2 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 9c8689447086e36a34e733f513420ce9 |
| SHA1 | 093ff683bb7bc79d9d9fd35ac67e9ff73fbc9c2c |
| SHA256 | 0a4f331132d1cd816fbd37bce5612e5d60dacb9a09e07d81b2cd7505434d8cb9 |
| SHA512 | 03da5df1a8492c86ca5ff3011a01eae92a3a41db2fcedef25b6b387ee1729bb0a2faffd1c340550ff3ade6217e578ed24e6fe66d5f587529a4f2ac4524f1ced2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7de1bbdc1f9cf1a58ae1de4951ce8cb9 |
| SHA1 | 010da169e15457c25bd80ef02d76a940c1210301 |
| SHA256 | 6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e |
| SHA512 | e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 85ba073d7015b6ce7da19235a275f6da |
| SHA1 | a23c8c2125e45a0788bac14423ae1f3eab92cf00 |
| SHA256 | 5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617 |
| SHA512 | eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3 |
\??\pipe\LOCAL\crashpad_1056_KVFEZILNOHTKUGVE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a85c3b1f72829c1745c76323c02fbb6 |
| SHA1 | 35a9be821c54a94ea92298e5c6c905334c2b45ef |
| SHA256 | c9ab020580a9c97cd276627c1c2f56f75c6e8b9ea71fa0237069fceb4f344dd0 |
| SHA512 | b6dc8a694aa7c80ad6cfb362982d415a3cf72c3e74f4a7d4e80c21d63f4072fb242c5df04920783812c5787c8c95bd0ee374114f028e4ec21d302063dbace844 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | ccb26be0ac8db7c30985861e39d9ce54 |
| SHA1 | c42b3dd24678158c4151bd0c657e38ba0d08ed46 |
| SHA256 | ecd2d2b7a8b1b8bdd399965f25e2cd5d35a4554d6f0aaad6b1e6ff0c688827e8 |
| SHA512 | ab69718a8b2edaca79f761de65d1618e7409c9319fb48e6fd9968959872e5f9fc2a32ab5a0c17b9b746fabf4088f6211f3e0d72000aeffdb3b383b369e315a2e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | e6c37c42f11076ab32a8a108a799abf0 |
| SHA1 | e4e6624e16f1ab041e764c45026bc28eed6059ae |
| SHA256 | 7b74969f65a7c9dcfa04758bb17cffa006fc08bb791c71264d699ffe6145a45b |
| SHA512 | 95d03d7fce205e71f6e8dc949c340026f7c109efb710e52e608b47f8b52747d045e8053e1fa5e05903a33bdbdf4d028eb1a6c8e52310e02b750333cb6c54f7bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 9ca001798d122ae5eb7d0218784e4ce8 |
| SHA1 | 51c1cea4bdaaf5505ba09d554822143a7cb926da |
| SHA256 | 308692cacc05201b200e46f306a8e4f3ecf1d87e989d7a6efc950752e9fa1b8d |
| SHA512 | 2c4a0f8e0132467fa7b0c420d93e33e6529d35416e57daccf690acf876b055ea4f325be277a6d292ca9222ecb42d04e609e2cf3f1359508f5ab10116073dec9a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 76322789186cfbe73ce239ebeca2895c |
| SHA1 | 1e878aaad363888d1b830c69615f09f62327da67 |
| SHA256 | 3003ebce85edcf5713c44692b6f0726bd71027cf678e5151164535a58415fb83 |
| SHA512 | fa424297a693b41d52063f7c2153c279618a3f3548e3026bbd732d7c880599ad4b8f6ab6f6dcc03456175e5b5f1b10a67f53c30c8173ecd039cf341c823c478f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | a28440070bcd10d3713e54ba16b16faf |
| SHA1 | 8057d30f5ada5954f2ca14cbe173f4e8b3c4bbe3 |
| SHA256 | 2eed690158167489879cf554755faec177cd8267af8f796160d35600d37cfac4 |
| SHA512 | 3c14ddcdb317ef81d5f6b71c94ee3faad32518362fa7cac5cd2fddbe893cea0104eae71b9c6721fa8bee8a30110aa5b9b0ecbdc649d90127a69d25377266f62d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | e878e2b4d53d4a2a21120ea2132d05e0 |
| SHA1 | 22dd9f652105866eaa47669fad49ed23a253fd85 |
| SHA256 | 64e4e897746883e5eab02082d932833d9a5bbbe12f25cd4a61b690f38b07cd65 |
| SHA512 | 62db5a6e68e1585b1a61b4e5d3f0e65a73f46d621880c723e2bd8ab2003b52cf295476e6bf2fb8a3f3948508cef9dfce63ce7be9bcb4ac37efb2115681f3c52d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 0857fbbd8444f461fa3b52730b18ff46 |
| SHA1 | 487990577fc101968611ffb4604a02b70fd4fe78 |
| SHA256 | 30fd73f2ee6b12d5886a57e0daea8f39cd4fb8522c337316f12021556b1f796d |
| SHA512 | 629182d07160aa98b0cce01174c722f5cb74b6d801d1de61c22934d01bb04e993b1b8ef11e89675ac68326a48254fc4b97a4e7c1d8e780fe203dd1e47ebfca73 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | b4592bce553369cd0bca902d4bf1bfc1 |
| SHA1 | a9853b0e8ab6e4a4f71268aaffef4ce9dc4fae31 |
| SHA256 | 12d58ce1329bd6dc8aefae491dfdac8bfc129042a3a5221a83d3436dd30c0708 |
| SHA512 | a3535f38af98a075d54695af56f0513811e6b5337b4ccacb982cfced28f7c5dcf2e3dd73c367d598b948386f9fbd61eb2a9cd8cf1079a872e3bfd4d490089e47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | cbee055c5f6d9c20079786d5aceead62 |
| SHA1 | 74363be6b186b9ef3b360259ee27de07634445da |
| SHA256 | f7363fa0b753c5767cfe971cd983b35e20455bcf791e4ee19eeb6ee68827da51 |
| SHA512 | 5dde0418871f6c6ba0c221e798eb02adda4e43eb11790a7840af5d56406194f51ea19204749d72d3ebf23af9fc5b50c71441537c2f1d3c965d634db1a4f8b3e8 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 34a27cba09c6f680237fcd267d1a09ed |
| SHA1 | efec9e3546022520483e5462c4049796d0f18b82 |
| SHA256 | 6a7b3bed2f55ad9d9d3691b3f68a95ba565dde113485a6d8e5235e78b350341e |
| SHA512 | 815b5afa468f5c5ca9ffde114ca5fcce474cb4b08cf9e6c82f38152c30cbcd8528382b1274917084f706df34c205051726bc9326751774bd5dedcaa755bcf1e8 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 8f66cc86bc0ad74b26a6847ac054f37f |
| SHA1 | 7ce7e3310fef5ac4ba91fb1fc31b790ef700c5c1 |
| SHA256 | 6bebcbfdd59818a35664061efe801c17ad7a9129bb5f988bc98802a91d0ce192 |
| SHA512 | 27ce3d81fa5ba31959352044800051cb8c1cb730cf3f17e07e0906e7f84cbd47c560d768f4a2576ddd1e6d6a4cfda78ed902a7e69f3e7976ba5b89f5c3abbcd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 37aa49e7c8d00577d6eaa8a705a5d5aa |
| SHA1 | 86bcc28b516eec49f8dff1a25c38848a2c2a7959 |
| SHA256 | 13d5aa1b0c16e0ffb044a2a0dbbadc43400ad57f4d7c76d867614ec24d7cccc7 |
| SHA512 | 328f41cad11e23f3aba6d2affcfcba6c91775bbe9de302abfdbb070661782a018ff7b55799386dac3d851224f76c4ace61db9e91dd6863c5b0ffa4d6a1008609 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | d649224de13aad1f88d992dcba5f69db |
| SHA1 | 70a638391cc397e80c5bc5aec55bc729444fb0c1 |
| SHA256 | 240d98267144899b3f4f4eb4b8efe8b5831c524cb6c25796a68bad5995723649 |
| SHA512 | b2a8714fdda4cbdefbaf3b4f012870354c3265d7aff6eeab874f1d3ec15435f9a0613ae62acf413adaac5f158b481958d8f36cb3689c922e59e08d8f54d22de5 |
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 9f6befc3ce6dc3ef930cd461f795fd2b |
| SHA1 | 445f0f2b0330b16ca3073c18bd0e550b9c1ae657 |
| SHA256 | f960a911e0a99d4dfe5e33f734e4b7f5bd1f397cd546dd0f4baa5583453c24b5 |
| SHA512 | a47ab3d92918a3348ce69077ecf276368b238a6a8832ac1d05d36e197657dfb7136df97ea4ab26ba4234ba784bdad89c4893ba0b353bbb452cff46f276114fc6 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | 1b4e424fb7ebbf48ac5bef004ed34906 |
| SHA1 | 8746ae452ce9e0620092a255fe79613f6d9943c3 |
| SHA256 | a3c7437acd8c1210fd496ad0a11b772aeea7f197cbd88e7a427c4bd351d03eff |
| SHA512 | 5df9be210574a30bde960228ea2ed7b01f9fcc97e039771d2180e1cf2f896e1d96d0fd609836a286d48652e380eb55b5eab2faa2088d796e7019b15ce8e10ee0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 861777a6f02d7e8d11e99ab2e2d8169b |
| SHA1 | bd792be2eb009d4999de3a18fb7a8cebe9e28fd9 |
| SHA256 | 0199eff03de7a9fca45e0e4453b676260ecb07103fae752615c815b972842617 |
| SHA512 | 6846747a3fcb111fd96f965174b3f68815e48462da9d4543a6aca75aea8ee57b69115bf7b95c23cf0920f8d02def52337244b8cbb2d693910d2098e5ced2c456 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | fb13ff20cd380d5e3855896ca48d041d |
| SHA1 | ffaa56983ca0f8a546072c8d53da581520a2bf49 |
| SHA256 | 6bfc6704a02b75f7f2456c6c195f18f5af7c18fbe3ee1d2abffa876b6ff3992d |
| SHA512 | 7cde555322089eda5b0ef9396faf83a191c7c275f3f756d862b232ce1be8d179d7fa9363c48d0d7a54b781612712175563ddeb4d838eea21be3e2cf3b216c988 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 95572665db9e46c7551e9a563a133a68 |
| SHA1 | dafd4ff19223a6fc223ea193c88a0d5d2206201b |
| SHA256 | 97c458d56b503f0a41a5a13e4c5f593a6fcde27e8153edefa2def246aa05d274 |
| SHA512 | c688139935bf005b91b8ece6223b8d2eeb7862f1eaa94a828474f82426e8f545996a0c5b7415412a8fa3ca77ebd52466a9ef9aa32e097f6192e12f6216fc0959 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 0d107380615e3705b5674c0310dd2810 |
| SHA1 | 75a69e842fc6d22bbbfa01f6be88de2848685454 |
| SHA256 | 8cf1b26e6537b4d26207832e61f5121ed12a3f5b3e560309bf202c8b2f36e6f4 |
| SHA512 | c41c39787b3eec9503a37634dff3c28d7dc1d8095b938123c82a75a50340c99988f575108989cfa634bcc3c54c91f1ec5864d9b7bec5ebc8e0c3dbd8f3a873a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f2bd621c00af8e9fb8a74b97c88fff7d |
| SHA1 | 4f4db96718db9501166672b782a2752835876be4 |
| SHA256 | 6ae39ccc3a8fe8ccde0a1fadbe8542d01c38555b03cf26ac76b4e5d3f769b0ac |
| SHA512 | c525520dd02fd1f549b37ec0ebf445501c1b27f93e2a486f81170cb03efb50f2b5276ce2425c38db721965162719b8eb8a6bde1a9a1fedf9dc56be1564e3cfc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 461c65b2e011d8e890e62296a5234e1a |
| SHA1 | e68dc351f87623d96eeda30d4e30fee822d3aaa9 |
| SHA256 | a3426e1af64d68b687baaba7cdb19447d7e3fc926fb7819aea0af72e5fd93974 |
| SHA512 | d59a97a38d5613db79d6b91f4c01539408d2607aa374b4710f00af263b793fa78541cca80f46e3788b184d57e78b0f5159963d6b0c379fcc2d94920e432a5601 |
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_A4F65.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | f500b9b4c7fec8278f60ea51795c6268 |
| SHA1 | beb7572c2e67e8fa855022c90cefffa0bf3515b4 |
| SHA256 | 80f575575dfa22f3ca6851871ccaebd30a3e7bea4a269fcabf6aca5eeb1cf92d |
| SHA512 | 7dba479c3a1c6ddf6e97661362049d9d1e79e2f64a6d6f0a3dbc1cf8bbb04958d398f2b3d76c150837ec05473898bc7b56d8e5bdeb6818c3ee1abfd24df791b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 29d6e6bc5267c7cb729d22df92624b30 |
| SHA1 | 06a86a84044520840c6b636c423b90aeb1bcf66d |
| SHA256 | 549c697f52c6bacd66d7ce5f08e21a1d920ec390b1b41225d4a8e6cff81d73af |
| SHA512 | b01997c7324d4278cc570eadc430334e0bd2c276d3dea0f41092e888adaec9061e4ff4919dd39985ac1346570b84a104445e550c4f31adaef41067018d2d8022 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 8570b4dd937f7e373bfa5faf5718315e |
| SHA1 | 130cb3e2d23712bd63335c86ed39f6c2e0829cbd |
| SHA256 | d3b6c5a3987554397aac1d9e73f6714fa1366925a2d72e0623b2c2c0713f0525 |
| SHA512 | bcb1928b049f2fb859b36b65709e9d523ddef133113a9cd99080fe3f02a8fb3f802f5d52c79fd4ca66b9f47d0c1b9df6e1fe3fabb0ea3f41e2a6570765a7eb5c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 3aec2b686e3defb58ab1f86ffe68d691 |
| SHA1 | 740e9e34d8cec6a4d4fe75ad736312d258c3b7a4 |
| SHA256 | dd309bcc8de3de8cc2c440932f418e74fcadd5e72d8de9cd0d62f2d184a7109d |
| SHA512 | cd3a00cdd9a08f552e9e131e015d39094ce71b0bc18b48ea5e0d964d012176278c62bc5a0a4fda56572b55ca49263287b076caddc53096a5b77c1f4786da0cbb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 6e76f4d7c4573d2a3ca66fbaeb121e24 |
| SHA1 | a70119a2532f9c6ed61726b03d843922a06dafae |
| SHA256 | fd1b70bd6aea73d343e2eabbc1065717db60fa0e1efc2176b2cf4dae67a03087 |
| SHA512 | cb4bcc0eb26d293136e1e9de39f4de4b1b542c7e66ff6ea15415a39268e1a7718abc2e83bb2beac560c8b4ad48e2a0bb96d7d80da6388b0d3654b5f48387c288 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | f4ec50ec94a07abf0850cbc7a866200f |
| SHA1 | ebafdfbbbee590f3b8b33089db81b912003b865b |
| SHA256 | d493a5d57d7bbedd7d1e2bead74c02713bfeac7078163ba7059667129da712f4 |
| SHA512 | ad578eb6d79a6d2c94cf5dfac213eeef3cecd2e6219b5560e3a18522a3c471c4408a80253fc2f427778d32bafc3c2e016e3383372238caaf36aa490378fe3b46 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60B3F7207DEB992031C120EB71F562CD
| MD5 | 94bf0bf032ce32469dd74f4f1f5320e6 |
| SHA1 | 86bff704a2f82816f346a6a374250f35743de3b0 |
| SHA256 | 54f08bfd73dd3477610059c4a1d92723e698def0efa7ad4661584a51d9aab79b |
| SHA512 | ac62c42bfe02a35739dfed5df012bb3ef1f7bdbde1f4d9dce9448812bb6d25891dbacc2591e859f644c95151bdb7179f4f8e355b81a2a38ca7afce4980a79901 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60B3F7207DEB992031C120EB71F562CD
| MD5 | 97781ec8e3b62a1caaf993ce19294b4e |
| SHA1 | fefb5ac435276c56c9e030c6a66f08acca375e48 |
| SHA256 | fd3d4dbb89db92a2cb2388317e24ef7a13b1b5e3940b9ee548fa490cf15a23c9 |
| SHA512 | 862cf976980b5d93fd4025fbcbf4c70f8e2333b98b0c3257638ca91a618d75946c02585ad3a5bb85eec5eb3a76a90672402941e32fabe87549a79d6083123ef4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 571da3d8f173970419f383c05262bb10 |
| SHA1 | fbb3c5f26b834cda7281f27206d6b84006201e42 |
| SHA256 | 22bb40bbdb552e5fd2c0918fe0eaef3590ab3f008c02a3c1a7e54efb22074f14 |
| SHA512 | b4c484f8cc68dd19fa1161c03753fd0069bf8a197396530764007a4427a979ade9621efb73539ecc81ed89ac5be8b011c16d2dda0e585630aea95fe4f17231e9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 6ce8dc72dcd923848143c859ace50002 |
| SHA1 | 169e6d2a9bea329bebb3db08416dab80327d6818 |
| SHA256 | bddf7eee55b0157bcb4d3aef14228d5bb2ebc08283c376c2ddb46cc96deabdbe |
| SHA512 | b4b493c2c0ed243358da4c3514aa6f3562fda69d24f37bffb0a1d009ac7f20163317b9f8f60ae7fda374e88214d6eaf3295f6f4d83de6916f9833d00113bed45 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 22d2d03eae23fb019f3dc6df1ae3ea1c |
| SHA1 | 766de2422a023fb260d9f10c3c3467854f4924de |
| SHA256 | 41793e8b6087ab0500ba4a37e79109526287e761641f492ca33cd9ba76ee3295 |
| SHA512 | 98bb5eeed0b2d8d5818522f25affca38432355f279b22d35d526e63b6ff150a35d94ce5a3f9851c06347c6e0b42bfe0d9bcd90fac3ccdd1e222fa67c40440987 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 6fa381d5206aaa4b98d0dd408ae7d5f3 |
| SHA1 | 7ff599ef1b1da2a06348eb77a0444488cf2f688c |
| SHA256 | 35c2f93e5628cf96fef99a1610051e0d97ef924ad6c3da2e3e6fe209eda163c2 |
| SHA512 | fb043e6bc6dda193871828b30c5915beb8f98aab75bcb8ba2c466057508d6e58e0e867e6621e6009cbd91f5df8fbb04f77cfa9cd3b1ff390cfaa11d26879561b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 1ce65e679187a293e9561a42dd928ef1 |
| SHA1 | 8347fd036b8ad0aaf77cf11115ad0b3862eac532 |
| SHA256 | 22e7e67f34bddce8b846e5f8166c7cf92e22aa92505c76d36a73ce664f5d58af |
| SHA512 | 781280685a21ac6aa213a584f0bf0177e92d08736da6e5ff0b35444034400b6f13f8c1f34aa14f8cb172e6ae6159e32b221198df79e2a897ed7327b2eddad86c |
C:\Windows\Temp\scoped_dir2172_1625947472\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | a1e378fff5296730f544aa768d8d62ba |
| SHA1 | b0ad1ffba2d697d3a70f917876993d57d39a3581 |
| SHA256 | 9757ddeebf6646e54c8e4d67e136ec07b8db6e372f29aa583c6d54961102a0e1 |
| SHA512 | 321995e3f83236f717993dda43cb3d946fab6d440ee3f8ab642ef95ff41eb22a2723ad4d4945a40b920dc45f40abf196506544ecc3d305d5f3e92274b16ac483 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | b2771a0db94db614983a7070b51b5024 |
| SHA1 | 957d5d65a8490ae716e9879b6fbeaff3c5910687 |
| SHA256 | fdf1960deb6f85465174d312a602ee8f8e4e4f43f17d5f23b9a8d00c47b643bd |
| SHA512 | 703a7272c9c99b0e1a9c6eacf0d56995eaebfa58f4505020c1896f88eb761003bf8c46abeaf91030205d49ab2095c90c8434fc21d996463e04da1cd6befc1648 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | d40c6203299eb96b2ebcf0a58a55aa1d |
| SHA1 | c77293430b5483169463014dc6edfa3398b598e9 |
| SHA256 | a98e219c5d44d702cf7916a6f8d50d502980772e6c49b7e2599f85c8760e675a |
| SHA512 | 1cb2fabc7c8c747a252b68ea0b9274c3755bdbf4d772e0338b5f75bbe3f0efbac7a31cdcc05827dca7f0a90ccac165d0a07aad41f55a55bb274e5db2246fd852 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_GB_
| MD5 | d05ff01c9126cf5b4fb6930083bcabea |
| SHA1 | 01c12d9e6a373f27e76a474c8ad3daa4b8774ae7 |
| SHA256 | 2060d394c4bd711a83bb9d613c90583fbca220970ee31534415014a9dd42980b |
| SHA512 | bdb27c1bed92e07045087952f78a7e7621d2915bd15672b5fc738d29680de72733e1d6d702be859b4bb0631a18b8a27775abee52e5de5db996b53c5dc6a75767 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_IT_
| MD5 | b2354e0b4f3a3a25f9e0637e1848687f |
| SHA1 | 85e3cd44b2dfe0be78befcd8eb6c0776e5c06f1d |
| SHA256 | 2c9ab87ab9fc5f8f8d2f2c73128148167b3cfc52325a40366924a9997c070f92 |
| SHA512 | 2e9ec9ec9bd7f98b126a62635bb24ba42f7da202b6760b77ff97c4d17471300e592bbd9beb13256cb5a61378a574424a836ae57eb046ac195a10415c7c1c1810 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\wallpaper.json
| MD5 | 19feb60966afbb9d1b797a050278f13e |
| SHA1 | 9874bcea4222a8f56d59c91b7abe603687a4f67d |
| SHA256 | 94cf5e38c38f78a42d70599c469a3969e4b3feb292da450a947d8463a57bfb9d |
| SHA512 | 2abd6fb2bd126ef99a7f0bb79072fdcdea2670d1b296ace2b4f9ebbabb343594b140b6c2728c31af339465619a8ee9faa2e3d64e1847e9557c50a79144d24196 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 64fd713b1e1f3252886b77e4e606d53c |
| SHA1 | 0f553961541f020d1d9f2d5f16ab0cab72c2383f |
| SHA256 | 1c0f05b4eca7127192e94961f30364d22b91f670e71ba46aad7675ce28f1641b |
| SHA512 | da666313aae61b452b711d92633f356639a029825e440dac0c4a3591f293ab990c8751040b27b3329c5d2ff3e77a1ba7657280b1d08a3416a16e576688807529 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | 94aa453a6cdbd34e69bbe2f4693b4c5a |
| SHA1 | c8c1b8590d2fcb66d9ad8a3706c2a7b15f84e3a3 |
| SHA256 | dddb5d56f63059b6429a67fe0ec143e894b8731368e93cc1f46bfe415af86e8a |
| SHA512 | e83abe3d9000cf285ed5404c0d4cb11a2cef31299796d1fae7218301f4558ee84f9e27d22bdf7a4d39650ebd2de85a9a855787212e38962258c8268e83e3e651 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 3a1e3d1e0463434cbd8deb421d73b112 |
| SHA1 | 0750d36567529bd5ef422ffcb7061957bbcf497b |
| SHA256 | f1e7cf1bd64f05a06bdb6e5d2d2a8457bfc0e111ac6b1293840c5ac0952af27a |
| SHA512 | 9254fba5a1c409875d82d29e134cc102942a958ab5344e32c10ad86ce8e0e84854a405a273978dc90f2538fe4f5d540931d62b89439a885720c46357b02d2ba7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\stop-words-en-US.list
| MD5 | 30c12caa6c35fdaa225f9b476c003aca |
| SHA1 | 99822ef9d67eb7a121fc811162af9e815559cc49 |
| SHA256 | ae6606ea473ca9a9f8913cb2bd2b1ae2e45905d7ddc9638074656d0ed1c08b42 |
| SHA512 | 5c38d37fc59032afa7a626f2b4a78195b95234a7a402010602423a645e3acd90ca63b2be82c20e762be20900bef38104efd4af12930e174c423018fe815c7283 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 31b6342128a20e38a224a3c395f1d5d8 |
| SHA1 | afea42f96d007c0d02d90a2cf7d3486c73969d9e |
| SHA256 | a135978536ba7409f381fcac3befed527e6d310fd4fb6a9e567adbb22e84ef2d |
| SHA512 | 5b53e2a4c66d81f4e3aec91be650c4b151812d7ea8a6ef1ff911dd56933f8153ccf4a9883e406b2a9cf59056037a1e7434ed9c6c102ad446db5b42e1af93ea64 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\wallpaper.json
| MD5 | 128fc7ac1e268f9e506c2d945f3c1ac8 |
| SHA1 | eb9a7130c1bd710fbdb278cf96664313b3ce7ef5 |
| SHA256 | face1c7f9049d15861f636fa1e2103f008fe90b7819228c1405338501ee19a2d |
| SHA512 | ee69306716398fdb6bddc3b6398f39a6de8ac253325431baaeb364ffbaa505c04c3c465769b50f2124b89cebc2e53abd4939fb23842127c018480d4ddad8869d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\wallpaper.json
| MD5 | 1a8908826d2efe5fa817ce6bf474700a |
| SHA1 | f25ed2de494bae4ffeca33071e5c2dc034c863f7 |
| SHA256 | 9c75f591907f6a631ba583bce6ddcaafa6f89a84a4bec8108637f7f471e821cf |
| SHA512 | 1b68183bd466d01ec25b1281737ac4e752263cd88b64e16324244812d46f8f985ebdeb35d065c7aabc7abcb93286e92b0f3d5b0b7173f5aa6e33891c417b6fc8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | ea6753f7a10f9f92b7790c93f8ea2411 |
| SHA1 | 0cb570e8ecc34e16017b920fbcf1036cf1508ab4 |
| SHA256 | b1f9aebdb9333b4b15c2a9339d18e974205cbd4a61d2a0b4d34a25b384a0de7c |
| SHA512 | f7974e99c58696a4d739c4d590f5f50094082473754e6b1fb8a82c76566cf3b5713b1e013126f8fbef0f0c8af2e08d09b32307958c9ed1a1007c04ce89539ec7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\wallpaper.json
| MD5 | dabb663536eef90a540783e707a311d6 |
| SHA1 | 9659fe0463435f3281983ce306ff22fc101f6e57 |
| SHA256 | d1c971a197cb79f1df640994465aa7543bada90059f5b2768967d2b57c6afd2d |
| SHA512 | ed6b4090eba519f2814dc51fccb92cdb703656c77be741f07753f9c84d09394d080158e04bba1ca9dee501b0dff2a21020883e538a6c0ced6a12602b7098676b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 69472b2b8eb07ec616a8e94a492c6c5b |
| SHA1 | aec5df4e15d292a360a5dd6125217ef063ebe65e |
| SHA256 | 6e9ef0bb0853c6c898ec033d54d9d5cfcb68a5f52cd8f9bfff3528a02c73e06c |
| SHA512 | e355958272292bcd7d767af692fb33941ad469809abb6366b1aff2bd4585de6a18b290258799e943f9a53416c9f5c139ccabc47cb337d0e6e4f5d499f2e27aa4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\wallpaper.json
| MD5 | a79af1c34d9d4fcc609e57fbd387924b |
| SHA1 | 6ae1f8730d03cbca17a1c368da8a600157e0ea49 |
| SHA256 | 8c60b18ca1810a5e75950095cb0dfb4bb9c32a18f99e5505cf40c39840b8a633 |
| SHA512 | b95aef743acb3c6890e3ca74fc260a8fdeb134ba399f6e9851d34a47fb2cad9791a64d6214acb956ba4c8b51dd710f8f10fa8c3e88fb1a0f52a7e2214eca16fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\wallpaper.json
| MD5 | 8571306e9021fc89eff3c5ced3e02098 |
| SHA1 | 49d6a7baa6ab4182c4b38c95be4bef1b243fc594 |
| SHA256 | 0529c0be39bdcb289bf29e6a9c774d907b444857cfaa47d3942e5dae1b75531c |
| SHA512 | 7657c0e48b4cfa3025bc33b0decacc22646bde2cedda7f51b98b19a17a91461ebee57f054b64edc58318ef6caef7227ac21b740527144f3fb0bc0a2e7b9fef19 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\wallpaper.json
| MD5 | 7b00cfeccb0f471865d2ef08fa1d1222 |
| SHA1 | 1881d5a29dfe86d6d19cac14a1a4b95b05494830 |
| SHA256 | 22557386855643b706808ea9aed33ac22fa26f58d2fc281fb0ba917cf55f990a |
| SHA512 | b7d80dccfa5f051b1ec8987193857aad83c7365e12f12fa68b8edc6ae0dca1d8a4d846e284fb8e15715b5ce7478dae334da5651b97a68189cb43c74e7fdf7177 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_UA_
| MD5 | 61aef3bba55267d45529f487b7e61716 |
| SHA1 | c397377caaced67127eab936369f117b5da158f1 |
| SHA256 | 792f8c1e9de09cec4f4ead577a5fbc15705347266b73a7cbb5c17492d7ad9aa7 |
| SHA512 | a37f43bc7d77cade850f0a85e6b3c0a6bb1afe06fd296ce5dcb17abab4d619003cc0f17e7182efb111fb84359475ebcccd5c283cfdee885e8bac95fb39f7fb57 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_TR_
| MD5 | 50dbdb9aaec42827cc2eb5d04f9c73a8 |
| SHA1 | 0769ba6c5fe530ced2562107472314ebb2cbd909 |
| SHA256 | c0e6fb42389e71e97b21f50c6dd766172cd4ef76392fcb2305ea747c177b3e21 |
| SHA512 | 7f5e0cc72d3956d7093bef7fc77605294b84fbd58c966b5091aafc5ce1f25788e707c482b40129f28155d8b88660ef6b954f9a682d43be337d84d7dfc175ec99 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_RU_
| MD5 | f95a365fc86e04f9b40d07b361907fdd |
| SHA1 | 5e399608d0491c04014ffae22c9d2fbc80ba79e3 |
| SHA256 | 86984ab8b856af9f74c8f19320edf37b0d77cec81c47d904a140630842ce4427 |
| SHA512 | 3ab98b43da1cd9ab2e26a247f04314c1ea31bcb61bccefdc8f5f458320b8d3b2a9fcf157b52e326e112fca4ded062f50e765ca03d62cfd95ab03a2087fe6ef2a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_KZ_
| MD5 | 9f63f6736c09a29280c8d3b3183f959d |
| SHA1 | ba172ce3c43996316f4c231ce443f880bedc9e9b |
| SHA256 | d33cb20100bd3f182514171f9d41fa36e74ac32bd30c2c44f0d471449b331618 |
| SHA512 | 91948d89a0cf9a4519066cd9b6bf2ee9d5e29270a77e57160354f4e33f3ab73934851136563f0d85d10dfc5acee5bed3bcafdeee179aecb85b8765421e1062db |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_JP_
| MD5 | afc46500500ca4fbd99209621ba961c0 |
| SHA1 | 530792f4d2dca8a77a6253d97c2047d221ba4188 |
| SHA256 | 33e924e65ef2b05e48ada9e95feb4c9c4b4be442f79a04c8d863913f94783574 |
| SHA512 | 2edd0372618df78803026824196a4841b569c0c3cbf4b5247556854201953d492b42b89eca5deb1ee9d8d1658ddabfd534ab97c3ea61b0ebad3d716aa2a40cda |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ID_
| MD5 | 38e1a9f53847518a321c65ab8ca40e75 |
| SHA1 | 7fb594a3a407744ff45169dfa4a3118a1bd747eb |
| SHA256 | 51feb3e49bd80615e19ff9a5c86a5a6630ce0b7b7c85c939f90a9255f9f2c12e |
| SHA512 | 2043ccbafdb8740c7cc967618893589c431db722b266c252e0744b031d5b7bc950c804349d7930691fa062537dee9100421f95b8e53c042793f06ef282e5dcbe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_DE_
| MD5 | 847356d02a4dfaeb0449153805dc89b3 |
| SHA1 | b608ab76c78ca53787191866dccd447be841c61c |
| SHA256 | c5a232993c677b3109542bd974336ad8dd42830319be773dab75c3e147c07317 |
| SHA512 | c5b01b532ed42c056db108f6bf227dc3773640dd556278c3af0a7a7229bbdc3963ac0286d4714884265e189440f04a31addd5a36002f22ada5ae8364c7e79a78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CN_
| MD5 | 5fb2a63a8a3cc86330484f6b89d17bea |
| SHA1 | 27a01c90bee60fe786888d641170768f76326734 |
| SHA256 | 0fb259ab08ceb8987ada8b362a48e0bf54c2063a7c374203dcbac8dc6558b056 |
| SHA512 | a87165e9a0eb49c04e03a4764505770ae936c8cefa346c41b47e39e90b31b33fdcb9cc0ebf1e706aa8e3ee34d81f5a815d4f9587a022c64a73e374f35c8de4da |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CA_
| MD5 | 9644ce7d7022710f9e3d15ca62652130 |
| SHA1 | 9501c256b77bf4f2d15eeebea872394be64453f7 |
| SHA256 | 2e9b8194da778435200d9eb756d4356e0741ffaac24e7f8fe064c35c2b572539 |
| SHA512 | 81e1cb5b76a19e07f9892fbbb016594b0545cff56e3d7b5fc124c9c54746d571061748f0388dd911097c03fc379dc25235db21cf8ce141396c4a712368dc8d1c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_BR_
| MD5 | eff751f0d80c5df86c5edca15aec9a4f |
| SHA1 | 49607e819f796d34d1ff7c1c894604f2a5de4b56 |
| SHA256 | 18b6ae3ebec51fe0a5398a53a3296b2300e75690b2f5d9763e68eca8e938d9c0 |
| SHA512 | 2e486efe9ec6c65dbef2d98f0f95f87282a210068118c71d3ad33fd6400e01b49060dac926a5632e317b5e3ed04f66638e179956531a299b31dbc249139cf902 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo
| MD5 | 0a8228e3d9397b33f203ddf77940b986 |
| SHA1 | 69249827fefcc7409098756a0dcfcb79bf1955ae |
| SHA256 | ba9cad7508d2e860014f4a7c7bb290034dc7cc4def9142bac3e5ff1120f5135a |
| SHA512 | a9d76de78b02b3651e93a927658945fe0320b395f50ac12055dd9e99cc5516408a1a6778ec281aac2e31e75fcf40ab84ff5665b06ae6892d68c349c9a5791de1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a4f6cf68b45ae2e9f04268e2caf2426 |
| SHA1 | 90658f641c28a8ffdaf89fadace771a19cc4ef61 |
| SHA256 | 530d2a7a234afe050fb1a504cc6a76a118bde88d513e6df2df6974b7ae0fec64 |
| SHA512 | ae8f268597fb64bea9bd9905a28aa28ed815bf5c1bbe5713804692d6be561806f51de1eaec49deb2d997b07e662155abcbe2c1e0d8c5488073daa6f3704053f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587f0e.TMP
| MD5 | e7d909c76a491bc871417eabedec96db |
| SHA1 | 875a5765cc9715c712f08bfcc2435a6b45b72e69 |
| SHA256 | e1a0ca836bbf735c9f0622aad8250b37f5abac60f79330bce227ac5f5d9113d5 |
| SHA512 | 3867ab3302314326ad26c6335dc9ee72ff6692056f4f113e827e651cc9cea332d3a8f55f2a493cc433646d026fd54893871361417e9aaecad37f2ad0d235136c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 70ba17da67e0a4602cb2d13bbcbf09bc |
| SHA1 | 23c7dbe5ec29949247309dfbfaf812a81bb98058 |
| SHA256 | 88f72db9c5fea44fb35156fef66e6fd493acfe0f320685bb199759626e57cd37 |
| SHA512 | 6f2dd1047d17f394d05848915930ff7b3e523b05a2de9eaed7ff80a189f441c579cba48157900ceb4e8f42ff0be29fa687ebb1c67f8b5fc24ed32f97b6fb3926 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Site Characteristics Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe588fa8.TMP
| MD5 | 9909f7492018b7e8103ee5b6499dd6bc |
| SHA1 | e18e7c56ca6c79635daf2a71cde99a5fd487db66 |
| SHA256 | 2a239a5e8eae0b07ecfb544c89f2f3479957f4b43b614b2a3dfb69686deefccd |
| SHA512 | e8f1481507540f7ed5d0b6035a744ce72565b1b8ca8554fc062315038d0052d3defb95e7db08ee8ac1deb63c80895ebdc6a29cb3d079715e036e53923b8b0dcc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 5ad5a438a1d5fb776f68c202a9d5f97c |
| SHA1 | c44e95b6dbb8af72a85523958cb3e3027861b9da |
| SHA256 | 80ab359f6c5b2b7fb7b0e04ebf34561de1afe158517ec365372a760212130255 |
| SHA512 | 33d7d258d2364737c310244f185f4ded714ff19bb1dfaa5168f76443631ed1e2f3e7211c526d465cd4276c853eeaa37f854fdd03e02c287a3fdfe69ed681d44c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\593d80a6-1e86-4510-886b-3562cf100658.tmp
| MD5 | c2c78b6f53525e81d98b42b97fc00e49 |
| SHA1 | d6a5bc9ba52970f263a6e1c024f6ee3efed31f19 |
| SHA256 | 41e946fadbb9b9b9265bd3cda919af57c7e1cda585fcfffdc9a168f4377183f1 |
| SHA512 | 49e5c8d9cb57ebae1918884f88cd8d3d14d8d9093235f446b2eb1ebe5a816ffdb470793cdbed71ef9fefca4272c985dd08f5642155bf916492675bf94d2ea86e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe5890e1.TMP
| MD5 | 531a4b2e30b07985df9c2620cb7693fd |
| SHA1 | 4c0317dbecd49a71c87f37e4d17f4197101aae0b |
| SHA256 | f79b22a76fd630f9b02d0f58cb276521fb9aef7051a59ca5f32dd1ba6725f76d |
| SHA512 | 72c3e1361848c64402d1723f9de6277db9110777dd1f540b29f7aa49af0df7e5ac60558e3046a805989239148ca9e687ba52b46dee83b5029c534d76899cea4e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\8fdfe6cb-b722-4933-9af7-2005cea0b403.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 454be952fc7f319af950f70176d0621c |
| SHA1 | 36b9bbd56fd8c38f35496925056d9cece3420c59 |
| SHA256 | 53f3353cb255a2a8c552d07560d2cba27336c486c307f4fa81b2c9268f233ec6 |
| SHA512 | 011bf69de080a7b5186611c2ed1c584dc42dc0cf4b1f3c74305907abce41ce11135a54fc9b18b54c3c71d4aa7ca99f7a18fcd3a8c7d30155afeffa9e6621ff2d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 7a2c8ae4f6c10f7e5e74f84d7d3f64c1 |
| SHA1 | 1a9aa65c19330fb2b1802f97ff4d2df8075a3b24 |
| SHA256 | d084fd2b6e208350fbe64832c3078ac41fa90edf935ed82773eae8653f28182d |
| SHA512 | 611326ca3e0be30ce5ff8ca12c67153c80de65f5dfcc7055defdc482a81b3862cc78a3006070e28450d72aa3966b4461b23f25437304af7a8b196ec651fd4af9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State~RFe5895b3.TMP
| MD5 | 9bbbe12c06ba7da43bd0e707a632f69f |
| SHA1 | 4227530b628d50801d517eb5a2cb06928e3a5750 |
| SHA256 | d42409d746a463b89ca332c7a6d82104c98105aad3099e35fdbf90afd14ff6b3 |
| SHA512 | df19acb0c374d0481fd894e0689d7c778ea9b1338c5305e15639ae5986b03e58e1b8fbe2f2b11524cfe6c99db750504098763ca2593c6c85c559252c6c124f62 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | a705561eacbcc6726f498fe498d1924a |
| SHA1 | 8e0cdfd1b250596267c668f0cdc57440733cd90f |
| SHA256 | 39ed720c217ef1542b0c886fdde24f1916347e57b7a8e7e98c2f1ecdc0d14643 |
| SHA512 | 4bf63c74d34e668e7293e0f2e6b5b9803a2b5a72c9f8feb351f50faf9e4fb38daa7ceb73336218713a8915909da7bfd52f1ebf3f64622e4b9a89d333640945a0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 9aa6d99d3038cd4c4d74fef4196055e7 |
| SHA1 | b673cb0a99951f34da9c28702dca44c126e7b8de |
| SHA256 | 5a408372f597d3392ccd78bdcea2b6a28039b1d8659fe9fdebea53ea072222ed |
| SHA512 | 679a1c3adc1f6e594615648ac98b800039223cd0a0b083e013373d3688566acee45d56e00ee76d9d0de5cc11856f8b7347f90ed05d9c2c3f5e6f5531a8742379 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe58968e.TMP
| MD5 | e4cbf911329a88c2e24f879e5e82aa18 |
| SHA1 | 3b61b8454eb66af7f0d9ac6540d222ed56006a0f |
| SHA256 | d4c82e8f144f8816da30980387a6f616511a45e86cf067d4e22bec68cc942691 |
| SHA512 | fa64bd9d3f9aa75e8b9874ced4cc0a29165cd85cf94e23cc9b653a1e63ef1ece611a3630e51d1d44c62e4258b72e1018e8d0ecd3f551dd5292a8969d1f4adc30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e150fb5adf47d60d498d9f9d4b90707b |
| SHA1 | 78d2adce44e4ccb6215e8e812eb3c180752500ed |
| SHA256 | 4cde5a098edf32229223d7219b605639106f69e3e925a865c8bf252802b17f4d |
| SHA512 | 79bbfcc7556182583f402fc8035182b2448ab3a96dd0d8211ed8ad69fbbe9ae0174bc40f515dfa021bd95e4ce93904c8257bb5891f1bba90e2428141c5433c8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 54191046ba8e6a9478f273102735dbce |
| SHA1 | 56702c8e20b81e9de7f443a2e5700207a0f92a09 |
| SHA256 | 68eaa2adcdb3e1acb41b5bfc048a581b04974a23d86bf5ca44a1c4a65846eb9e |
| SHA512 | 87b4ad7ff6596ef1625992927a3308bc58183bc628cb6893f665f124e47cd79d9824684ad0cccb6ceb8d29ac7723e0a87ffeca7b1cfb122aea1ffe7bbba9b501 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 8bdfcfe2efe057beefb634a653a225e4 |
| SHA1 | c7f8e877a605cbecd8196e48f41f2102fd4bad6b |
| SHA256 | dbecf5cc8128c04f99bae7615a3a08a86d0d1934645a6c0b8e0e876d4f4be2af |
| SHA512 | 6e96ee88da90f64e1998f63305cdbe18f0228387d6dc5e9517018987da8c42a5cc30a34abaa2fce1d053a34350ebc14d58e7ecdcd483a2cb6c7f832f51b4e9dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cd996210a9664fca157b81aa262d88d |
| SHA1 | 58d511e771a7df4ea8ab7f3128969d22114581af |
| SHA256 | bc2da9acc6b30814447bc570db655f37905ae6456189963c9eb61eca0f86d837 |
| SHA512 | 22b40cc4473f512a67631a6b193598a00072ccd44782b6b5dd85af3907c6ad336eb7854d967d7b6325f9b0d209ae5d589aabe5e13516e61c6a1012cb81b0f288 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | a9414e57101cf9c73772420f3b2ab632 |
| SHA1 | fc3b6d9d8596a9135cf0ce3dcfa67c1d29ab08b6 |
| SHA256 | a50b20a6545669e4e38a65159b5d4b6a4e1ee27aec85c7fbf5fee195703ffacc |
| SHA512 | 0436bf931ed94fd469dfa8ddfebda3bd0004b299b448a7ae19dc110378c2bf35f9a9c1603db530dade20cd1339d7b018ddcee1c1509c3672ef2fa5f55d9a2f69 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 66888d8c8ca5d14196b2bed68a7babc0 |
| SHA1 | 07ef8fbeb858ba8982fc44e21038dbbdbde7d876 |
| SHA256 | e552d1a501dae14568ba0a0769db3e281b024a4e58b6e1d760053a5c7991ef68 |
| SHA512 | ef3c4b4a8fdea995e5c4973148a68822ab592b81f6e1afb9af237e2fb7af838349b7ce4dc13f454b2266518007cdf6a6c484db0efd274b9faf5ec6700ab062bc |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity~RFe58f6fd.TMP
| MD5 | fb7b26e5ce3da89897dc90209dcb0f83 |
| SHA1 | c4890a6053d698a1cc89b85ab4907206ab9e2b39 |
| SHA256 | 6e43c5d4ee21fc3d947ac90cb57a76be85d45970bfa2d731a2ca5ad64c43dedc |
| SHA512 | bd081dc8ecdbf69d25ce8f1c078ecca6572db335b0af0a9780adf1fe2fb341dbd78c045306bb2dcacf2d458b7f1bd8368f8a9009216355c0df6c6c8d67454efe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 18a98cbe44b053d031a2eb8e4e327f15 |
| SHA1 | 670867cbc5e69919ec008899781a51e547d6011c |
| SHA256 | 3ef26eebde2ec2c40f96e244fb8497073e114af18e17261de3fff1f75f3fb9d4 |
| SHA512 | fbc2ae2cda9b28670dd0be667813f0008dd1b26d1b872b4fea0433036de351cecad67010109a5eff22693364f8faa4714970d9b570c011ba1dda8d4031dca3bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | fb99d126a4c0f75dbe973c10b0f3c70f |
| SHA1 | 4476f04d4d082ebd368940b4cfc700f5397abaa5 |
| SHA256 | 8bc92795ab1a5430530dc9890af45f1e07eed7e9833d7f943ac914704719c23e |
| SHA512 | c5e90f952b3a4472c00b38b31c0ed364724901e13aa7ec796c964c47a05da563a6d9ac61f2125e0699e7aca53dcfb63a202ba3d5ec6d9cc9195278a019cb4c12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 414c1e471e9f55e12eb2a01ad56fda82 |
| SHA1 | 3fd2caa26f4ef53a25f198a68459356bea89bb55 |
| SHA256 | d5e39548b59aebf5cb442bbdd3d5ec83d91f29408bf2532f2f7227475a3f9a46 |
| SHA512 | 9b667b8f11f1ae5e062787b836a4cd9b29529940f6252533a1c65c8b9f100fa024a5c2417b941f6508336f57a46bd1334c1c57b4d64007345852f56995b94656 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | ed15a9a67ff122e788fd3727860e740e |
| SHA1 | f189a263e8c4a994e76df461e6366c66afae4a80 |
| SHA256 | 12ea84ec7a1634857ec5864f1a67241c069d21b370ab7b65ad82e9d26ce2ae3a |
| SHA512 | 12aab9dc16b8366986de5ae425f45378f27f3e2768c3208c42dffb40d701d8e31e5b06d012e332d976e12fd390e42447f6ee1177fcd1111f486ce13f5f78c6a8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 2a7e5e00451417e8b6f8989a11e88e87 |
| SHA1 | 4128b1c079c499dc32ff96b5a55fe0871aed69e0 |
| SHA256 | 07079c9625d0902ad9a416a69c493a73e275ab7391c91d36a6a99885910316e7 |
| SHA512 | 1162cd5f09ea0f398a4e6c65497b9456595e26ceebb42b9f6b5bef419eb9bb5bd6d75d4c4fdcb1ac18467293b51df7aa569f59e685d9fb5a112b66efc8d246e3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | cab18f9e910bc43cfcb1db5dc791d9e1 |
| SHA1 | 48c2090fa6b05b3c772299e742b284afa9cabf8a |
| SHA256 | 1468b54db90c3c87e9468b5604ef7bd67e7b2074f34f2f632979660bf7435c1d |
| SHA512 | 11accbee1099dd8f9087c722694715808e7abbf2fff30ed00cb0912e454ddec771857d5152340456a4d92119e27999ce3eab4b74c4f0b89b2b5aa4b355ecda92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 70648e9504c7ce1d060b8c931272c93c |
| SHA1 | 6ce30bada13a0b61d3879e61bb7b7fdd1ccbb4b4 |
| SHA256 | 810f19d91f0b58324ee7ba3fa27848870e298ad6d04507e5bb9dee6f07219a10 |
| SHA512 | 7c367a3d5de1c7888323555e72122b26241c7674f0c1774620c13906ddfc62f226e93d3c7115c727a4da37f0445dd6406ca4161eca8be20087f8af89bc893002 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | e158e9247938325887b666d342ea4347 |
| SHA1 | c2b2fdae19e64c4aa43b95874f0169a0317ff849 |
| SHA256 | b3994b5bd42caf7da5a98b8914769b15706ea2d8fa39dd53be67f672748c9c49 |
| SHA512 | d70ce920779b9fb58027f0a6b898124297500a28f55b46f7c70aa197b03f9aa862a004458057b70b739371552b1802fcfe4ef7f839dd1908c0cb002ee9ddc0fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | a71894c27b5a9d70576a941eee62aa07 |
| SHA1 | 3a7a1a0ffe3d4932e12d7d1d67e9b4eac46399e9 |
| SHA256 | e39394a61d2a54f12b27f83e2b72d4cc14789cb6ea9d480d9374c846c027d603 |
| SHA512 | 6a8b9bc3e39b05c0d89907dea342c5cab3dd23a914aa3abe092598ee2aae5f4a29fdd603138a9fda189700ce9f80aac46489f779cc27e8e2d6084113535e4647 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State
| MD5 | e545c22b29732e1abdcd0fc1d3564360 |
| SHA1 | bc092752d0cec2f51e80423e93b449d584e1b50a |
| SHA256 | 8c29dc6302c58a2f493b424da5e45109add0081eab6b213615541233fd82daf8 |
| SHA512 | de11e233a574ce02b14cb60467af95d5d77d2e157f30ca4dde9430f0278c4f80bde2f41d3970046ca24deea22f395e0843ea0ac9d479de9c79c258d36a5d6d07 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State~RFe59a985.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 13a6fe6b3887d9c39d46efd4d214e388 |
| SHA1 | abaaf4946d02c7869d17c904c8e160aa4788358a |
| SHA256 | d06eff268cfded136b15e8416c9d3296cf74c3ca3fe7b4a99f2fc95eddf96428 |
| SHA512 | c060c8d0d70b33b934549cf69b66a8282d136bba6a9bf026154d09ce7c4a07d64e821a8179a890170aca0557be053ba13cc2232564cd910ce547e34510ac7915 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 394ec438a2b38a05b740733ed8753bc4 |
| SHA1 | 6fbc7347d9a4c151a8ba7fdb480879ef3b8284bd |
| SHA256 | bdccade8efdaacedb9ef9ab2a0c42a2edfc6f375c9314362c7b858fa00ccb46c |
| SHA512 | b5ba47ccfdeb80d1176d192ecfe17b5c9595bde98b91ecab53ad14927e954188359611b06795fa7b1fd22edea455c5a7f451be9d52686755a388f3bce1727069 |