Analysis Overview
SHA256
0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7
Threat Level: Likely malicious
The file 0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Reads user/profile data of web browsers
Loads dropped DLL
Executes dropped EXE
Checks computer location settings
Checks installed software on the system
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Unsigned PE
Browser Information Discovery
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Modifies system certificate store
Suspicious use of WriteProcessMemory
Modifies registry class
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-13 13:55
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 13:55
Reported
2024-11-13 13:57
Platform
win7-20240903-en
Max time kernel
150s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\7TSJSPCG.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\MWTSO275.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\SGSYOXO0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\5284C3M6.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\MWTSO275.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\GH4NJ8XM.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\XSQRR4MI.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\7TSJSPCG.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\5284C3M6.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\SGSYOXO0.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\269KTOGT.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\269KTOGT.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\GH4NJ8XM.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\XSQRR4MI.txt | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir1048_303211244\temp\service_update.exe | N/A |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir1048_303211244\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\yb9849.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir1048_303211244\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "47" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "47" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "437667990" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d9070000000002000000000010660000000100002000000038ae1f2f4f1da8cb242e4ed843b30d60e5a212d86697046df7f8632dc0e33859000000000e8000000002000020000000425fcb0936e5e47a2a486ebfec4e6b0f1369c770e934aee209b959e449117de020000000973f7fa729cf58b4ed9dd291ef529ddcc1d4478fc5806b0690fb9fd211593cee4000000059ab33e974bce35b0cd5cc5786ec3d27e09b30da90538e90c523804de0c5564073a44f77a774294f1ee8452ae9f37f25baa9dec0b313e4c9e43cd42f76db473f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "606" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "33" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "75" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d793ad506ece624c80bd99362738d90700000000020000000000106600000001000020000000c2be968e5e3fb563b6caae4cad20068dac2ee6ff3a325a28af134413d065e316000000000e80000000020000200000009416b2997f49036a0bd09886e8d6dee48715ad14ddc64619c79e25871fdcf96a900000001f45bf73d38f297a36efbe64ab9a7428954741cac162aba6307621eaf559051d6f4365c7acf6f25c8adc1c9b3b29a8d8aaf3e3fdd19b2727afde25cf0a57e7bfee51b58a8c275fd289f2513d2298fa5b443f78505511f5cacfb1f79d92de6f1566498bc670b11510c4421613255bee3a12be0a1d462636a2f8a94c9a23d0d62514f91fd90ae5b8bf00e68dbbb124abb74000000094642674222f46a314588a62a386a839915bfbb80f7e3e81deed412cd26a0baf3d5836acc8d7f88b60c096c9da0b2f0aa52997b4133bf25bace1239cfcf453c9 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "33" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f0c00accd335db01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "637" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "12" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "47" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "75" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\ = "75" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{ED13D071-A1C6-11EF-9C13-E699F793024F} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "9" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "33" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\DOMStorage\yandex.com\Total = "90" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF}\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF}\52-2b-da-8f-26-42 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-2b-da-8f-26-42 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-2b-da-8f-26-42\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF}\WpadDecision = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-2b-da-8f-26-42\WpadDecisionReason = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF}\WpadNetworkName = "Network 3" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 4600000003000000090000000000000000000000000000000400000000000000000000000000000000000000000000000000000001000000020000000a7f0170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF} | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-2b-da-8f-26-42\WpadDecisionTime = 384cbfd0d335db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{FD47664F-AEAF-42DA-8CAD-C940E29454AF}\WpadDecisionTime = 384cbfd0d335db01 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex HTML Document" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexGIF.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexTXT.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexTXT.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexWEBM.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.webp\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexXML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.html\OpenWithProgids\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\yabrowser\shell\open\ddeexec | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.webp | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexFB2.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexPDF.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexXML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.txt | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.shtml | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexPNG.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexTXT.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex Browser TXT Document" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.fb2\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.shtml | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexGIF.SA4YK4YBO4DRJ2O6ZS2IWG66WE\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-107" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexJS.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.jpeg\OpenWithProgids\YandexJPEG.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexTIFF.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex Browser TIFF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-108" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.swf\OpenWithProgids\YandexSWF.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexJPEG.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex Browser JPEG Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.jpeg\OpenWithProgids\YandexJPEG.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexGIF.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex Browser GIF Document" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexWEBM.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexWEBP.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.jpeg\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.js\OpenWithProgids\YandexJS.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.txt\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\http\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.swf | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\yabrowser\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexWEBP.SA4YK4YBO4DRJ2O6ZS2IWG66WE\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-123" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.fb2 | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.htm | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.shtml\ = "YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexFB2.SA4YK4YBO4DRJ2O6ZS2IWG66WE\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-122" | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.js\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexCRX.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexPNG.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexXML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.infected | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.txt\OpenWithProgids\YandexTXT.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexCSS.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexXML.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.epub\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.htm\OpenWithProgids\YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.htm\ = "YandexHTML.SA4YK4YBO4DRJ2O6ZS2IWG66WE" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\https\shell\open\ddeexec\ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexINFE.SA4YK4YBO4DRJ2O6ZS2IWG66WE\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.webp | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexINFE.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Malware Infected File" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.tif\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.png | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.pdf\OpenWithProgids\YandexPDF.SA4YK4YBO4DRJ2O6ZS2IWG66WE | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\YandexEPUB.SA4YK4YBO4DRJ2O6ZS2IWG66WE\ = "Yandex Browser EPUB Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1846800975-3917212583-2893086201-1000_CLASSES\.shtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b060105050703080f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2 | C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe
"C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe"
C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe
"C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe" --parent-installer-process-id=2032 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\d6de3b64-1794-4133-bbbe-0f43466af48b.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=236582000 --progress-window=459164 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\9eed07e9-2eb0-4cd3-be6a-410ad2b39312.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\e1e5dbd2-d479-444d-95b3-7f2250aceaa8.tmp\" --verbose-logging"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:464 CREDAT:275457 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\yb9849.tmp
"C:\Users\Admin\AppData\Local\Temp\yb9849.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\d6de3b64-1794-4133-bbbe-0f43466af48b.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=46 --install-start-time-no-uac=236691200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=236582000 --progress-window=459164 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9eed07e9-2eb0-4cd3-be6a-410ad2b39312.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e1e5dbd2-d479-444d-95b3-7f2250aceaa8.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\d6de3b64-1794-4133-bbbe-0f43466af48b.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=46 --install-start-time-no-uac=236691200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=236582000 --progress-window=459164 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9eed07e9-2eb0-4cd3-be6a-410ad2b39312.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e1e5dbd2-d479-444d-95b3-7f2250aceaa8.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\d6de3b64-1794-4133-bbbe-0f43466af48b.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=46 --install-start-time-no-uac=236691200 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=236582000 --progress-window=459164 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9eed07e9-2eb0-4cd3-be6a-410ad2b39312.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\e1e5dbd2-d479-444d-95b3-7f2250aceaa8.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=278249700
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=1048 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x1a0,0x1a4,0x1a8,0x174,0x1ac,0x11eed30,0x11eed40,0x11eed4c
C:\Windows\TEMP\scoped_dir1048_303211244\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir1048_303211244\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=45323b5b377897c846fc6c473cf984a9 --annotation=main_process_pid=2320 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x12c,0x130,0x134,0x100,0x138,0x1473560,0x1473570,0x147357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=FBCCE6BB_2FB2_4D4B_9BA4_AE6E5C66E437/*
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source1048_957463973\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source1048_957463973\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=459164 --ok-button-pressed-time=236582000 --install-start-time-no-uac=236691200
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=2204 --annotation=metrics_client_id=fd071756780640a7880accf52d7020cc --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0xe4,0xe8,0xec,0xb8,0xf0,0x70912a08,0x70912a18,0x70912a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1096 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1376 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=utility --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1544 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=audio --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2064 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2084 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --enable-ignition --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2432 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=service --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2444 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2072 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2720 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Windows Utilities" --brver=22.1.5.812 --mojo-platform-channel-handle=2528 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Windows Utilities" --brver=22.1.5.812 --mojo-platform-channel-handle=2524 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=500 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=3204 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=none --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=144 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1080,11696471581451282192,10844802852064247943,131072 --lang=en-US --service-sandbox-type=service --user-id=1D1CC114-11C4-4121-87A3-1ED614125B57 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=1632 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-ams20.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 5.255.255.77:443 | yandex.com | tcp |
| RU | 5.255.255.77:443 | yandex.com | tcp |
| NL | 5.45.247.21:443 | cachev2-ams20.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| US | 8.8.8.8:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams22.cdn.yandex.net | udp |
| NL | 5.45.247.27:443 | cachev2-ams22.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | cachev2-rad-03.cdn.yandex.net | udp |
| FI | 5.45.192.8:443 | cachev2-rad-03.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| NL | 5.45.247.27:443 | cachev2-ams22.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | cachev2-rad-02.cdn.yandex.net | udp |
| FI | 5.45.192.6:443 | cachev2-rad-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams01.cdn.yandex.net | udp |
| NL | 5.45.247.51:443 | cachev2-ams01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-06.cdn.yandex.net | udp |
| FI | 5.45.192.146:443 | cachev2-kiv-06.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-02.cdn.yandex.net | udp |
| FI | 5.45.192.140:443 | cachev2-kiv-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| GB | 2.19.117.18:80 | crl.microsoft.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| RU | 93.158.134.121:443 | browser.yandex.com | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 5.255.255.77:443 | yandex.com | tcp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| RU | 93.158.134.242:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | a59884f6c86858bd25a59799b906bc78 |
| SHA1 | e2491832b5f2ee39c9829f64771755efece33413 |
| SHA256 | 5cbac2a56489e701f72d8972c31bb4664e7484fd057c95161fef79e298b8d685 |
| SHA512 | 894335f21c5e2d3231eb8efd0ac8ed008d7400425f1d6d8bfab713c6b32f069c0f2802ee4e4a9fab7864cb614c4ee019e547b7d6cbac4839278d6e36eb32ef96 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 0300c7d893b8fde04957c4397eb913e2 |
| SHA1 | 7ee8c5c9ab2f2dce848b0c8578d14c1723c79eed |
| SHA256 | cef9fcf1051a93a073cb526f9e38f2e2011ed8905320e7d8c8893fe2d4450210 |
| SHA512 | 9720adc91ba5239ef550ee895d34d703c6b4160be71220d97ea3516235c1a7bd0d5e00cb3c06c21b694f8a977a556370b05bbe5e7ac0ca8c0c2f5d3d59c0ce74 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f59a408e5e63454767f3a5bf6e34be77 |
| SHA1 | d0535642a522aedaee665bc14b7f9ee2f888968b |
| SHA256 | 1585e470cd03a1eb5688abd46afec55758c80def8784d5bc4cc1a3aa97dc44d5 |
| SHA512 | 530ccebc262e066438aa52271a62197dd2223370dec350928b18835f8d5607ae84dfcf72d232bbeb011df6101d69c4d5ec013b6d32acb06b32285fb429f68dd1 |
C:\Users\Admin\AppData\Local\Temp\CabA518.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 42de02b961ffa292f32094f275cf8810 |
| SHA1 | dd2cf7d78b56c51bd2a2d2f8ef0259a23acd7538 |
| SHA256 | 66c9df7d4d3401df6dd1d6211ddfc506c03a9e23bcd1020b6df3ba051acac016 |
| SHA512 | c1573b59b7f99dc670d6287fdc3ea1b4faba5fb4c1c9427e52b49e82dbdcd830020f2383fb499cada7de917b93e165b7d531743fadb625e8c3919bf52a9921f7 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 1af0497cb682e5d04496904e2fdec50f |
| SHA1 | f600d8c17c7f5ae140391183e3a78957bded7888 |
| SHA256 | 3d53a5b31246bfa1a48542f8fc667390b798808d76c46c052bc8c5403c764fa8 |
| SHA512 | 95004c118a4691c78589e8181f921694ef6b09b2ba8595fd4026fa4dbf369e083733c7d80f9ecb3b8420d0470495c53770431842552d880766f76ec946caf2f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | f885c47b47e185ead9dfb74999c27c9c |
| SHA1 | 349430ac8a0245aac8e3e79009a0d98852eb984f |
| SHA256 | d60524a8e7be68be9554dccec28e45d88bc64cc1fb31dbea64e0e5ee64a0b8fd |
| SHA512 | fd9657b92775108eaf45f2a5696a4c49a750e257a2fa13d3c1f7bb5b7375ce0b8fe182bb32b340223a01e10312943dabe485f14fcdc3f9caba4cbf5377cdd8eb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 3b30a3713311b69f63822a1e4e5d056b |
| SHA1 | a8029083334fb5a2009a32caa2232dc64637161a |
| SHA256 | 60765d34778d03d956082e1fc4c75dd39913d4620acbb1b7a67bd73c2b00dec1 |
| SHA512 | 29e42653098ed5b624af6d7d5ef16c1928e606b318ff091117e9af156675ab3935c8d8e3de9d01a388c0d55cc18404fc76ce69ac4692d4ef6ff404b70b8eec58 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 7bfc385dcde24469b399e094604f2e39 |
| SHA1 | 27fb8149d539f49e8ff9c50596e148cfe35d9625 |
| SHA256 | 8cf9a606ef8115c36b1ce40a5fbdb23767053fb705c4d2fb0bd2f9cef977ad7c |
| SHA512 | 8c5f5a246fe1589a7b10dbd5fc801a2816032973af4842d6a1f679fe6255ea8c2b76217686d37da1b41d3ab126a61f46d48ce03f123e31992a0364c1b8c38ea5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 855d913e95374ee6d2ce1d4f8d4ee18e |
| SHA1 | c968be25d9b79109af04ae85c684072fa169c4dd |
| SHA256 | b52f9b7e0898c0c4962bf4b83e8701f8444f5447a9191bc819a4ca41ba9c07ad |
| SHA512 | 54f752a0752c2447efbc1a57e3c72fcc6083822b1178a12ac82b172b766270d8758f8b3e7e4f53568c1860ab5a3bb0104b521cb6ce5f38dc13b3a3cacd633572 |
C:\Users\Admin\AppData\Local\Temp\TarB79D.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\81B9B36F9ABC4DA631A4713EE66FAEC6_6BA9632DDA5E7BEF7185565C8D7852D6
| MD5 | 76334bee6023ebe92ab59a3bb7d0e150 |
| SHA1 | aba9e669329bf39fbcb94d37c18bf0e71b872bbc |
| SHA256 | 8ea8165b6669e76ae7c744e0f0570a436248a385f1319275c3334cbcfacc5e87 |
| SHA512 | fa5eb177f3c70bfb3ff8905ae4db04b963eb3b3a08c7f5a2314d0fb77b9245e930034ae4a43814cd4dda388d329a305ec1b6c770dfb62a1b9fdc74c7c8578e00 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\81B9B36F9ABC4DA631A4713EE66FAEC6_6BA9632DDA5E7BEF7185565C8D7852D6
| MD5 | 2597e91e489c270111e32735293b02c3 |
| SHA1 | 3b2a2c8f8c2f70fecf406c4194db8b630952f552 |
| SHA256 | fb6361ab966caa58845fbd7c43ccc4d3f47458da8b29cef176e932221380cd06 |
| SHA512 | 384012a68c0001695a05d2bde558fc61dd07644d263e29c378e73fcdcbedda0edb087902d6f2cdd49621402fbd4e5ccdb64cd05164759caae624b3018a8cf708 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H4FW2P3S.txt
| MD5 | 3cf922ac64d01cc723a60cb263bfa5b5 |
| SHA1 | 8a27ba0266fe162eeed21497ac5fef0f801d5f40 |
| SHA256 | 5c961a9b9565552210837280424635423606d6f6110ec4e918586d209632a9bf |
| SHA512 | 2c0ca9797a25b074ef3b7a4cbcb98a6e1c7a9fb6c57df255a13e3ea9666223ba2244d13a92a4a3c664e4684e1ee49be0e5382197699ac615fa7d9c428fdae8a5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\W2T073AA\yandex[1].xml
| MD5 | 6898c58c72f67b64d3ad5459910ff380 |
| SHA1 | ccfcac896541ddecb2e83795b7d7264942c96b52 |
| SHA256 | dfa39e24a3270a58c6d41ef02a3bb2b2fc97b17fc82808bb17361968ad258d25 |
| SHA512 | bc7d02503ea1208434685354aabe24736106ad7ecb5ba38058cba9230c7a01ba0e8a0ae2d6dec3a85174b40bbf21feffca1dc6dd89f4a2dc24e0169ac5dcfdfd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\W2T073AA\yandex[1].xml
| MD5 | d1d04cbf98f072c8d6fdefcebe8c2dc8 |
| SHA1 | 445a9afad9b1f790cec618e272f5e6686af51640 |
| SHA256 | c5a58cf501215f1c548b97beacc8f897b5d1afb0ec5852a84abb4fca6467fb13 |
| SHA512 | c064433bc9aba282da69868961244e93400bc5444539000945b768a5f90b17c1d57bef1371bc36b05146ad0bd95c87ad3597f5d32a5200407c94fce7ad9afd6a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\UN4M59OM.txt
| MD5 | d47eb5b83b773c653df7baf40a3c9fc0 |
| SHA1 | 994ac466b71e634c91cd5dba04c12b9876bcfa33 |
| SHA256 | bc70ac6ab32268f303614b553e65228293a08c97c0184d7a015db5548d54b0fd |
| SHA512 | b2ee54e5954a57d5c7e6a298e34b679cb1606423c5b815a24e0246401269f1a3e56bf7d6f4b5c4cc7aee6e9f24de3db62474643bb033904ba71bee8273851335 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 7fdd4d28636f52f4225f2257f6a9cc76 |
| SHA1 | 0b494db737f84ddffc5786bb7a24707f5b8387f2 |
| SHA256 | f38900ce5599c6cf831fdbbcfc862f5aed216d69c66470bb44f985819f859558 |
| SHA512 | b2cec8762198d5318589ab3247f04e4ab45f70311d140ea0fade8b9fab738bae974ed37addbdd3b0a742f5c3e899f029b98800cd93d1183784beb464705b90c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 11a51799d23bbc8694bd47566bac1874 |
| SHA1 | 97c0e60613875f8e356b6eccd8ed726ab6e53811 |
| SHA256 | 20a1fcd49be9daf912da1d0c9a5a10dccd697d3481a0d8e9d391ede2bd7b2a0d |
| SHA512 | b6f0287715ea8181d0d6046c1382686ac303bc335650e7fd546a3dfafb956eaac40474d5a04194a82092b4db65a8838c443de944f2cd8e80b40e1ed353af7206 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | fa4fb86ca892001c7874cb9a81300ee9 |
| SHA1 | 15c19279640ab7ed36f4fc2fd435248501c8fbcb |
| SHA256 | 0eaa44f3444e80a462debed03cb92e83b9a3b4ea5eed7452a092c6f43ca5b628 |
| SHA512 | a4d162ff795e7f150f87b92fac0ca7a02c377772cdc73e0f45443338abfada685bb98897b85eadff8944a21ae0547f9f26069068586f57499acce3b8f3003986 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | a2b96cc8a942aff4e5daf5404699a2f9 |
| SHA1 | a160b126fa64493da6331fee3beaa812ead5f059 |
| SHA256 | a371eff167068be4a116c10c93d9674e5b16b8a0031f8372c64d0d6e02ad4f65 |
| SHA512 | eaf417384cc9885ad83ce71ac715ef268d2cb14a13508f4cbe4e33ebe816fbcf48ea53f831d007edbdbfaa34b873eb472587b89631bf8eff1c85339e3105e4c5 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\9fajjbh\imagestore.dat
| MD5 | aaccd99c648479172fbb790efd127adf |
| SHA1 | 5a6b30576006e0f7b6739d2c531079d502929c8c |
| SHA256 | 7b684f4280504910f167ec0f0eafc48a6f10e908063cc80ff4aaa7be86465b2c |
| SHA512 | 275bca14519d09fb453cb01d2a429c8dd82d72fdcb2194b8a79f859f48edce59b6fb956ceb0eade039901a8f41027cb16af6ff7aac29d7fc6fe56e372e59c740 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXRG2YQS\favicon[2].ico
| MD5 | 5bd286ded38badeda66e9c395b814405 |
| SHA1 | 49e2213a60c70825b9552505cb8b7334a3a29a40 |
| SHA256 | bdd8486f2d838c7d9b0e2dcfe732a52c92f63879525206c2662905a051dd31ea |
| SHA512 | 96bfc9211f0f1c1c375e49ebcfec9e85280bba64352a4936b95e15d5128e77e9b4d5ba60cbdd76f8e39ce7bf537e8c77fef218e0b24856f28fc34671fcbecd0f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d41733373102e012a25b00dadeb4a99e |
| SHA1 | 9dbc89b3ed101b7038851c547b98374d8c18fddc |
| SHA256 | 9da8f92cd55b214c8d58a934d411728160ead61f2e26bc38432088c577d0faba |
| SHA512 | 9a27d1ea8856313295dc94f0317722dfa56ff48b007730548536f4ac6ae2358ae7f59e509243a5a20cd36073122b5f07b67d54f126eb60ec0215117a4d7e5c00 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0a905ce36734f3ff28b9b2d9c995adc1 |
| SHA1 | 4e31cabb0430417535a955023668a41390ca7c06 |
| SHA256 | 3dd34a5dc0fb81fb0afc9b9a4f7859246b3c0f28a0b907697a467d040eb2e906 |
| SHA512 | 4685b2cce63be46646f32f605266b63b0c53549a85d7723ae350aa7c77b11af957300638923cf8bb8ad4f7578a2aa96d03d2e7aac2794094610967515bc4ad34 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 32bc39ca42f46d4c8bfb220b3cb1effc |
| SHA1 | 177e27f4529139dac3af47a1769137d5c609517d |
| SHA256 | 0bb7a4aaac48de3c1b097b229a2949fa6a14e97b453ec7afb06c31c3f774a78e |
| SHA512 | deae60f1d8c5c89e9231b7087761ea7a8fb187b44e091295e12148191b7098b265cf46cbf8fe8af781926ac131c20cb36ce6c4f6fd82f5309910417f8704e12a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b20f092914639e1ef25742c7a6daf4e1 |
| SHA1 | 627cff6286f84ab2ffbec3f9f33dee657603343e |
| SHA256 | f5f67dd8e347947fd0052f062e56b879c9e10917005276f6938eecd5a133d5c6 |
| SHA512 | 10243ca1ed352db0eb356876fa880205070e7575c3fedcdae096df0569aa36de9124a36d2f61b60a903960fc4e7289e1e26fe840e9d8111e7930ee2b6706089c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 575e82e1e4a4cb0e040e8d2d1e822323 |
| SHA1 | 8aa65cdc61f344247bbd850eef146e8898248aec |
| SHA256 | 720e7a683c4ff740997809d9ccda8af0c0d67c27f1fdcbc0319a585465136b59 |
| SHA512 | cd91424f32ddf08afc3cd14b7679dca96e15617fb903b24226c1e9d169d412d9cc3821a5d51cec4c588ef2b286ebd96c08006e5ab7bdd7ace8bfcab86e679bc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ee33a15cc345fd997e2143290dd1ee23 |
| SHA1 | ee06131d1b20886cc2855d0c097acb9dbd8219da |
| SHA256 | 241e914dfa41ae3e3f48c5fb4c0ba85899aa98a6dbcdb6380efddcf66aec1bc5 |
| SHA512 | 515c7c951f7c5824f2068bbb0ed063a8a47700ea2cd415dd61920f763e3ca85b877f5f416b46982ec28f6ac5d0b9970457193dbf90f14300dbacd4fb5380fcfd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 118004619a77319fecf86eb1d3101518 |
| SHA1 | 87ca98cf5f830d8bb59ef0093ffedee1253a5b26 |
| SHA256 | c2c0a562eeaa49d8aea14ceec59899cfb8ba8396fbb0ef2493168124b4599889 |
| SHA512 | 8a5ca9a9b36f88564f7e3c6149fd580f6919b7eac082331f96cdfec0220f423b0d304d69ceed70aa70f5fef91c200af069f251443f1fdd1e00ef8858c5f0ee5f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | be53c3446ec9dd9ecfe89229f79c863b |
| SHA1 | 13d6d81be5b378abe7299c4209c53915897ef6b9 |
| SHA256 | 71dc8a1d60d742afb47c66d79e8b0bc5a00cac37658df4319f092424365c9fc0 |
| SHA512 | 9d3108b472364b4fd91e0c03922ae9624c4bbd70c47fa3b59b8cf9f9478ed11b10c827b42605df2a57f3ed663325c1a8f23313edb5da0746c0187d2b8e6700c2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4eab106a98fead7e2ff13c9e97b5a062 |
| SHA1 | 03c109ee6d78181931f8fd39dea456042ffd528b |
| SHA256 | 84cb1537b8813a39e0bf7fd61242f8b0009ba505f2bc00e9d766324d34c8a495 |
| SHA512 | 0f18cf1af05d42137c19bfef2d9953b4c1a1cd12625f2167ac458010bb23d9d9844bbb9d4e6587497c7c2cbbdc3e6e6bc93b5901a6d79ccd8cd2d08be7d3e7fe |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 7173e2b476f1f9da3ed54a9c723cac88 |
| SHA1 | 54dce0030e71aff4781bfb01da3939b9785273bd |
| SHA256 | 393e4cb07866743e64d3bd4b84cb859a3ab26cbdfa2c03d8d1ea6e72800d7b24 |
| SHA512 | 28164b8db7ee1d3a64e7e4dceeeb868e1475c5551b02e77b3ed5a73b41675b772d7279df6addd5db1303ecb8190eb420631a2d14bc9e9d8f88ca5da2cddece71 |
C:\Users\Admin\AppData\Local\Temp\website.ico
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | c26087f52f2a8a198579353cdc97c7ff |
| SHA1 | cd7d0f5e84bea1b30410727d2ee8770e60d85503 |
| SHA256 | 187a9a9c02e94a56a996dc1a76ebde97b5c280300730d4410474e4f9faba8c55 |
| SHA512 | 62c0b3f8994bd1953c36f6468d83704b4fe2e620aa27c6dc5043badcaa0e1603ed2f7aa33f4dee0a3e121e4789191b2e61b4bdf308e26f939ce93dccea2744d7 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 8b3752ba74f6044f5df40c28aa2b5987 |
| SHA1 | 836283a70e7b8e5059c063200d5bb38aa7291af7 |
| SHA256 | ccd0f74b6fdc401705bb81bd1fbd870d9c0909b713eb4a0a1fc52855b8a97aa7 |
| SHA512 | b94401dc72a8361d51d72b8d009d9ba7f1848c3046889cfc4688e164268905de0996d6c104b4ef479ca01fe2174eb1132e50f89992910bdad866e9764fcd3661 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | 491b4aa381b22a8a2c5706c2c956369e |
| SHA1 | ac25658cdc7f5f2e2d32f49b3556d685d3203573 |
| SHA256 | f4e15599cc443316f5c9105173173f2522a5b7a7f0635547567b0f9af5a25176 |
| SHA512 | 163c8b04475f91a9638d4ff90e322d9d81541cfc82a72805d76f216458871fedd32661f0261cdb27fc4c11407cf48df37b426571752000159df16f7be3470025 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 7c280127c92445063cd51485c7bfb44c |
| SHA1 | 56a21463aa10e1013573e444155c3b90695d1160 |
| SHA256 | 42496ed9d59ba4ea5f47e591140be3a280412908f272af57c4c28c8fcaff9bfa |
| SHA512 | fc3a20c68354e749d40ea22f975d740ddca106f2f80dc44caf20950c22d2eab4ff53d2aa61af4d21fe9dde304941bcc99e1252d9f3fb60a6fb0787a9a276cc5f |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | 4c118f563825ef62f27c89ff83b826f4 |
| SHA1 | 5a670853c606b95abf275324c788f30e005fd497 |
| SHA256 | 2d89dc50787c557086e44f4c934e69a18a0ff56af9031faf5ee72e11d407ce18 |
| SHA512 | 205b307af58c4e72f70c1e0db5113eb5ad3ce8100441fb837417e1f3978d1c9e71af1576a323bab65deb6b8a39c738df5631c9847a88246b320816def768a331 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 03d4fc02a35331d3286509bd8a933d52 |
| SHA1 | dfd3eb5e135498f7efaa9513ce2c6cf7aee2fd13 |
| SHA256 | 8a0dfce397f86a0489fe65eb80bc0b585de350aa2d1c41b7f7dfe95c5b8fd110 |
| SHA512 | e11488f1240cf5692d6a67a27691120ea38359a759bc192c8055cce89b2704881c3b3652dbee6f949345f5d109573906f02bc5a0a3d366fe0eaf83c4da013787 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | acdf9847c25c7c68ff0aa62ee16b4853 |
| SHA1 | f58c5fbc3dc24f48fb10779a058c708a889f1a1a |
| SHA256 | 5919154b844e77333d946620c4d5a72e308a8fc738ba83ef5c2bb172b9d09928 |
| SHA512 | 5eac4f9c1f94c856645eb70614d6961c74cf4b613a92cc39e85378a91145cfce4bc78c9f156aa05e0a0a4ce73b5ed8fa5e23cca6d1f71cb6d3c6436dcacae691 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 27aae1737aeee4b9eac2cd3dbbfa03b7 |
| SHA1 | 476a8c56f73b3d0d04fa0900db5347a1d575fc73 |
| SHA256 | c40916e39ac1dc60bf078caf9763c57c65d3400a625a0e7692b324ecccc0bbb3 |
| SHA512 | acbd3790cf62b43fc5b63f4dabcff5a034ed370e59180ab5995405b90a3aae3741ad865bd967c9545e45388bab1613d7e77a07300b21a3415330072645ff2ba5 |
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_6CA37.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 55706be42e9a4a9cef83900c07771dbb |
| SHA1 | bc6d11896a1650c32fd9727d74eac2ea410146a0 |
| SHA256 | 41cecafb66019e7c332b4888a5588647921734a3c6b85996a026eb6a2793e1e9 |
| SHA512 | c447acb000f6b9ccd3e6a546d1ef62bf9aa10e1164ac47ddde314037f399e51759e466b4477b42a72b84c485d24617af3c368e3cc4671051ff0f329a5280a899 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | ab4008b785b2328b305d1898152b4e20 |
| SHA1 | e4d2521563a14482b7ca0d6efdb4d8cbba79fa95 |
| SHA256 | 90b6acb638b3d9dbb606378e2228321b5284f29ac15b7ad401defd13dcbfbe54 |
| SHA512 | 22f1a9786285f067d9521727b4f7a88fe8a7ed360da76a3f403731f69827d6e3d93a6f7c25d994430ff62792b5673c6138e633c41c97bf492c5464a083b3c635 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | cec3f891e9bd72743d4282346d42b967 |
| SHA1 | ce335890aae07592208307b8aaf65e75e0efa145 |
| SHA256 | fe91c0e6b6494d80693bda424462cae2359c5bb3ee43ba941c9c2a63afe53abd |
| SHA512 | e942815204ff064d1c45b023dfd754a87cf87b051b0c14efeefd78fbb08b3353dcc13c78556d029fc88d1ef20b7340887494da4528a225024fce3b9042fd0f7b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | cffb2752ea2e126c3234812f1492e7d5 |
| SHA1 | f5ed3efe0a946a9f13c2087fe7b2f80210ddf5d2 |
| SHA256 | 18c480e0de68d7a2e6ec5e269306b86e1a506396c4582125d743354888f7573e |
| SHA512 | 9eabc71cf72805bcc89c05f38c5a2631c873e908b92d88d70c276f58ad70e1392d4d52fb070af4bc1e9af1cddc70fa116c295bd03357d5a3855caf2f3702722c |
\Windows\Temp\scoped_dir1048_303211244\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 3257529248709145b4bc28965c16650c |
| SHA1 | 672e92d59dc850f02dace525ba30c022b05a2153 |
| SHA256 | cfb773af4ef69b3ab2605e03b438601742efff401f779f70565a32a0c6d8da80 |
| SHA512 | 32187ec78ac01f438a7e2c8a424f0361967e066a55e450461f0c8d15f58bfd53d22bbc0f270485d74087e6032c134103f104f604932f3da408394d7987c26b72 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | c7a68c1f31a1dd38a46c5d2dbb10a2ce |
| SHA1 | a9dad652f69c98ff15bfb709b074530d30c2a1c1 |
| SHA256 | 8687e5f988cecc211be962474da75513a0f2f7cee991ffcfd819d9f41f777e40 |
| SHA512 | c39475c79541a3ab530bbeaef770ef450afb03c67b9adf61f4e95a442a963f5fb9e8365591f1bbee1f3e4a182d9c789d0dd08b064f340a5a7134fd0be3e78166 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 516d94e8566bd4731de40d99af56c115 |
| SHA1 | 01dad51fb331ae51ad954c1f6ecfcf3430559199 |
| SHA256 | c8f62db8ca19ebe2f2e7d40e1c0946914c33fa7706d9103b035ae36ae2bf8662 |
| SHA512 | b9a2da254b2f7aeef25ee6eaf8bf26079bd30f54e150e9bf6125cdca6db1298605a83f7b6f9c34518947add888194ef149d8b368a34434a02eb8e747480582d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | aad89bab22c8baaff5caa6efcc6822b9 |
| SHA1 | 73f93dbc60beb646bee1ffc45b20df307103309f |
| SHA256 | 0d60de80ae7707110041f8ddb9d28edc4c788047dbd0369bc8f00fdebb5c3a1c |
| SHA512 | 33835d166903bb8b8dcf116183053cbdb490f2dbe65775bf918f879bac9d2334c466bd9b75095a6c8b7c087443d72b6cc4dd19615228f0401471e73225e72611 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | ab65ded27328349a03a224a032031735 |
| SHA1 | 11a4e442d7889a03f4abdf96d46119f94724c3c3 |
| SHA256 | 830e8920c6e9385ec3ecd432f9a328f94cd095d0e557434557a2d118b9fc20f5 |
| SHA512 | b477770f892eb0b99365e8354b88cdce8b9e1632347b04d9d7b5a5ace87b5c9d5ba5e9c121a23c283108ba37435b57ab8186c94c2376e830b5f288a424da7be5 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 57cecc4f764fdc0a7495610a74c96426 |
| SHA1 | 972ea3fe29a243a680120dd7be4a2c0bdee38aca |
| SHA256 | 7253e8de09bfd79dcf878ed7c6206104067c96b7d1bb9ade5b95d002d3d4b540 |
| SHA512 | 5ccfc91b2d71c6d9de994976e05679fab97d059a8775132d43c9eab3d4d8891b48831cb673185505aca3900f3dbabeb922571428f8624def133f9ea3de28b5f7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
| MD5 | 6cfdbed172eaaa61d09875f283a193ca |
| SHA1 | 520667252cb745a094bcb2392c453fa827229cb0 |
| SHA256 | 5445807faa2dadd51fe5955bf148ff63dfa412d93cb1c5dfacfeabedb25259ee |
| SHA512 | 4aa8b4d657f0ac98738587ff471a1e10b779da6e164e6ceffca947180074e966dd27cf43cbe5f49ff9b8fec133141dfdd1ab6bb974f76d8affcd7cea4b1b651a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
| MD5 | 86b97526f262ecf87ed7ecd6c7eb4218 |
| SHA1 | d009c56e5fdadb73975c253a14616098dc8d243d |
| SHA256 | 33919f6b6975431c22a06c41c32e5f7092860958c68e453eaff9781bb6ab274a |
| SHA512 | dcfa8730ff4da19ecdf72507f36fac86f47c6133a13499605de9a70e8533da1984ff7f5800dc9a597c27b4649f237203f5400e344e22d3b3eb98e2d63f34f20f |
memory/1048-1546-0x0000000000B90000-0x0000000000B92000-memory.dmp
memory/1588-1659-0x0000000000500000-0x0000000000501000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Site Characteristics Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\422d41c6-ea96-48e5-b41c-d381d609b584.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\5a65bc41-689f-4154-af49-28a1f72e712e.tmp
| MD5 | 241ee4853024a23667f62cad247d5f53 |
| SHA1 | af9b4bfacb86b23525767b53be814c8bfad104b6 |
| SHA256 | 09cc9db656d0360eb65bc49603b7676e4e80e9e463ad5ef71a3091bf66f9e2ce |
| SHA512 | 54228d972e123590f055289301d8e683d289527018e7dd6b3afd5b43698d068afb0e849b097a6895906a71cb26d7e459a1f97a4dfffd107c1f92a074eaea22ee |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\video-13375979779927500
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\picture-13375979779927500
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Wallpapers\store\preview-13375979779927500
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\0ca4be01-7120-4bce-a741-7cda7fc33916.tmp
| MD5 | fcff10916bd49c69e1a219f1043f5c34 |
| SHA1 | 21fd74e4a757b7dc631b0e868fb5164a0d7b10f3 |
| SHA256 | 20b703a579ebacf9a8c184ea88bf72b99917dd901ad7d0253293fe57eb8fe519 |
| SHA512 | 77d2e7a19e4c8755dd6b427f01920b84a6c5d0f11d023c074297aa54b854226d182cd07e19a774ff5ab24d2568261a1799e2b69d99e2e98d6c46e48518301fb9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\4bde1eef-a0c5-45fe-b7a8-4e19d778bd51.tmp
| MD5 | e8677ba75fa0d7fec79815512e9b6b35 |
| SHA1 | b77859d6204d45ce4392174ad3ce4be9ad4ebb22 |
| SHA256 | 3752aa9f5937b9fc489fed3545b9339c4e5a48fd8abaa72600b5b497ed4d7384 |
| SHA512 | d3f8a62bec81adaac14eb1b0050630cb503cb0dee50472d5a1998502399406a9adc2fbdc38269075cb1f1674071778be6d7a6e0459b847a823051661c713ae26 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\49dd15a3-6c53-430e-a021-543d38e15e3c.tmp
| MD5 | fc2f8a86eea80c54769efc273128f063 |
| SHA1 | 6e8ea7ca62eecd75acedfdf0b6c9dabbd5d582d0 |
| SHA256 | 41819e854b9350df7811b17847d09b712235494b9365fa45f3052f19ad3ffdd7 |
| SHA512 | 9001f15114a04b561b9c5790f8207550b398050f6959bd74e39a89709733b2f72d0ce01fb0845be8f4217c31112bde741a9ff1f178c96340c568a7a7d4b67c25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 021415aa0bb23627e12eb99491e1fa2e |
| SHA1 | 010d7aa4ca322a108bb7d067cc2a662b8cb6288c |
| SHA256 | 42dbb6dacaad75834c76741e58640ec605ae3471d210d300ae442d012f9610a5 |
| SHA512 | b0a27bfbcf3c59fa376dbe81e96140cfa676fdd1999013e6ff5087b38d5eb0a8032e1e62b958d6542971f630f0abee6e03aba132efd7ad7f49620dbf04f0e803 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3bf6b0dc2c33fe0dd3ad90be0afed827 |
| SHA1 | 75a1970923248d6689d909ffbcec7d3c0c03c7ea |
| SHA256 | 8eae4cd0503f8e79a3850d0bfb5014e5f04bc64f546da58a66e5ca958404766e |
| SHA512 | 44afa136b74c6e3d75dd171d2491c1d44ef3545f421c60df6c743a2990ec7f0a781eb4d68b4c08ff2064d2415e518490ad311a6ac1ae9c037d6f4560d5da5d7b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e70febe196617edb2d2e3e66f6c70acb |
| SHA1 | 1a320ab937ec666ad2f91f23ac87cee79e28eafa |
| SHA256 | aa8c8d7513370df7c46b41736c132ef231c7f066a9113d4c4ecc630b8bfae5af |
| SHA512 | 4eae28906d66307950b8126f1e92410669e5ba81aecb45d2968dc22defc51865f9ef46e025fb22f55773ccf1f458a9bda28cdb67b8a9f22068dbaa737f69a399 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6a6c5686772ede1f6e049b178323a91a |
| SHA1 | fa2c131e19649ae389633cf86289f62952feb048 |
| SHA256 | 4242fecdc5e6089abfa40f4808f456c594c20236735f6e620b64d9ace15bb79f |
| SHA512 | 990dc30593a50fe9985c769cf1c2c989e644c07e21028b5187a24e98503779ac81b546d5f613cbb7ae4ae5f22d9ee28c24c21322d9bde1c25030624ecc414ea2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 75e2f7bc7c1a82f8cd52b68fcb54478d |
| SHA1 | 3f2d29c5af79f2cb84df5f54377f65b750297cba |
| SHA256 | 49f86e931ae1bd178c9db2096973b2c76333c689e625fae3007e99db0231adff |
| SHA512 | 940f9c8dc564d4e025b4e6a50c54b774d2076ab022be38f5480b1a59668cf96071655047522b0f7901c11bfcca8447480b0762d6fd9d641c891751bb16de5303 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8cda2999ede7c3919e5d1ad6082bfd7b |
| SHA1 | 4bb0eaeddbadcfd4ac2edf13251603eb6362c640 |
| SHA256 | 6cf81e82b3395154f858cc4d3cb42b1ae0ea4180d49fe5e00ca11dd8b127277c |
| SHA512 | ced481661acfaec708c6a54ad5be2e57a21d870a767d67719c66e36cdd487e4db15794da509e0294204eb7585758bb316434fcc888fbff476f713eab889a6199 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2a03062678e40342f288ca6a7a23f01f |
| SHA1 | 42622ca6e4ff4e0ba24cf275bfb259ee81134463 |
| SHA256 | a4abeca82e0ded8dc0fc767f0fe2b25879323e679be3da6b3c83e2f7000de313 |
| SHA512 | 7f8bb72b2ba69a46c72ae116107d72872117f5f9d26a6e35e8049bbace9c19513a16106da63c1f0faaf3ada8e3e954b83f799b425e9f85f7fc6cadd2b4f00c43 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 72b09f4d8f73be897b9f4273472c0e90 |
| SHA1 | 5dadb10ce88e58f45ae4469c989743e07db29679 |
| SHA256 | cd3175c1fbaa4fb43bdc68c9491b1f1d38c1a4828db5b1b76bd7928e019216a3 |
| SHA512 | 3fc521d3f59bed48660cac88ff63cad0c3b79fdef3e9aaabaf7e47e3d22d6cdc4a5e9fe8104ca62dd67677b14edbcf821ae4fb9bf3ae5f1c274651a9e95eb088 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c526321d7ae277bac9c7c0b85fcfb36 |
| SHA1 | e33209d1748b09786856de83919473ec465f0d3b |
| SHA256 | 79f8d5622d3ae5630884dbc3b14f12fffad2cbba879e6beca625d05ac0bd00b3 |
| SHA512 | 13a570748ca94d54a47153bcf3c8eb569dac90ec15e8ac50a805edcb740f5366c64929dcc98df45b635316d7ffc635b78991e0b5bbbefc0e371ed4c4940ca824 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a690c3688872bf19ec43adf1e5c4c11 |
| SHA1 | 7cec3ce478e784e99839566d89424b59bc1aeb24 |
| SHA256 | 867fcbc44ac5165a9858054a349346c0eca6abbe808b55ace5e214d9a2466b12 |
| SHA512 | 4dc2f10a6d6525ef08ab68693cadcf996210eee37c3174de59948e7dea164d069218ea76e7ba790f163ee25cf81fd474cdd4612a29fcab1e62e6487e543288af |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 19d39e4b732ed2878a00468375d4bee3 |
| SHA1 | 4aa6d51336474cff697fbdc8688884b676d7b390 |
| SHA256 | 0797dbafe03c1efd332ed1f98b1efd3c09cf96e9919b85a856204d1776c94c7e |
| SHA512 | ca40318afb9f64905389d3b7ca0c840ae5821305b493d64fc348b0d021b4a58f52ff759b5768441f239a1aecad42f1ef24daccebd1a82981ae749702648c9b29 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 0c90ad9231e41aded4ad8b6970b9b739 |
| SHA1 | e61b669e664aba805a67a034d09bd4a6b90b3f0e |
| SHA256 | 119331664fc334da80319f78e4c4c27c8155891f9095e52be32535733970224e |
| SHA512 | 0b6339c784eb786b595361e83c7c3e64e949e537bc3f4b6696f7cc65ace048b3ac8bb22dea79e906616e20170af260704e0ad18d781ff6a4412d26ccf56a5f57 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 22598b04990fdbf67e0dc622fa08d514 |
| SHA1 | dbb40154476c115c56b55a95540dce9de027191e |
| SHA256 | 58e352f0e2300fdb378063fb20c0ef0abb5594ee98732e7e124e97f4c0aa4370 |
| SHA512 | 7ce0963ce8de3bf7b80d5f0b4c190b43d662af853a1ac1a4d96f98a2809f20960cc63cb41c64605badb2a8ef45d01141caaab784338c7d66982da9104cb04d8f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | da15241b6ca329c00a27384c927a3e6f |
| SHA1 | 4695c0d16f76319178ea113d9778c5fb14b6b5aa |
| SHA256 | 1076fe3b54ab598534df6cbc0f5d88fea27a4c921c2f173ba94f3811f29ae09d |
| SHA512 | 1671108f752814ebf2446deba7f3a7cc915b22d43bf49314453b3e3c444b505f01cd0c1494a0c0e2539dc36b4c09ce44f5f1a82c7d10299eb330ba8495866a34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | ba1fde4a71b8aabeb663c225daf8873e |
| SHA1 | 20077f7c6210d08fd517f8b29854b98389b03088 |
| SHA256 | 8ffff507dd8bd76e581dc9a2c4a4e31ab858971db2bcd46ce002b85e615ee893 |
| SHA512 | 3e847b2d114b39f8a2aba9f2a9482d606a02bc04476f110f536f92aeb389ac45923e0f0e209f31ccdc47b8b220997f602bf2fb0fb80dccc1231065feabe8ae7b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\ddfd22a9-9a89-4d5d-b414-d94cc3d26617.tmp
| MD5 | 3a9415d291aeb0599995c09ba878adc1 |
| SHA1 | c48d967eab4c2eaa7eef77f7f66430c5c1102816 |
| SHA256 | 43ccbe4f805facc295e2d2b8e4a577d8294529a60a69acaf97f7c250c2772c3e |
| SHA512 | d1c460652dbf43709efaf6a6eff59d19162c7494f24f43b35e9124914ded82cdc33d153b22ca6b86c6cc15b6a4c7fc223a198cf9b93ae79d985c1c8fd7aaf113 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | b06d453235b72481ec2417f17ee8548d |
| SHA1 | b354198834f97df920ebf672858b998f492ab111 |
| SHA256 | 2f0ef34a6748ea77253cb9eea6e5491df973a0f147abd92863f2a96848c6297a |
| SHA512 | 12eaaf031e2184319099d8f7eaea81dd912b990f6465497ce705152f7b8ffd90af5a1fffff55d56057761878129603f7c0b2cbf5ac2e7ae5c2c1a488a437e691 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | b6991f897c49803846afb18813e09451 |
| SHA1 | 729e065f267d056d407e1eae0dad45c492750ece |
| SHA256 | e105d02c03ee16566f340fa9837bcb57c345a71a8c4272667690c4e77e0d0f4b |
| SHA512 | f3517c0e761844b5cbdc859612e369f1251873bc18a1f9bf51694994583eb94e1e8be2311edad1589fd84ae62fe7dc69ed7c9fcff4f3d62e77ed9fd87e992b0c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 670c632a887b51b1d9dc56c87e25355a |
| SHA1 | 4dde75d1d0e8317146cf4351e75d78e60dd1d46f |
| SHA256 | 80129d51b344219dee2062dece84f5d44924bcbcfcf8d9ad8cd5d25d5c72f3d9 |
| SHA512 | fb6b7d098f24e2b043b3ff57bc82a34e27501f42e482dceec06c69f8cf391d1bb7391c6a06c3f66bcf73af3359756f34252215e7761e682e17d6cabd19c370d6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | b3fdb179293e2939a1044420366011ed |
| SHA1 | f72f5d96b37d4bde0a0bdf851d0544a64e1826be |
| SHA256 | 41077544451e908d9e023a5de864a6ebc05d03449f233de9a406bf2f2405873c |
| SHA512 | 221a2b4b90a38551e172815dcbfaffad8e85e6f246053d36032b0dbbdfad2a6bee74f974891a1328be08006ee04bff8e88862f3691ec59f7570f17fb4577238e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 63206386197f9cc7cb9e1aca7e7da079 |
| SHA1 | 84f1a09f6cd517ae91ec1bb837c9b5143fc0d893 |
| SHA256 | 5cc11c0d9d6e38f75881c13f0b35597573bcd0e0a33244edacd3abd7e82523e4 |
| SHA512 | fc16da124a62920286058cad73456dacc722ca9e725e76954e65887ac6d89da24f47f3bed8740a415a5fea81000f38d589baab01340a061b8b9352fbe0fd1671 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-13 13:55
Reported
2024-11-13 13:57
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\_[1].js | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760 | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe | N/A |
| File created | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| File opened for modification | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\yb9191.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft | C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser CSS Document" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCSS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.crx\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xhtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser TIFF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.js | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-132" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexBrowser.crx\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexINFE.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser HTML Document" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.fb2\OpenWithProgids\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xhtml\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexGIF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser GIF Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexSWF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-118" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.infected\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexCRX.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.jpeg\OpenWithProgids | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\yabrowser\shell\ = "open" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBM.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJS.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --single-argument %1" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.jpg | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser FB2 Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationCompany = "YANDEX" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.shtml\OpenWithProgids\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser PNG Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\ = "Yandex Browser EPUB Document" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexEPUB.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPNG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.html\OpenWithProgids\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.crx | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexWEBP.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.xht | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexFB2.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTXT.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexHTML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\Application\ApplicationName = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.txt | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\.pdf\OpenWithProgids\YandexPDF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexJPEG.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexTIFF.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\YandexXML.Z7U7QVUCLRRNYFIB2IBUGKKOQQ\shell | C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 0f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b1400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba953030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD\Blob = 190000000100000010000000d0fd3c9c380d7b65e26b9a3fedd39b8f030000000100000014000000d69b561148f01c77c54578c10926df5b856976ad1d000000010000001000000001728e1ecf7a9d86fb3cec8948aba9531400000001000000140000008ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc620000000100000020000000cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b0b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520033000000530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000200000005229ba15b31b0c6f4cca89c2985177974327d1b689a3b935a0bd975532af22ab2000000001000000630300003082035f30820247a003020102020b04000000000121585308a2300d06092a864886f70d01010b0500304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e301e170d3039303331383130303030305a170d3239303331383130303030305a304c3120301e060355040b1317476c6f62616c5369676e20526f6f74204341202d20523331133011060355040a130a476c6f62616c5369676e311330110603550403130a476c6f62616c5369676e30820122300d06092a864886f70d01010105000382010f003082010a0282010100cc2576907906782216f5c083b684ca289efd057611c5ad8872fc460243c7b28a9d045f24cb2e4be1608246e152ab0c8147706cdd64d1ebf52ca30f823d0c2bae97d7b614861079bb3b1380778c08e149d26a622f1f5efa9668df892795389f06d73ec9cb26590d73deb0c8e9260e8315c6ef5b8bd20460ca49a628f6693bf6cbc82891e59d8a615737ac7414dc74e03aee722f2e9cfbd0bbbff53d00e10633e8822bae53a63a16738cdd410e203ac0b4a7a1e9b24f902e3260e957cbb904926868e538266075b29f77ff9114efae2049fcad401548d1023161195eb897efad77b7649a7abf5fc113ef9b62fb0d6ce0546916a903da6ee983937176c6698582170203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604148ff04b7fa82e4524ae4d50fa639a8bdee2dd1bbc300d06092a864886f70d01010b050003820101004b40dbc050aafec80ceff796544549bb96000941acb3138686280733ca6be674b9ba002daea40ad3f5f1f10f8abf73674a83c7447b78e0af6e6c6f03298e333945c38ee4b9576caafc1296ec53c62de4246cb99463fbdc536867563e83b8cf3521c3c968fecedac253aacc908ae9f05d468c95dd7a58281a2f1ddecd0037418fed446dd75328977ef367041e15d78a96b4d3de4c27a44c1b737376f41799c21f7a0ee32d08ad0a1c2cff3cab550e0f917e36ebc35749bee12e2d7c608bc3415113239dcef7326b9401a899e72c331f3a3b25d28640ce3b2c8678c9612f14baeedb556fdf84ee05094dbd28d872ced36250651eeb92978331d9b3b5ca47583f5f | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe
"C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe"
C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe
"C:\Users\Admin\AppData\Local\Temp\0ef256b6fbfe6fd11f3a781f4b822180bcdb7196c8cac4d4cee4e79d0551e7a7.exe" --parent-installer-process-id=3840 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\5afad1c8-c6fe-44b4-b136-d342306072b0.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=486686823 --progress-window=458850 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\5a317146-2a2a-4850-adc3-34b3e77d90a8.tmp\" --testids=1114347 --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\3e9125bf-cb6e-4e96-9e4e-ee4039556836.tmp\" --verbose-logging"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4f0c46f8,0x7ffc4f0c4708,0x7ffc4f0c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\yb9191.tmp
"C:\Users\Admin\AppData\Local\Temp\yb9191.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5afad1c8-c6fe-44b4-b136-d342306072b0.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=14 --install-start-time-no-uac=487186816 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=486686823 --progress-window=458850 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\5a317146-2a2a-4850-adc3-34b3e77d90a8.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\3e9125bf-cb6e-4e96-9e4e-ee4039556836.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5afad1c8-c6fe-44b4-b136-d342306072b0.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=14 --install-start-time-no-uac=487186816 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=486686823 --progress-window=458850 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\5a317146-2a2a-4850-adc3-34b3e77d90a8.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\3e9125bf-cb6e-4e96-9e4e-ee4039556836.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\BROWSER.PACKED.7Z" --searchband-file="C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\SEARCHBAND.EXE" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\5afad1c8-c6fe-44b4-b136-d342306072b0.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=14 --install-start-time-no-uac=487186816 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=486686823 --progress-window=458850 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\5a317146-2a2a-4850-adc3-34b3e77d90a8.tmp" --source=lite --testids=1114347 --variations-update-path="C:\Users\Admin\AppData\Local\Temp\3e9125bf-cb6e-4e96-9e4e-ee4039556836.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=495932407
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=2676 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x33c,0x340,0x344,0x318,0x348,0x4bed30,0x4bed40,0x4bed4c
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6428 /prefetch:8
C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe
"C:\Windows\TEMP\scoped_dir2676_211033368\temp\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5692 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x9c3560,0x9c3570,0x9c357c
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --update-background-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\22.1.5.812\service_update.exe" --statistics=https://api.browser.yandex.ru/installstats/send/dtype=stred/pid=457/cid=72992/path=extended_stat/vars=-action=version_folder_files_check_unused,-brand_id=unknown,-error=FONT_NOT_FOUND,-files_mask=66977119,-installer_type=service_audit,-launched=false,-old_style=0,-old_ver=,-result=0,-stage=error,-target=version_folder_files_check,-ui=78E33DF7_8F27_4EDD_8AD2_2ED95F52E106/*
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2676_245278315\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=searchband --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2676_245278315\Browser-bin\clids_searchband.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=458850 --ok-button-pressed-time=486686823 --install-start-time-no-uac=487186816
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=1756 --annotation=metrics_client_id=e2d1927b05e7445f93147b29e2290f15 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x188,0x18c,0x190,0x164,0x194,0x71fc2a08,0x71fc2a18,0x71fc2a24
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Network Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2044 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=utility --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Storage Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2180 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=audio --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Audio Service" --brver=22.1.5.812 --mojo-platform-channel-handle=2652 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Video Capture" --brver=22.1.5.812 --mojo-platform-channel-handle=2692 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2716 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --extension-process --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\Installer\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5660 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=22.1.5.812 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0x124ed30,0x124ed40,0x124ed4c
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=service --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3828 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=speechkit.mojom.Speechkit --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Speechkit Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3988 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=utility --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --brver=22.1.5.812 --mojo-platform-channel-handle=4804 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://yastatic.net --display-capture-permissions-policy-allowed --enable-instaserp --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3116 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Windows Utilities" --brver=22.1.5.812 --mojo-platform-channel-handle=3408 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Windows Utilities" --brver=22.1.5.812 --mojo-platform-channel-handle=2856 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=3616 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=3076 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=756 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=none --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Profile Importer" --brver=22.1.5.812 --mojo-platform-channel-handle=816 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,1538425362741022193,4472952364173127654,131072 --lang=en-US --service-sandbox-type=service --user-id=A53DC019-D15E-47D6-A697-E92CB00F9275 --brand-id=int --process-name="Data Decoder Service" --brver=22.1.5.812 --mojo-platform-channel-handle=3272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,7119508909836242440,5637155303695856428,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2328 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.browser.yandex.ru | udp |
| US | 8.8.8.8:53 | api.browser.yandex.net | udp |
| US | 8.8.8.8:53 | download.cdn.yandex.net | udp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.205.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-06.cdn.yandex.net | udp |
| FI | 5.45.192.146:443 | cachev2-kiv-06.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 55.44.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.192.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | crl.globalsign.com | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | samsara.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | samsara.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.200.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uxfeedback-cdn.s3.yandex.net | udp |
| US | 8.8.8.8:53 | cachev2-ams18.cdn.yandex.net | udp |
| US | 8.8.8.8:53 | 158.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 93.158.134.158:443 | uxfeedback-cdn.s3.yandex.net | tcp |
| NL | 5.45.247.18:443 | cachev2-ams18.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.247.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 52.247.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | api.uxfeedback.yandex.net | udp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| RU | 87.250.250.159:443 | api.uxfeedback.yandex.net | tcp |
| US | 8.8.8.8:53 | 159.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.247.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-kiv-01.cdn.yandex.net | udp |
| FI | 5.45.192.133:443 | cachev2-kiv-01.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | cachev2-kiv-02.cdn.yandex.net | udp |
| FI | 5.45.192.140:443 | cachev2-kiv-02.cdn.yandex.net | tcp |
| US | 8.8.8.8:53 | 133.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.192.45.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cachev2-rad-01.cdn.yandex.net | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | 4.192.45.5.in-addr.arpa | udp |
| US | 104.18.20.226:80 | crl.globalsign.com | tcp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 8.8.8.8:53 | browser.yandex.com | udp |
| US | 8.8.8.8:53 | browser.yandex.ru | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | storage.ape.yandex.net | udp |
| US | 8.8.8.8:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.251.250.87.in-addr.arpa | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 77.88.44.55:443 | yandex.com | tcp |
| RU | 77.88.21.37:443 | tcp | |
| US | 8.8.8.8:53 | 37.21.88.77.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 87.250.250.232:443 | tcp | |
| RU | 87.250.250.232:443 | tcp | |
| RU | 77.88.21.36:443 | tcp | |
| RU | 87.250.247.181:443 | tcp | |
| US | 8.8.8.8:53 | 232.250.250.87.in-addr.arpa | udp |
| RU | 87.250.250.29:443 | tcp | |
| US | 8.8.8.8:53 | 36.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 93.158.134.242:443 | tcp | |
| US | 8.8.8.8:53 | 242.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f977145a6cccf414dac49204671a676e |
| SHA1 | 81ed5349fddcca8c4af47a7da2dd33e817237967 |
| SHA256 | 50626e94863ecc8a33a4cfc4a0a8a8bf4bb00250a56df54343a8b2cba043f0ff |
| SHA512 | 18fcea646b234cf75eb06d0dcb1c06746f496d5b8b7ea490c46c74ad0cc41bc9be03c44804a638ceeafad9112c2a995a7f48c8c0ac6de631b4a697c3adad27d0 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | d82f52d886f9bf5d5a177296325f7cc3 |
| SHA1 | ff19299eb8e06e8c705b7114a0d45d41c4e3a5e6 |
| SHA256 | cd1e243475cb38667b6023ac1581bcd3c1b3fb2f58e2040c4e4744d636b8a3b1 |
| SHA512 | bf99b07f8283ee4a903de55ac78a6dcad418a2f4f1ee1d4fb58272e376ff7c97fe2ef6da9362a918d8b9b72e24997d3deb2b82de1e42f5e580bd948aec1b6309 |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | f3ce041ebebc0630978769519afe36d5 |
| SHA1 | fc9fe4d8e4d3919ed507e606f2c593ed527d546d |
| SHA256 | 60bcd1f8539368618533576821cf6879cee9642279a509abff894ed7d757748b |
| SHA512 | c48207ce31b8285db897a7eac5ad3f160948acb0ca17c2d509e62f12f15e60538f60d46f2217d174a11c61cac35ff4403fa8f421056bb362bc44e50954878f56 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | f2765b72a27f5fa7b2cb1a4789b90f00 |
| SHA1 | 9fe20f3675a98ab34aa336e0cf06e1446f54548f |
| SHA256 | f92f64de8a9120765c3a754fdd68b0e198b3443d71363ad39e9769fca67658b7 |
| SHA512 | 9d3f621368151c35008a64a06928e0aebc16bc9cff657c1ef6ea7d415498f78bbe8ee4b473a0bf56d73dcc82afcb33edd9f9c5862cb7e1d838f4c54e4e6fca30 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 2760066a072e92e80e0c536d6b922f87 |
| SHA1 | 4c755206adbe11745eeb6c379a0b433536400228 |
| SHA256 | b5add7235397ddaa0d954687772fffe40fef99077601ff66513a6f11579e7273 |
| SHA512 | 8d47ba12812562a14b4c19cc235dd85ee4044b4e6feed71514f7c78ac1662a25953c84e06b80f77bfd9b4e722c601bc17913f7ac7e28c8844c73fc3aa1d8ff82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 61cef8e38cd95bf003f5fdd1dc37dae1 |
| SHA1 | 11f2f79ecb349344c143eea9a0fed41891a3467f |
| SHA256 | ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e |
| SHA512 | 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d |
\??\pipe\LOCAL\crashpad_2168_URYOGVBYFBTAXIXX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0a9dc42e4013fc47438e96d24beb8eff |
| SHA1 | 806ab26d7eae031a58484188a7eb1adab06457fc |
| SHA256 | 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151 |
| SHA512 | 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4bc291276a242c87c8c70044d76bd1d |
| SHA1 | 57b8396a07b1e46cae5f8e9be3e72e636b39ba4f |
| SHA256 | 3f5389de91a7dd5e9586703fb959559be3a7b6e7687b2feadc8dbf8b9d090d0a |
| SHA512 | 3c0989924ea123edc1fc6ed20b952bb807d41d375df138eb4d912784058abf1c2383e09ce2be6809774be1e870c7c6924e7fda1d9c6ad349bf92b1888f76b764 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | f885c47b47e185ead9dfb74999c27c9c |
| SHA1 | 349430ac8a0245aac8e3e79009a0d98852eb984f |
| SHA256 | d60524a8e7be68be9554dccec28e45d88bc64cc1fb31dbea64e0e5ee64a0b8fd |
| SHA512 | fd9657b92775108eaf45f2a5696a4c49a750e257a2fa13d3c1f7bb5b7375ce0b8fe182bb32b340223a01e10312943dabe485f14fcdc3f9caba4cbf5377cdd8eb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66F835E41EC6A985EB9271E4A70169D7_CF44E3C99F7F4AC558EEB35244F7E046
| MD5 | 8a17286d70a7708c084f455f272ccc3e |
| SHA1 | 9f24d4cac375784cd70cc1965258206855a29ead |
| SHA256 | 353ae3c6a67ca783793132666f3b957825a6748bf5a2f112c2f76ab5857dd39d |
| SHA512 | 7eecef942618a8d9783b2111204eb5ef9d2ebda7cf2c149098a98cfff60ad07f439bf79a769cd8a47f30d06309da8958313e945cb09b8f7fe6e5ff9fba9167de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 7bfc385dcde24469b399e094604f2e39 |
| SHA1 | 27fb8149d539f49e8ff9c50596e148cfe35d9625 |
| SHA256 | 8cf9a606ef8115c36b1ce40a5fbdb23767053fb705c4d2fb0bd2f9cef977ad7c |
| SHA512 | 8c5f5a246fe1589a7b10dbd5fc801a2816032973af4842d6a1f679fe6255ea8c2b76217686d37da1b41d3ab126a61f46d48ce03f123e31992a0364c1b8c38ea5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_7DAD5545724AA2C98C55095F428499FB
| MD5 | 93dd6c2fb1eef97c29d4fc061643e295 |
| SHA1 | f247030c8f624b5bb61a0abf4f9488e29c3d0444 |
| SHA256 | b57186edc2b9b581fad25441c98f7c9df840fce61cfbab598cabb805536798b1 |
| SHA512 | feeee0aca7a8697a3f034caf4e84d7b74124dcfb5cc5e2df0c360575a607c1b86da236a027e3cf3cf29a91c36355101813e893e0f80dbd21c6b8a185bc1dbca2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 7fdd4d28636f52f4225f2257f6a9cc76 |
| SHA1 | 0b494db737f84ddffc5786bb7a24707f5b8387f2 |
| SHA256 | f38900ce5599c6cf831fdbbcfc862f5aed216d69c66470bb44f985819f859558 |
| SHA512 | b2cec8762198d5318589ab3247f04e4ab45f70311d140ea0fade8b9fab738bae974ed37addbdd3b0a742f5c3e899f029b98800cd93d1183784beb464705b90c4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
| MD5 | 70024b28753af5bb3d6169a29dca67c3 |
| SHA1 | e98e9f0d9dea44f71c038523f56174041040f660 |
| SHA256 | 211a44a7fae62a8d5c3f2dcd385b772e7d9506a105094ddadb11a991ef173f61 |
| SHA512 | 5694e926970b7982e9cb97f76e56a94cfea2bd67df94accfe7ada7fe3f95001bf1ca37708e62f5c37005d68ce2910e1b864de5f63312290e38375c8fdc8608cb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | fa4fb86ca892001c7874cb9a81300ee9 |
| SHA1 | 15c19279640ab7ed36f4fc2fd435248501c8fbcb |
| SHA256 | 0eaa44f3444e80a462debed03cb92e83b9a3b4ea5eed7452a092c6f43ca5b628 |
| SHA512 | a4d162ff795e7f150f87b92fac0ca7a02c377772cdc73e0f45443338abfada685bb98897b85eadff8944a21ae0547f9f26069068586f57499acce3b8f3003986 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
| MD5 | 0462333af2dd742867c2838a17f0f8fa |
| SHA1 | 0fbbe949701fdf13b5414a00210ef4228b882c17 |
| SHA256 | b90a32f9a1e9a493a18c24362238388fb0f01020ca5d376e1f27703ee38729c1 |
| SHA512 | fcb8cbc0fc6fccc785851b7305f68d50dfc382df78baeeb2a08ac81e93fffd72481c9b8e30327aeddda703bd9951fc1af625c89f557d1118ee568e294e9adcf8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 1f457a68fecf1ee5cf9fa5dcd847c19a |
| SHA1 | 5150b023b3bbbc6728f1907467275b9b063376bc |
| SHA256 | c0d1e953237a3702e93b832c6374a50904d93bf36a13f9fe4954caace1b913e8 |
| SHA512 | 1ce0706087d11c6987c51faf3f565c8ebd50dec78b9d7e019e5f987c456b1cc5c5422ce798c6ff6d40b0433b9038609b645f4430012cda1370714d5921a26263 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | ea902b0ccd0ab0b38b7cfec0f1229d65 |
| SHA1 | 7f4767389dd48f9370f3d65b91484c900d56aed6 |
| SHA256 | 6f6ac048734e8a9d19c95847ae5a5d2ed889c5536ef03e18d472a845da24d13b |
| SHA512 | d4bc0cedb0067aa426735f2c5e23584188b86970c0a6b3fa1c2c03284efaf871b56ae618b5e5d57729c16b1c1c29961a0cc0b130cfb8147e7f9ba5abcba333b2 |
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\setup.exe
| MD5 | 5fdeff4b89456b836f351443aa9b3d5b |
| SHA1 | 7112f415950c45877265f98aa8388e8093d4abcd |
| SHA256 | 7dab48f2004dd9481294d59caccd8573a6e28c1c42b6d7a354dcd3e79f9c7f2a |
| SHA512 | 35962b165c4604d3262bdc564e03d791df6175bc4825ab60237c17b7b9f67a4db190ba3f410829c4112a67b6fedf7049e5c5ad3c6f6d41f01a0d3b5c2a0e8346 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | 8b3752ba74f6044f5df40c28aa2b5987 |
| SHA1 | 836283a70e7b8e5059c063200d5bb38aa7291af7 |
| SHA256 | ccd0f74b6fdc401705bb81bd1fbd870d9c0909b713eb4a0a1fc52855b8a97aa7 |
| SHA512 | b94401dc72a8361d51d72b8d009d9ba7f1848c3046889cfc4688e164268905de0996d6c104b4ef479ca01fe2174eb1132e50f89992910bdad866e9764fcd3661 |
C:\Users\Admin\AppData\Local\Temp\yandex_browser_installer.log
| MD5 | e3b31b88b0f93ac026a7c6efead12da5 |
| SHA1 | f1ab947b1dfe16b3294c1c478d437dd31b7ab713 |
| SHA256 | 6e94382ca1601926a5fbc6a366fc3db3bc8720927bfbb0bf5a401eaf9fa41af9 |
| SHA512 | 4f721ebd9e971868d80237a0a52f1b008001b81ad0ebe0336349b79667bd9c132076c453b69672958f4937156ac5dedcf5c09818d5ea0645316d409d40d640e5 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 1dab6e8d68f0073a3e2e952d278b0fbc |
| SHA1 | c70d688fa0a65f09c0e52ebbb24124ba9ea69f04 |
| SHA256 | 5f74551eebd798dd8e72a0797822c2e8ead3414d5e95f6d661038585ae424b3c |
| SHA512 | 458f8bd1cb6f012505c61807cf3c3eab82544633cf7dc02941a9a95927bd51191bfe1a17ba49b4a48a7eb843c9a18c715272586fdef897a3142a9725d27a5a50 |
C:\Users\Admin\AppData\Local\Temp\distrib_info
| MD5 | 4c118f563825ef62f27c89ff83b826f4 |
| SHA1 | 5a670853c606b95abf275324c788f30e005fd497 |
| SHA256 | 2d89dc50787c557086e44f4c934e69a18a0ff56af9031faf5ee72e11d407ce18 |
| SHA512 | 205b307af58c4e72f70c1e0db5113eb5ad3ce8100441fb837417e1f3978d1c9e71af1576a323bab65deb6b8a39c738df5631c9847a88246b320816def768a331 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | 03d4fc02a35331d3286509bd8a933d52 |
| SHA1 | dfd3eb5e135498f7efaa9513ce2c6cf7aee2fd13 |
| SHA256 | 8a0dfce397f86a0489fe65eb80bc0b585de350aa2d1c41b7f7dfe95c5b8fd110 |
| SHA512 | e11488f1240cf5692d6a67a27691120ea38359a759bc192c8055cce89b2704881c3b3652dbee6f949345f5d109573906f02bc5a0a3d366fe0eaf83c4da013787 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_329286CE101A90C7D927A9DF52224760
| MD5 | da78eba86914a580fe9a150d6d06074f |
| SHA1 | 458240518e13c97e71abc89403e6ccfb1ae36677 |
| SHA256 | c511d8941b82cc2c3025b8752008f4f5fe9d907b36b923faa89488af4ec24a88 |
| SHA512 | a3d853d26006a386ae73fb46b39e4344f2e9b4c267cd3a8f741f0429ef65ff7b41c7e62eae30b8c33e9b2369da7a3cced7841f2944ccfc7638ac63e23bcc8bb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 56bec84fc0a90b15ca0be1de9cdc3f25 |
| SHA1 | 57ffa9456586b181dd99ef291327b24a87953164 |
| SHA256 | 5da631b1cd5555a12c475f18a8d3d4b37649ec5391b13bd3559f8366ab2c743a |
| SHA512 | a24a8521829deee28bcd69b8df8eba243e4104e24d6e4751aeded43060b426c58e8de64079fe91e5aa8de5aabccda6d2ac5ff5a32c1589f47be2d7ef77d6de45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 75042fcd314b4f7dfde6dda99c87023e |
| SHA1 | 0e1c4f62afcb5da4ecd261f754841326b13a430f |
| SHA256 | b27579c1ef8a0d2bd12b85cb72167c6c0b82ffbd3bcc17b33f8fe8f40edc77f4 |
| SHA512 | 82149f05a541e727f88533a6498a5e5b3eab912c0ab750dcd46258820194cf21d4d324a70935ed599f151ddea4076750e61696da337162d5adde4f4f969935a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\BRAND_COMMON
| MD5 | 8fb3d5252fd262cf808f6f0359998b0a |
| SHA1 | cdb8072dfe898c72c15c2c381349ccf7f2d4d440 |
| SHA256 | 7ad5104dd8c35ebbc06c56fc6a2cc3f8cf7391ab2e97c8c9d9b3de1d8ab4a5c9 |
| SHA512 | 57f1b72e210aaa880cdcd04eb1cdadf13dfe373c50a0d98346e64ad93521da43a5b71b068fa3ccadddb03a6e97084b7d25cbb94fcf9c3dea1904bde0c2396bf1 |
C:\Users\Admin\AppData\Local\Temp\YB_AC3A5.tmp\brand_int
| MD5 | 3e499ac6cab5c37d47c0ce7079be9408 |
| SHA1 | bc28c35a5feff7ed7061f36addf1b9bb439bf0b3 |
| SHA256 | 7c69e77970d70ab50c45e70a20b67e4d3c03123b384e723cf2cd515062d22613 |
| SHA512 | 16e08366a863f3730b880df0f4f34789638a67cfe26e295a8f834594f2ff67bcbdba0cb65b8a316009cd0408c9742c17f13d6a5257e3a7bd5245e5b5549d9fee |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 2ffbdb98df2a2b022a48adeb94a3af50 |
| SHA1 | 6c86923b5c5832bb102f041cb7d38db397074f12 |
| SHA256 | dd12c5733bc4b682e1da6353c8c27650f53d11a8ada8fd8a2d06f23cecae5ebd |
| SHA512 | a5f29661ac78ea205dd945fcc53e015152277426af4bcce688231ca1a564dc49144b2953409651737733fec72e9042468c780917543c007d7de74ed44058dbfb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B0B1E3C3B1330A269DBEE4BA6313E7B4
| MD5 | 7bf1296f0e1f22253666675d248690c6 |
| SHA1 | 3a6ad48b9081186fd21824fae05fdc683a927911 |
| SHA256 | 5200f0685a06b5b361b6aa2533e6e055a52c7381a138bd0b7506a586aaa621cb |
| SHA512 | 6ded912ac8cd62c1541334ae9520e736c121db9956e9bf6688a89966450c0e513678f0dd992d01dd8e13a654e42712f0bf0e890565bae7089a2e2f00496719e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DDA81A73291E20E6ACF6CACA76D5C942_2A2080AC7EEFAA81BA7361978F5743B9
| MD5 | aed01fd34bfa1369b78ab081e88a7dab |
| SHA1 | dbec9ebb6921f8244f659bea6f331d7f58793dec |
| SHA256 | 48fa1751ecf951ef774dfa693947db25ff5bd442155a32136be9c71280574d2b |
| SHA512 | e0cdb4957d77bd870e3f20ba246d8d3563e0adbbb1c1062c937e59b0d77af0dc3bfb90f1cc446f2bc59d32779c01725540132bcb8ce5050b128794616c124906 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | cec3f891e9bd72743d4282346d42b967 |
| SHA1 | ce335890aae07592208307b8aaf65e75e0efa145 |
| SHA256 | fe91c0e6b6494d80693bda424462cae2359c5bb3ee43ba941c9c2a63afe53abd |
| SHA512 | e942815204ff064d1c45b023dfd754a87cf87b051b0c14efeefd78fbb08b3353dcc13c78556d029fc88d1ef20b7340887494da4528a225024fce3b9042fd0f7b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_A026C9CD7BA14377D055F4A2325D4501
| MD5 | 41f754b5f41ef10a5357984e2773b23b |
| SHA1 | f3ee3c612fb2424d8fe44bb63c3139045d09f640 |
| SHA256 | 31c3500128e5341036ac793842073d072171eee1b9e07726e6aa79474c89e22d |
| SHA512 | 53f2285981e06755b014de6dd755767769ab0c652703eb51b4e19197ddcbe091f37fd71a890da215ce7474398d767d114f332c6c63d11fe45141d4e2d2938d99 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 3257529248709145b4bc28965c16650c |
| SHA1 | 672e92d59dc850f02dace525ba30c022b05a2153 |
| SHA256 | cfb773af4ef69b3ab2605e03b438601742efff401f779f70565a32a0c6d8da80 |
| SHA512 | 32187ec78ac01f438a7e2c8a424f0361967e066a55e450461f0c8d15f58bfd53d22bbc0f270485d74087e6032c134103f104f604932f3da408394d7987c26b72 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\60B3F7207DEB992031C120EB71F562CD
| MD5 | 94bf0bf032ce32469dd74f4f1f5320e6 |
| SHA1 | 86bff704a2f82816f346a6a374250f35743de3b0 |
| SHA256 | 54f08bfd73dd3477610059c4a1d92723e698def0efa7ad4661584a51d9aab79b |
| SHA512 | ac62c42bfe02a35739dfed5df012bb3ef1f7bdbde1f4d9dce9448812bb6d25891dbacc2591e859f644c95151bdb7179f4f8e355b81a2a38ca7afce4980a79901 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\60B3F7207DEB992031C120EB71F562CD
| MD5 | 9218ee8df71425cc409256c10ae934c4 |
| SHA1 | 45b4b04b11b426414c652c558b7d5a5ea5cd84fe |
| SHA256 | 22c75d652fc86999abe3f830565e9cbc352f616058dc57d83a86eabbe29f21dc |
| SHA512 | e6db0aa325dbd1e574ebd53ffc9cfa3cff8970906912211864417c37c82cad0ff15e40f2fb1653d2da4077fcde1fef506a9ba45257a5048f84c52bda7941bb5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DF8D319B9741B9E1EBE906AACEA5CBBA_A2E0B287EC2147F84DD8A330B45D3489
| MD5 | 9800059cb930074df236de1a5a099fa5 |
| SHA1 | 80a2a52adab6c840358d78e897e5af50716bec0e |
| SHA256 | 5438ea6c66bd6395b03fcb3278a993bcaec78f2a18b0b65e33edda2e82515215 |
| SHA512 | 227d58e37a9abb85009c71ab034bd4036fa3d0a54fdc691ed15a0b778999d5fb441cf9702ec8d8cc23d4c73c2098ac67857acb6eb36723778d62ce6d296c8101 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 600cef383ee35c608c89638044d692b8 |
| SHA1 | 07dd5e6c20a90499d224516f60384db57d863778 |
| SHA256 | cf01c760abfdf749cea9db951f5e1bbdc7d9532ab553626de818d1ce40124a63 |
| SHA512 | e8e2ac76e4ebf8d7653b75b1d3efe876b24d7b23465431ec398c8a29cdd8ee415a38ea62b552beb69a7ad2811493577bc6a6bdc49f2ce234273f7428dcf131d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_D21903E2722B551F252C717985D24037
| MD5 | 9b6bdf1ff89e6b5cbc4ffb47999c4230 |
| SHA1 | 02fc09bc77aa2139ba2127c4c55954bb2f73e960 |
| SHA256 | 56dce8dbaf864c89d0f9290a90521c20d6ff5fd323608552e1c3b2e820c21334 |
| SHA512 | e388c7d300127d804e1d9a4683a647a6fe5beebbba858fe71aca9914b5733f3165f1b6efaf7b196fd3f829ba093f7a787219efca5cb48226137fe26864656f77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FC68FB72D4FBC7E0F151BC2282D75E47_367FA2447481C3DB640CE44BE2E5A181
| MD5 | 9972ef0e402c3f415811ee9e4ea7fa80 |
| SHA1 | 8939f390d7a25e01104ad808cbe8936773de9a59 |
| SHA256 | 751c7ee9711dbeaae689cc0905d6c05a93f5ed84f137d65a8379ce880e2d9d24 |
| SHA512 | 501b22d81a30eaff3136468f20597fb2b89e21f8b7d69aad7c9a7acbba5397bd52e73f377faac8b3b62855d7964710d6c0025d90b1c5937dfce120967e3b82a0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 516d94e8566bd4731de40d99af56c115 |
| SHA1 | 01dad51fb331ae51ad954c1f6ecfcf3430559199 |
| SHA256 | c8f62db8ca19ebe2f2e7d40e1c0946914c33fa7706d9103b035ae36ae2bf8662 |
| SHA512 | b9a2da254b2f7aeef25ee6eaf8bf26079bd30f54e150e9bf6125cdca6db1298605a83f7b6f9c34518947add888194ef149d8b368a34434a02eb8e747480582d6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_38924EDF39D8802D6946FB22E5DD0835
| MD5 | 820ba96f6deacd0dc8c98445fca761d1 |
| SHA1 | 6a8e5583991089a49db7185604d0e4b49ac86b8f |
| SHA256 | 3d6537243996f4e6737a6e9e30b9ed5e749007d764747d5f98a4969ad27c35f3 |
| SHA512 | 790fc9b8fef006529a85db988a5998803283de2588e88add57941128b9cf69115fb2c9659986f7046423358376e44ba8fb8c895191afce6c9a37f878cceb2b8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 831dea185bd877afe6fee614d23ec9df |
| SHA1 | b6c3741d298a577347fd21f24cd9957aad106f29 |
| SHA256 | 9fbf9dc0c37568582b360d7360b7ec3a04c439d15edc294caa4279ddf4129d7f |
| SHA512 | bba0b75ed0d7b4e49dc1456ad64d20c2e748de54e2cd096e9438018253642a4f8402855bdc8c9a47561b04b502c462f29666d744fd9ea1dcf0c5ac552edf3968 |
C:\Windows\Temp\scoped_dir2676_211033368\temp\service_update.exe
| MD5 | ecc2447cad674a68a24f76772cb51dbe |
| SHA1 | 6928b8b96cb7a1fa8dc8a8bacef8ab6163a15af9 |
| SHA256 | 2d6ea9290d3676dbeb61bfd94aced56025cc2e357626ef58854b8be4ae4abce9 |
| SHA512 | 3edc14b1efe6fa1b36c77e3e70faeeec7eec58e2f4ba9c6ff0c4ec772d3ebcee26ac1d0be76502416be82638a5ba78b81eec552ffad9be5d1d3ad8a90743fbee |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 81f64f7114ed15a028c5a90874dd6cb6 |
| SHA1 | 7ceda613959a8ffe281a1be8f74f0dabf7637956 |
| SHA256 | 98d36c9f06c9051b148bbb43b5eafe02d21f84834a81793206a33d7f37f3ead7 |
| SHA512 | 97ba16e75c08f50cf9a2f36aa73eb7144ad260533dd9180062812af28fed32bde7f609b79b2d36116113c427205ea2af2cffaadaa776dda4e80264e60287775b |
C:\Windows\TEMP\Crashpad\settings.dat
| MD5 | 7adcf8dcdfea010f50d3cc8164092c27 |
| SHA1 | ce21d316dc9a3620fc69f515553051e1281ba683 |
| SHA256 | aefacba191bd543a5419a6fcc42cad563ab0572ce631046131b90586f352731a |
| SHA512 | b060a27efe130039781ff2bcde78367917db0af08b9a6a1bc9b106934c9d638743ca80e0c86174aafc1ac5a6a8801391b854c877ce862ac03b38294159ce72d6 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 5cd2b187483852aa269d22792135ad76 |
| SHA1 | 65e4f85c97ac8c2897a0d9397e05087ffa768e8b |
| SHA256 | 249ad0d8b3ef68925ef533ecd26356e23a531824f13f16fd95b6371d5ec79eb1 |
| SHA512 | 758dc49c57d2358a3a616987af5ef5151c496a775f6d5c4beaa6283efade8eaabc3d460118bb3a54f8acb197c1a5a245dae2fa4f9805a4058aa761165b791312 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 77d848922805e789cf8da87fcae24ca5 |
| SHA1 | f31822622d5126234bf60eb3d66dbc5bf37d2c76 |
| SHA256 | 170bef4cc603dc787e81d254cccfa3c325ed0225c7cd7ccd42fcd60c37bbb56a |
| SHA512 | cbb22b4158ac65dba6684097dae39827a55873934929b8143ae890969ccb88fbf3a027b6280a6fe0e3af5bf9d91361e5cef5f25bc5930c086e006d9d092f4ed6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\22.1.5.812\brand_config
| MD5 | f88326bf75f9377d75dc3b34df88b59d |
| SHA1 | f4eec740fe217e0743dc8b4f478d881550f8e12b |
| SHA256 | 778033d4ad9e66340c0bd06770e6d673d76d83d1cc3e9abe52d98ad4276585cf |
| SHA512 | 9aeb77c703d3d2e1bf4575c94585109d62c7d51fa07b3192af23b861069b65c28baff67c096b94b1620dfb80777e42cfdf9cae891a7d664fbe895abd7ece4791 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\web_preview.png
| MD5 | 3f7b54e2363f49defe33016bbd863cc7 |
| SHA1 | 5d62fbfa06a49647a758511dfcca68d74606232c |
| SHA256 | 0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8 |
| SHA512 | b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\web\wallpaper.json
| MD5 | 7b00cfeccb0f471865d2ef08fa1d1222 |
| SHA1 | 1881d5a29dfe86d6d19cac14a1a4b95b05494830 |
| SHA256 | 22557386855643b706808ea9aed33ac22fa26f58d2fc281fb0ba917cf55f990a |
| SHA512 | b7d80dccfa5f051b1ec8987193857aad83c7365e12f12fa68b8edc6ae0dca1d8a4d846e284fb8e15715b5ce7478dae334da5651b97a68189cb43c74e7fdf7177 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_GB_
| MD5 | d05ff01c9126cf5b4fb6930083bcabea |
| SHA1 | 01c12d9e6a373f27e76a474c8ad3daa4b8774ae7 |
| SHA256 | 2060d394c4bd711a83bb9d613c90583fbca220970ee31534415014a9dd42980b |
| SHA512 | bdb27c1bed92e07045087952f78a7e7621d2915bd15672b5fc738d29680de72733e1d6d702be859b4bb0631a18b8a27775abee52e5de5db996b53c5dc6a75767 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ES_
| MD5 | a2ab187fa748a38db8b6736269f64972 |
| SHA1 | 5e2e542d1e3fc32b3677b0aab5efa32a245d0311 |
| SHA256 | dc67a1ba4e945e0c8188112ce3ecb9c32d39d77d992ce801a2ac9f500191a4be |
| SHA512 | 5f295f3f7e61b6f206f70d776faeb78df337d3e2ef79212cd4af163eef31b7479b438749dc594374f5956048239513992c3763b6f3f5ac68bed5412a2f877797 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\stop-words-en-US.list
| MD5 | 30c12caa6c35fdaa225f9b476c003aca |
| SHA1 | 99822ef9d67eb7a121fc811162af9e815559cc49 |
| SHA256 | ae6606ea473ca9a9f8913cb2bd2b1ae2e45905d7ddc9638074656d0ed1c08b42 |
| SHA512 | 5c38d37fc59032afa7a626f2b4a78195b95234a7a402010602423a645e3acd90ca63b2be82c20e762be20900bef38104efd4af12930e174c423018fe815c7283 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\configs\all_zip
| MD5 | c9ac75ad5c047a40d4553130b013d891 |
| SHA1 | e6239762e63030317343a25368ba1c79a6c16bdf |
| SHA256 | afd8d61655f0411c32e70823f917c10230f2cf4688d6334e72989ab99f72d1b6 |
| SHA512 | 16a7f6396d9b5a099b6e5b032652d54a87120d87c584cf57d63d203ad1ec85f5199ae85a1589a4f193b456205e3d8b64c320093f3aee3d495b4fe424f0fa5f40 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
| MD5 | 25b5d707792b12afcb8513be382ea6cb |
| SHA1 | edd9c3959cfc870b3df4b4e0e9e7164d1699c430 |
| SHA256 | b91574003d8d139ee29c494308f654bf9718f66966c549980d6770955c6a2b1d |
| SHA512 | 236fb96e80e3d6f54e204fa75d5772b2892e9d355f0aaddcbffa543dff80ba01d76ea7907ad496ec7754daca7420e4623b68edc8f08d5ceac6ddbc01a7de4c93 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json
| MD5 | 64fd713b1e1f3252886b77e4e606d53c |
| SHA1 | 0f553961541f020d1d9f2d5f16ab0cab72c2383f |
| SHA256 | 1c0f05b4eca7127192e94961f30364d22b91f670e71ba46aad7675ce28f1641b |
| SHA512 | da666313aae61b452b711d92633f356639a029825e440dac0c4a3591f293ab990c8751040b27b3329c5d2ff3e77a1ba7657280b1d08a3416a16e576688807529 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json
| MD5 | 94aa453a6cdbd34e69bbe2f4693b4c5a |
| SHA1 | c8c1b8590d2fcb66d9ad8a3706c2a7b15f84e3a3 |
| SHA256 | dddb5d56f63059b6429a67fe0ec143e894b8731368e93cc1f46bfe415af86e8a |
| SHA512 | e83abe3d9000cf285ed5404c0d4cb11a2cef31299796d1fae7218301f4558ee84f9e27d22bdf7a4d39650ebd2de85a9a855787212e38962258c8268e83e3e651 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json
| MD5 | 3a1e3d1e0463434cbd8deb421d73b112 |
| SHA1 | 0750d36567529bd5ef422ffcb7061957bbcf497b |
| SHA256 | f1e7cf1bd64f05a06bdb6e5d2d2a8457bfc0e111ac6b1293840c5ac0952af27a |
| SHA512 | 9254fba5a1c409875d82d29e134cc102942a958ab5344e32c10ad86ce8e0e84854a405a273978dc90f2538fe4f5d540931d62b89439a885720c46357b02d2ba7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf.sig
| MD5 | 197eaa00216af72690c09b8b82211809 |
| SHA1 | 1e49ba86b771b391b63335fede7614f5ac427f84 |
| SHA256 | d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c |
| SHA512 | f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\morphology\dictionary-en-US.mrf
| MD5 | c8a293e130ee93c08592f0f5ba9616a8 |
| SHA1 | 49e7d245af097bd28af5ffa503858830cd45011e |
| SHA256 | fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3 |
| SHA512 | 9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\safebrowsing\download.png
| MD5 | 528381b1f5230703b612b68402c1b587 |
| SHA1 | c29228966880e1a06df466d437ec90d1cac5bf2e |
| SHA256 | 3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04 |
| SHA512 | 9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\wallpaper.json
| MD5 | 19feb60966afbb9d1b797a050278f13e |
| SHA1 | 9874bcea4222a8f56d59c91b7abe603687a4f67d |
| SHA256 | 94cf5e38c38f78a42d70599c469a3969e4b3feb292da450a947d8463a57bfb9d |
| SHA512 | 2abd6fb2bd126ef99a7f0bb79072fdcdea2670d1b296ace2b4f9ebbabb343594b140b6c2728c31af339465619a8ee9faa2e3d64e1847e9557c50a79144d24196 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\preview.png
| MD5 | 0474a1a6ea2aac549523f5b309f62bff |
| SHA1 | cc4acf26a804706abe5500dc8565d8dfda237c91 |
| SHA256 | 55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f |
| SHA512 | d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\custogray\custogray_full.png
| MD5 | 55841c472563c3030e78fcf241df7138 |
| SHA1 | 69f9a73b0a6aaafa41cecff40b775a50e36adc90 |
| SHA256 | a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45 |
| SHA512 | f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\wallpaper.json
| MD5 | 31b6342128a20e38a224a3c395f1d5d8 |
| SHA1 | afea42f96d007c0d02d90a2cf7d3486c73969d9e |
| SHA256 | a135978536ba7409f381fcac3befed527e6d310fd4fb6a9e567adbb22e84ef2d |
| SHA512 | 5b53e2a4c66d81f4e3aec91be650c4b151812d7ea8a6ef1ff911dd56933f8153ccf4a9883e406b2a9cf59056037a1e7434ed9c6c102ad446db5b42e1af93ea64 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\fir_tree\fir_tree_preview.png
| MD5 | d6305ea5eb41ef548aa560e7c2c5c854 |
| SHA1 | 4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d |
| SHA256 | 4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080 |
| SHA512 | 9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\wallpaper.json
| MD5 | 128fc7ac1e268f9e506c2d945f3c1ac8 |
| SHA1 | eb9a7130c1bd710fbdb278cf96664313b3ce7ef5 |
| SHA256 | face1c7f9049d15861f636fa1e2103f008fe90b7819228c1405338501ee19a2d |
| SHA512 | ee69306716398fdb6bddc3b6398f39a6de8ac253325431baaeb364ffbaa505c04c3c465769b50f2124b89cebc2e53abd4939fb23842127c018480d4ddad8869d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\flowers\flowers_preview.png
| MD5 | ba6e7c6e6cf1d89231ec7ace18e32661 |
| SHA1 | b8cba24211f2e3f280e841398ef4dcc48230af66 |
| SHA256 | 70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003 |
| SHA512 | 1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan_preview.jpg
| MD5 | 1edab3f1f952372eb1e3b8b1ea5fd0cf |
| SHA1 | aeb7edc3503585512c9843481362dca079ac7e4a |
| SHA256 | 649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212 |
| SHA512 | ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.webm
| MD5 | b78f2fd03c421aa82b630e86e4619321 |
| SHA1 | 0d07bfbaa80b9555e6eaa9f301395c5db99dde25 |
| SHA256 | 05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56 |
| SHA512 | 404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\huangshan\huangshan.jpg
| MD5 | c51eed480a92977f001a459aa554595a |
| SHA1 | 0862f95662cff73b8b57738dfaca7c61de579125 |
| SHA256 | 713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec |
| SHA512 | 6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\wallpaper.json
| MD5 | 1a8908826d2efe5fa817ce6bf474700a |
| SHA1 | f25ed2de494bae4ffeca33071e5c2dc034c863f7 |
| SHA256 | 9c75f591907f6a631ba583bce6ddcaafa6f89a84a4bec8108637f7f471e821cf |
| SHA512 | 1b68183bd466d01ec25b1281737ac4e752263cd88b64e16324244812d46f8f985ebdeb35d065c7aabc7abcb93286e92b0f3d5b0b7173f5aa6e33891c417b6fc8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\meadow\preview.png
| MD5 | d10bda5b0d078308c50190f4f7a7f457 |
| SHA1 | 3f51aae42778b8280cd9d5aa12275b9386003665 |
| SHA256 | 0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238 |
| SHA512 | 668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\wallpaper.json
| MD5 | ea6753f7a10f9f92b7790c93f8ea2411 |
| SHA1 | 0cb570e8ecc34e16017b920fbcf1036cf1508ab4 |
| SHA256 | b1f9aebdb9333b4b15c2a9339d18e974205cbd4a61d2a0b4d34a25b384a0de7c |
| SHA512 | f7974e99c58696a4d739c4d590f5f50094082473754e6b1fb8a82c76566cf3b5713b1e013126f8fbef0f0c8af2e08d09b32307958c9ed1a1007c04ce89539ec7 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\misty_forest\preview.png
| MD5 | 77aa87c90d28fbbd0a5cd358bd673204 |
| SHA1 | 5813d5759e4010cc21464fcba232d1ba0285da12 |
| SHA256 | ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711 |
| SHA512 | 759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\wallpaper.json
| MD5 | dabb663536eef90a540783e707a311d6 |
| SHA1 | 9659fe0463435f3281983ce306ff22fc101f6e57 |
| SHA256 | d1c971a197cb79f1df640994465aa7543bada90059f5b2768967d2b57c6afd2d |
| SHA512 | ed6b4090eba519f2814dc51fccb92cdb703656c77be741f07753f9c84d09394d080158e04bba1ca9dee501b0dff2a21020883e538a6c0ced6a12602b7098676b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\peak\preview.png
| MD5 | 1d62921f4efbcaecd5de492534863828 |
| SHA1 | 06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45 |
| SHA256 | f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab |
| SHA512 | eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\wallpaper.json
| MD5 | 69472b2b8eb07ec616a8e94a492c6c5b |
| SHA1 | aec5df4e15d292a360a5dd6125217ef063ebe65e |
| SHA256 | 6e9ef0bb0853c6c898ec033d54d9d5cfcb68a5f52cd8f9bfff3528a02c73e06c |
| SHA512 | e355958272292bcd7d767af692fb33941ad469809abb6366b1aff2bd4585de6a18b290258799e943f9a53416c9f5c139ccabc47cb337d0e6e4f5d499f2e27aa4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\raindrops\raindrops_preview.png
| MD5 | 28b10d683479dcbf08f30b63e2269510 |
| SHA1 | 61f35e43425b7411d3fbb93938407365efbd1790 |
| SHA256 | 1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b |
| SHA512 | 05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\wallpaper.json
| MD5 | a79af1c34d9d4fcc609e57fbd387924b |
| SHA1 | 6ae1f8730d03cbca17a1c368da8a600157e0ea49 |
| SHA256 | 8c60b18ca1810a5e75950095cb0dfb4bb9c32a18f99e5505cf40c39840b8a633 |
| SHA512 | b95aef743acb3c6890e3ca74fc260a8fdeb134ba399f6e9851d34a47fb2cad9791a64d6214acb956ba4c8b51dd710f8f10fa8c3e88fb1a0f52a7e2214eca16fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea\sea_preview.png
| MD5 | 3c0d06da1b5db81ea2f1871e33730204 |
| SHA1 | 33a17623183376735d04337857fae74bcb772167 |
| SHA256 | 02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086 |
| SHA512 | ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\wallpaper.json
| MD5 | 8571306e9021fc89eff3c5ced3e02098 |
| SHA1 | 49d6a7baa6ab4182c4b38c95be4bef1b243fc594 |
| SHA256 | 0529c0be39bdcb289bf29e6a9c774d907b444857cfaa47d3942e5dae1b75531c |
| SHA512 | 7657c0e48b4cfa3025bc33b0decacc22646bde2cedda7f51b98b19a17a91461ebee57f054b64edc58318ef6caef7227ac21b740527144f3fb0bc0a2e7b9fef19 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\stars\preview.png
| MD5 | ed9839039b42c2bf8ac33c09f941d698 |
| SHA1 | 822e8df6bfee8df670b9094f47603cf878b4b3ed |
| SHA256 | 4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689 |
| SHA512 | 85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\sea.webm
| MD5 | 00756df0dfaa14e2f246493bd87cb251 |
| SHA1 | 39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9 |
| SHA256 | fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13 |
| SHA512 | 967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\mountains_preview.jpg
| MD5 | a3272b575aa5f7c1af8eea19074665d1 |
| SHA1 | d4e3def9a37e9408c3a348867169fe573050f943 |
| SHA256 | 55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8 |
| SHA512 | c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\wallpapers\1-1x.png
| MD5 | 80121a47bf1bb2f76c9011e28c4f8952 |
| SHA1 | a5a814bafe586bc32b7d5d4634cd2e581351f15c |
| SHA256 | a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e |
| SHA512 | a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_UA_
| MD5 | 61aef3bba55267d45529f487b7e61716 |
| SHA1 | c397377caaced67127eab936369f117b5da158f1 |
| SHA256 | 792f8c1e9de09cec4f4ead577a5fbc15705347266b73a7cbb5c17492d7ad9aa7 |
| SHA512 | a37f43bc7d77cade850f0a85e6b3c0a6bb1afe06fd296ce5dcb17abab4d619003cc0f17e7182efb111fb84359475ebcccd5c283cfdee885e8bac95fb39f7fb57 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_TR_
| MD5 | 50dbdb9aaec42827cc2eb5d04f9c73a8 |
| SHA1 | 0769ba6c5fe530ced2562107472314ebb2cbd909 |
| SHA256 | c0e6fb42389e71e97b21f50c6dd766172cd4ef76392fcb2305ea747c177b3e21 |
| SHA512 | 7f5e0cc72d3956d7093bef7fc77605294b84fbd58c966b5091aafc5ce1f25788e707c482b40129f28155d8b88660ef6b954f9a682d43be337d84d7dfc175ec99 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_RU_
| MD5 | f95a365fc86e04f9b40d07b361907fdd |
| SHA1 | 5e399608d0491c04014ffae22c9d2fbc80ba79e3 |
| SHA256 | 86984ab8b856af9f74c8f19320edf37b0d77cec81c47d904a140630842ce4427 |
| SHA512 | 3ab98b43da1cd9ab2e26a247f04314c1ea31bcb61bccefdc8f5f458320b8d3b2a9fcf157b52e326e112fca4ded062f50e765ca03d62cfd95ab03a2087fe6ef2a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_PT_
| MD5 | cbfc45587ec6c290e2d7382fb125bb06 |
| SHA1 | 5b02fcc706a9f3a35a5d74927bbfa717ad6836d0 |
| SHA256 | 320a0b330e0a40d1a5c74221bd3e4b1efdd9a1c353cb07a73d88399c2a991208 |
| SHA512 | fb22df834a02a9df01bb479cf28437641455c113d84166672a15a76bcb977bf5deb230cbb21c99730ac883545e7f457cdab048c278cc2802b11568d4fdfaa1a3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_KZ_
| MD5 | 9f63f6736c09a29280c8d3b3183f959d |
| SHA1 | ba172ce3c43996316f4c231ce443f880bedc9e9b |
| SHA256 | d33cb20100bd3f182514171f9d41fa36e74ac32bd30c2c44f0d471449b331618 |
| SHA512 | 91948d89a0cf9a4519066cd9b6bf2ee9d5e29270a77e57160354f4e33f3ab73934851136563f0d85d10dfc5acee5bed3bcafdeee179aecb85b8765421e1062db |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_JP_
| MD5 | afc46500500ca4fbd99209621ba961c0 |
| SHA1 | 530792f4d2dca8a77a6253d97c2047d221ba4188 |
| SHA256 | 33e924e65ef2b05e48ada9e95feb4c9c4b4be442f79a04c8d863913f94783574 |
| SHA512 | 2edd0372618df78803026824196a4841b569c0c3cbf4b5247556854201953d492b42b89eca5deb1ee9d8d1658ddabfd534ab97c3ea61b0ebad3d716aa2a40cda |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_IT_
| MD5 | b2354e0b4f3a3a25f9e0637e1848687f |
| SHA1 | 85e3cd44b2dfe0be78befcd8eb6c0776e5c06f1d |
| SHA256 | 2c9ab87ab9fc5f8f8d2f2c73128148167b3cfc52325a40366924a9997c070f92 |
| SHA512 | 2e9ec9ec9bd7f98b126a62635bb24ba42f7da202b6760b77ff97c4d17471300e592bbd9beb13256cb5a61378a574424a836ae57eb046ac195a10415c7c1c1810 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_ID_
| MD5 | 38e1a9f53847518a321c65ab8ca40e75 |
| SHA1 | 7fb594a3a407744ff45169dfa4a3118a1bd747eb |
| SHA256 | 51feb3e49bd80615e19ff9a5c86a5a6630ce0b7b7c85c939f90a9255f9f2c12e |
| SHA512 | 2043ccbafdb8740c7cc967618893589c431db722b266c252e0744b031d5b7bc950c804349d7930691fa062537dee9100421f95b8e53c042793f06ef282e5dcbe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_DE_
| MD5 | 847356d02a4dfaeb0449153805dc89b3 |
| SHA1 | b608ab76c78ca53787191866dccd447be841c61c |
| SHA256 | c5a232993c677b3109542bd974336ad8dd42830319be773dab75c3e147c07317 |
| SHA512 | c5b01b532ed42c056db108f6bf227dc3773640dd556278c3af0a7a7229bbdc3963ac0286d4714884265e189440f04a31addd5a36002f22ada5ae8364c7e79a78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CN_
| MD5 | 5fb2a63a8a3cc86330484f6b89d17bea |
| SHA1 | 27a01c90bee60fe786888d641170768f76326734 |
| SHA256 | 0fb259ab08ceb8987ada8b362a48e0bf54c2063a7c374203dcbac8dc6558b056 |
| SHA512 | a87165e9a0eb49c04e03a4764505770ae936c8cefa346c41b47e39e90b31b33fdcb9cc0ebf1e706aa8e3ee34d81f5a815d4f9587a022c64a73e374f35c8de4da |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_CA_
| MD5 | 9644ce7d7022710f9e3d15ca62652130 |
| SHA1 | 9501c256b77bf4f2d15eeebea872394be64453f7 |
| SHA256 | 2e9b8194da778435200d9eb756d4356e0741ffaac24e7f8fe064c35c2b572539 |
| SHA512 | 81e1cb5b76a19e07f9892fbbb016594b0545cff56e3d7b5fc124c9c54746d571061748f0388dd911097c03fc379dc25235db21cf8ce141396c4a712368dc8d1c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo_BR_
| MD5 | eff751f0d80c5df86c5edca15aec9a4f |
| SHA1 | 49607e819f796d34d1ff7c1c894604f2a5de4b56 |
| SHA256 | 18b6ae3ebec51fe0a5398a53a3296b2300e75690b2f5d9763e68eca8e938d9c0 |
| SHA512 | 2e486efe9ec6c65dbef2d98f0f95f87282a210068118c71d3ad33fd6400e01b49060dac926a5632e317b5e3ed04f66638e179956531a299b31dbc249139cf902 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\tablo
| MD5 | 0a8228e3d9397b33f203ddf77940b986 |
| SHA1 | 69249827fefcc7409098756a0dcfcb79bf1955ae |
| SHA256 | ba9cad7508d2e860014f4a7c7bb290034dc7cc4def9142bac3e5ff1120f5135a |
| SHA512 | a9d76de78b02b3651e93a927658945fe0320b395f50ac12055dd9e99cc5516408a1a6778ec281aac2e31e75fcf40ab84ff5665b06ae6892d68c349c9a5791de1 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\sxs.ico
| MD5 | 592b848cb2b777f2acd889d5e1aae9a1 |
| SHA1 | 2753e9021579d24b4228f0697ae4cc326aeb1812 |
| SHA256 | ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd |
| SHA512 | c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru_2x.png
| MD5 | a6911c85bb22e4e33a66532b0ed1a26c |
| SHA1 | cbd2b98c55315ac6e44fb0352580174ed418db0a |
| SHA256 | 5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23 |
| SHA512 | 279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_ru.png
| MD5 | ff321ebfe13e569bc61aee173257b3d7 |
| SHA1 | 93c5951e26d4c0060f618cf57f19d6af67901151 |
| SHA256 | 1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64 |
| SHA512 | e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en_2x.png
| MD5 | 900fdf32c590f77d11ad28bf322e3e60 |
| SHA1 | 310932b2b11f94e0249772d14d74871a1924b19f |
| SHA256 | fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9 |
| SHA512 | 64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\about_logo_en.png
| MD5 | 1376f5abbe56c563deead63daf51e4e9 |
| SHA1 | 0c838e0bd129d83e56e072243c796470a6a1088d |
| SHA256 | c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62 |
| SHA512 | a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\22.1.5.812\resources\import-bg.png
| MD5 | be2acbae1c7b09125a85c5517a7dd70c |
| SHA1 | 091dbd354f830ddf74258b337dc4f7177a860d1b |
| SHA256 | d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010 |
| SHA512 | dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 258ea1c376583a48d89b2d4bc133c744 |
| SHA1 | a8f9f60756f5b89a86bff2fe0203ef890ece5524 |
| SHA256 | 88d1e156b6b029b852a41ece2f4bccae6754a8c07efc9c592ddfc3b5be2e1bf4 |
| SHA512 | 11d37e94cf94ed856ca9226e22a8485a037b5db3a80efcad1017099e14d4ebcb53a0c35e35775bf0b58c1c544a04a00bcd63a1a3aac480ce62256d2e05c3e7fe |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe5826bd.TMP
| MD5 | 393b84963178d403657e3db90765e7c8 |
| SHA1 | e8b5ce7e2ee533351d71f58a56c0e6ee1ddfc22d |
| SHA256 | 9c084d38e3461c6d251ddf46a7a47c2f09939c5134baa8a5b8fa49ed3297b8d1 |
| SHA512 | 000090ec7ff7230896ae0a567c7c6c03fffc4cbe3aaab971eb713b79a4de4a65beaa9fcd986cbbaca74e577a71fd8b11d853984fe566d73254ad7b2257a8a972 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\8726ae28-d7ee-401e-887b-559b5d19dfa7.tmp
| MD5 | 4d4b657a4d0b9703e41b3e14991c5f6f |
| SHA1 | 65858616de1ec60bba42d2afc307cec3d6da232c |
| SHA256 | a0b1ad95ddf3645510625d1f6da088b1d78ad2fd3d19aa1550dcac7e8e4ccf1e |
| SHA512 | 10b753ca1898a8c5ca162feb1f58e9c90d17a2cca47b6a70c555d7e7a1188e331e339a2177f83e8211e742a0a2e680b0d86e0f2ee2fb17c8914fb1d6c6b3cd92 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | 8c95899cf971c873be710f56cb137813 |
| SHA1 | 2948c72889cab6ed7b160a174a1461aef03f9857 |
| SHA256 | 4cb7c9a632436181f20e82a668b8780835b307730727649f47e1e16d10dc26b9 |
| SHA512 | 19bf663d10759ed164c78487ac0c075362ffce5149b7b3d5a5acb923f0860ef97d8452a73a32827ec6628d296702ca4264e731dfbed66381ebd7cac448fa9be6 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 3b3db48e96454f0e71e3d4b6a04dc5f6 |
| SHA1 | aff7dbbab10b0729d011dfd862028bafa34e0b08 |
| SHA256 | 87ef68b20f949eccbf46a2cfafa36f9205ee844d4d4ba22ec25384291e6fa2a3 |
| SHA512 | 3adc47192e16ab05386446d8864107549ccf6b1d73a840ace1983846d70afe03fae3084c41f5ce0cef2c0df0e5f1a5a43054a7332b68941cdad8317a63b5804e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe5828ef.TMP
| MD5 | faf94bc30bd6ce7957ff5d47b7a368c4 |
| SHA1 | 79b59f7ccb93cd59a8377917a817f2019a3f83b3 |
| SHA256 | 61ba6ba2d5807d66b5a948cf3b093aa7ec5fcc5229a7fa22fe8e61f92726b0dd |
| SHA512 | 1614e705fe9b1f1f91d4be61f8dc2556a65aeba9e0124c13aef1a07337d6791f72d357022b6627d97155c708aa06d8f4555069d5ed7dfb9180e74f562869f2d4 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 27d78222dfae3bb0b5291406ca6be857 |
| SHA1 | 03deeedee23ec8ce3456bcbb192656ddbc01853c |
| SHA256 | 618b2cb0640954d07b5f13b706e2e7da0868fdc2e1452150cb817b0bbf2136e8 |
| SHA512 | 73c25cf699ce0c6d573d76327b313cb4a6942334d381b91e9fd290090e2c4ebc6b25ea5b49b46ff26d14d3c98054ad8f4576a463dc5313fdfa19c9ed5f8c0630 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | 3c4e9663936f49007c99086e9f201784 |
| SHA1 | d7f8ab01c83899267c4b2509dee23d26f51ccd96 |
| SHA256 | 95fcb43972e6e6084651477a4dfbf417a6be3beb508020b073308bf36e1ac399 |
| SHA512 | 5d1ff541144b20262f1aedb8529e0e2ac5daa34b6ea419d3a88c0d8c3b7604627f3406696aac9f55982fd68b3469234a78b12faaa0df6fcfec325bc6c2d0ea6f |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State~RFe5828d0.TMP
| MD5 | 43c07741bd4e636c3205f41f08fb5e00 |
| SHA1 | 88f65a76d2dfc05830b8da95448c62a4f4b46528 |
| SHA256 | da7888f1ff88dd17492150ac8331cc5250b118130ef4bcd38905ced7e943656c |
| SHA512 | 75878b37a61e70423caacb9e8a89dd00970d6aa3f4503e5add72f6a6439a25f9078fe2bf4b383706d2744d16fe33af7238e3f7260be50118da17c2dd633c3e1a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\9fe684ee-d7e1-4e9b-b79f-38d5c645ea3f\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | da6a3a86a2850d2e67aa8f7cab75d51c |
| SHA1 | 7fe2122ac21f25a0e8af1802e9de94c32ab34795 |
| SHA256 | 052390c9a2243862d68a2d6479f0304193f87ff9068dde0603a87d6e85916af5 |
| SHA512 | 086cfde246a24113b713887cb9ec4a192e21562078ad29a97bf7f82a0c1d3fcd6195843fc672c0a832059763adcdaa0f07655a847efee1ed34d72112460d23f3 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe582ad4.TMP
| MD5 | 7662f01031805a9bdffc8e03d845e2b8 |
| SHA1 | f104a05d3ebd6fcf5733ee6076b70f2b5f52475c |
| SHA256 | f54d50368f1b796529bbda8cece406c71c45275486202ebe40e30dcc965a19e3 |
| SHA512 | 1e8e4be1dddabfdcfc69304adf0de06ff8962504c2255e0e5c0fe449469970204bf50bb8784b219ad6152a2105613aefb39fd7325a30793ac9d0542bbb8cb246 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\9fe684ee-d7e1-4e9b-b79f-38d5c645ea3f\index-dir\the-real-index
| MD5 | 388f81493adc0e4e31bbd43d35209754 |
| SHA1 | a29abcee688fb655c4eedcc0d174d6fbbe030359 |
| SHA256 | 9afa21b110da0bf62b3cce2175e6cc0e0dea8b85a33a0769c830c4b2d40cf56e |
| SHA512 | 09a21fdea67ce61b094882a1ccad8d9158ef391537eaa40ae4c2875e902affdd99e68148a72ca1474d77a79c01c67e8deb1bc0c57aad736746ba76efe4a8529a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | f70fe2e0e0df2e9665c41493a3d0a0e2 |
| SHA1 | fe066abf22377777c1cd25443af23acd1409f322 |
| SHA256 | 0759940050cd4fa6289fee2520f294fcf3c21c048c1991a0d3139ce29201bd45 |
| SHA512 | 03cd339e982757261858f8282e0bf8af66501724e91bac1da2f23f9e015ed7e764138fca0bbc162a04551fb338a3404afb05d142e1777b3c08973d2ae15ea784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 116749deb1b842cf569acbbb68094c8a |
| SHA1 | e603cb33e690e4db48356c1857c68047bdcefe88 |
| SHA256 | 0e334629e4ee5a8d1f1c94960d26e43730b7f5a910366f9abcf5d2d99dc01025 |
| SHA512 | dea9b8fd4241722451da5b2e7511e2d1141b3d363a15a753915b003a32a250ff655150cb4457fb53d435a3c013896d13c4f0f78feb55e75b37a703eaaa16ea5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582c89.TMP
| MD5 | 736d671c9f5879bc974949f723eed6bc |
| SHA1 | 0c78bbb9974fe692eac96e19147b51e2f24435db |
| SHA256 | 061eb4c8627cae94c89e10ace6bdddeedba022f9e4b9af715f1e698b19de9d3b |
| SHA512 | 13e48d7b044abeca250e515d074c4574c79eeb0f8d69ecf98305b254757ec3f5063fcce437f414813ff5d658ab51ea5a1e9e71f252abddb75f2865a15a7b4631 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4cfb1772e262cfd3e63b7b531434221b |
| SHA1 | 5d557eb353ed24631ba1d84eee963767283cd27b |
| SHA256 | d938fb098279ac394b369fdc85e70ab616d76401cfe756eb58be663b3c14ac57 |
| SHA512 | e05762817934566e8fbc52c91f488f525573adf55cea73de6ac405748087850e485dcee74b1440b54a37582ea9a802a3995f623c2e8a0989b134164ab465daed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 06aabdbc2d8cd1f12e04ea42034518e9 |
| SHA1 | 843a212083a8cfe7c717f27acb07424c2fe8d9bc |
| SHA256 | d870ed899cd39b4e3e3c531dcbceb7b8ca9b2995ae75d34bd3f0cd76d771811b |
| SHA512 | 3c6f90d94a89c20a19763ba3e6a835b10a1ec817219a950462099668e2e7b8e97962de669ba9c310a5eeadbf41c7fff7faf52fa62c332613855a568376742336 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | a0c52427399ec627d72a62512fa13ef1 |
| SHA1 | d38464a5e699e1c2d4a59a74d0e42ec550b05f6a |
| SHA256 | 35f2968cc8784545b5e4a86610b57bbeb220a11279aaa907455507cb35c20038 |
| SHA512 | c289f11845da7a688a6ceec723e1099e38c053f27b554522226819a83b89d460a4f41aeb6c6b8982199e4d4c14a41fab330c543f958e87b7d1172e9f3d687c43 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | cb08f7a7d22144f65d79e0287e177b17 |
| SHA1 | 0f21d2465349bf1acbc597e737ab2d5a434d3425 |
| SHA256 | b374f33fc115d4df5892623b8ca8dd5fcf0af64a07e5909eec1b798a20caeaff |
| SHA512 | d914d3153895492dad3eda0ad7742a8c42cdb3a120c6601b90ec8bac63f908f67e050abbcd0a24a00c9fffdcc8c4572d63580ba898c7d698c7a9be5bbd0448bf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\c7454cf6-3cbd-4fcb-bbf0-fe14479b759a.tmp
| MD5 | 4dbed46c80310eac57ad51d9f6a1274d |
| SHA1 | a75c2f2ae915f0fef180acef387e5b3e3ef210f0 |
| SHA256 | 630c02e7cc92f698bf859b353a626d8f9463bbeb85ca2145dc935b7cc8c280a3 |
| SHA512 | 6e8ea63a11d762dc5f7440f31b878910bf781988f545f3383cd154127d5378b437719f554d534c019ea889407192a29dba2c46eb11f3e9b8d26189eba5ec74ff |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 9a1f0c7843bc890f591017e8935a0137 |
| SHA1 | 7f03a02e638cd5433b649b20048079a2dd4c303f |
| SHA256 | 166748faedb7178fee795023a6afb44477ba97d6b0bdf0deb49af19403689e1a |
| SHA512 | 81d2376d1a5fb9ebc1c1b0d245d95ab4ce64890a9028506566b0b622393d5b33e0992a3357e8d442be9c08e32f2ac4e26d611495bc887ee9cd7e3696ee7305aa |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 467d13608489d92e4ace184e5e6a49ff |
| SHA1 | 6b459b4221aa45c18e1c92e9214d6ace527e2ea7 |
| SHA256 | ccaf050fa33ff81732e26466ba34705bf340e596aa0ea72cefc90a786b4046c7 |
| SHA512 | e1c6b390af6fe66150b734285e0317e3ab794764eee1c7bd0a67577aa7ce7867ccb3e5a113819bc3eeb55c740a32e26d1dd23dfb8c9eeadb3a1539b0a3a14d46 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 470a73afac5532347cbd902d41cba13a |
| SHA1 | e0f64040a8ce99e72686130e6072bab052d3cf86 |
| SHA256 | f37e6d645e1f156f3e647ecbb76f6f961aae852155e78fbfe2e5fd50f279fe62 |
| SHA512 | 2d09e0616d83ae294f4cd975247e17efca7c2b5d68925ff6a670dd1e947c2789a4a53159671cb566e3a0ea0b75c015f1ff898deb9d1103b044d7c601cea7f112 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 16d3e1b5f50cbb697057c3b0e183c299 |
| SHA1 | 8151601f26ec0595f5dd21e7cd00ad61a793af5a |
| SHA256 | abb86a0c033092d67a3c91df3f5ac42f64bf5d840252d97be21d833c5f124c99 |
| SHA512 | 3370bb5c3b89402746af3afe9df9f1d69a3292434b934a0804fbe17604fac209d85ce6703bb261f70941ef53a17013fd588235136445402d6ab01aa05b93bf22 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 48272ae206036f4e7c1f684f58014e41 |
| SHA1 | 0c800216421c2f90856b61565294537d7ecd8aa5 |
| SHA256 | 819cee9ba4b6247378cf4509bc5e360d855468b0c6401bdf10e4ce7fcae60a64 |
| SHA512 | 6a2644fbb3a885ce96866ad2064d75a6eaff9ccbe7cc304a88c04ab24571ecfe5fd5490a7d10fc07916693357477842457d3357f81e618f3a0b9b93d2e118a56 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | e6eb37a2b12b1f44d090ded1322bde9d |
| SHA1 | 03f7d06e2a2e63c514759bb9218b5d2cc6ed290e |
| SHA256 | 2490219da5ecd48ba75d1b70c1064b4df39f1c6af11a35927b1ecaa91f9e5413 |
| SHA512 | 4bb6fd53df80b17cde4ea89bec4ba0d337795ad18c3f4f876136a4020429e5dfabfebb9a75e3a735218c5e4cd5de0c81d677e999a13c0d9871a497de552f75a8 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 34cc9506e7476dd61983c8aca7376bde |
| SHA1 | 86614b9840797b9d2545103a87a1b84ec71dbd5a |
| SHA256 | 8cd4b4bfb5c2d2fbb0164215fad8ee4cde04300d2cbfc9e4792bcddb250ca6f7 |
| SHA512 | b6fd281ce2b264652dd98eb296d96b83438da13f16f2551c574de0ab8fd0f8d38b1b4b910389f06cd6d398cb8cb1464f938e3a9603264da16ef390cfe4645f8e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Local State
| MD5 | bfc304e46a0584e9fefe3ccb7ab5badd |
| SHA1 | bd4b3f2b1e1a14e4bcb437c11a88eb5bf861f614 |
| SHA256 | d5aa37ed2af2671aefbe53218d45a26a463fee9f6e9e031162d956896a86eaa7 |
| SHA512 | 5dc59188781027616b8342ded82738c8e3eb62858855f7cb1fa1dff1f23eb04dc428fd95054ff5c62f03e0d174c4a01eff6b6ce1eae1549c8d251044ee05eb69 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | c6052a44a2dfd8389f5e08612efbb5dd |
| SHA1 | 191489b96bd376619ac782123cb6ee4aa68a6482 |
| SHA256 | bfcb16bee8f69560a1629e2af34ef015eb0d5ab1bb18db2205d06da0038e5a29 |
| SHA512 | af066f8db361693f6341e1ad84885366e389df9d60477de33ee2e251230d8f6f57eade68681b02d4ef554a813f9d2db91d0efdfdbd16d7c66fc8f3d9f5e8f4a2 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State
| MD5 | f02bac698bf630dec42e0fd84659c6dc |
| SHA1 | 037c005e3df8d8b84454e864883bc74ba32e86c4 |
| SHA256 | 2f7460a86b9e6ff7ede2dd53ba5ac3698438bfd9d92086db61b1239ffdd7f589 |
| SHA512 | 6249a1e090032866da1f4b61771f421fe41df46c222fcaaeb2d88ee3f457990bed92a0069e2a4d4fb20aa8d8c5effb109ab44f457df1edd8383f2dc9dc59e381 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network Persistent State~RFe593e09.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TransportSecurity
| MD5 | 8eaeb225f192e1a54035d38df828ab8f |
| SHA1 | d85077a5b678b3d2d4e3b567bbdbb0124aa58562 |
| SHA256 | 3437289121a8957ccdbd59a52d9e63296f161ef4a3fcc32512545bfa63ae539b |
| SHA512 | 70320907792157e36517440df42712d6f553cca4f951cbf4475d9df14778673b0173f16b28020d77f66e59b1ab020f38b61ceac16aaf77269c7e607861df2cf0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 748b47a68726c7be919f7dec9334e2b4 |
| SHA1 | 86c1c856d96a239f561606328e72ac41cd973b9e |
| SHA256 | 44bee9c042fea6a17e3aac60a6eb6f2223174985d2e4f7cce2684b0a4cd833fe |
| SHA512 | f0b6ba95d1296d280d8fbcddbd1f71fe6609d0bdc17ac3b2a0f6df01fae0ac146b57e9393fbff0dc96382853422f7b077c370f827a767f087c985ca8202b5847 |