Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250610-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250610-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/06/2025, 18:37

General

  • Target

    2025-06-30_64bf5559232c3ab3b2e08cdbbb086580_amadey_black-basta_darkgate_elex_luca-stealer.exe

  • Size

    9.3MB

  • MD5

    64bf5559232c3ab3b2e08cdbbb086580

  • SHA1

    625aa70d119aa33c22c7a4b0dc96dea376de81b0

  • SHA256

    1f0e5d982b4d5f0fb055e2c9aa427ad6930f3ddb7726053ca1c8cd0687617c1d

  • SHA512

    57f00ec928456addc01881087953cac5d8b9d791fcbd78c4fa62c67f69bab019c43c3f8b2dc89b5fffaf1b6711eced079f640f929b04dcc2076d6387406dab7b

  • SSDEEP

    98304:W/zpeETc3VRjYkvueWGJv4xNTEY9xFUkcVwNSHfbv/kaIhThw6Q1f+hl/hjY4+iQ:Wbc33j4NTx9Pe20/zkaiu1f+79YRN

Malware Config

Signatures

  • Downloads MZ/PE file 1 IoCs
  • Checks computer location settings 2 TTPs 7 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 34 IoCs
  • Loads dropped DLL 54 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs
  • Drops file in System32 directory 15 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 4 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 36 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 47 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 14 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-06-30_64bf5559232c3ab3b2e08cdbbb086580_amadey_black-basta_darkgate_elex_luca-stealer.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-06-30_64bf5559232c3ab3b2e08cdbbb086580_amadey_black-basta_darkgate_elex_luca-stealer.exe"
    1⤵
    • Downloads MZ/PE file
    • Checks computer location settings
    • System Location Discovery: System Language Discovery
    • Modifies system certificate store
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Users\Admin\AppData\Local\Temp\2025-06-30_64bf5559232c3ab3b2e08cdbbb086580_amadey_black-basta_darkgate_elex_luca-stealer.exe
      "C:\Users\Admin\AppData\Local\Temp\2025-06-30_64bf5559232c3ab3b2e08cdbbb086580_amadey_black-basta_darkgate_elex_luca-stealer.exe" --parent-installer-process-id=1672 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\e708ad55-30d5-4d58-a7b8-91b831567330.tmp\" --brand-name=int --browser-present=none --disableyapin --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=int --make-browser-default-after-import --ok-button-pressed-time=502411865 --progress-window=524930 --send-statistics --server-config-bundle-path=\"C:\Users\Admin\AppData\Local\Temp\9b2c4bb6-7efa-4a95-9e1c-21919a39ab70.tmp\" --variations-resource-file=\"C:\Users\Admin\AppData\Local\Temp\variations_resource\" --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\0cf0593e-f09b-4a76-8db8-2d4ef06e1a88.tmp\" --verbose-logging"
      2⤵
      • System Location Discovery: System Language Discovery
      PID:3092
      • C:\Users\Admin\AppData\Local\Temp\ybBBCE.tmp
        "C:\Users\Admin\AppData\Local\Temp\ybBBCE.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e708ad55-30d5-4d58-a7b8-91b831567330.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=19 --install-start-time-no-uac=504927510 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=502411865 --progress-window=524930 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9b2c4bb6-7efa-4a95-9e1c-21919a39ab70.tmp" --source=lite --variations-resource-file="C:\Users\Admin\AppData\Local\Temp\variations_resource" --variations-update-path="C:\Users\Admin\AppData\Local\Temp\0cf0593e-f09b-4a76-8db8-2d4ef06e1a88.tmp" --verbose-logging
        3⤵
        • Executes dropped EXE
        • System Location Discovery: System Language Discovery
        PID:2572
        • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe
          "C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e708ad55-30d5-4d58-a7b8-91b831567330.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=19 --install-start-time-no-uac=504927510 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=502411865 --progress-window=524930 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9b2c4bb6-7efa-4a95-9e1c-21919a39ab70.tmp" --source=lite --variations-resource-file="C:\Users\Admin\AppData\Local\Temp\variations_resource" --variations-update-path="C:\Users\Admin\AppData\Local\Temp\0cf0593e-f09b-4a76-8db8-2d4ef06e1a88.tmp" --verbose-logging
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Drops file in Program Files directory
          • System Location Discovery: System Language Discovery
          PID:5412
          • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe
            "C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e708ad55-30d5-4d58-a7b8-91b831567330.tmp" --brand-name=int --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --disableyapin --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=19 --install-start-time-no-uac=504927510 --installer-brand-id=int --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=502411865 --progress-window=524930 --send-statistics --server-config-bundle-path="C:\Users\Admin\AppData\Local\Temp\9b2c4bb6-7efa-4a95-9e1c-21919a39ab70.tmp" --source=lite --variations-resource-file="C:\Users\Admin\AppData\Local\Temp\variations_resource" --variations-update-path="C:\Users\Admin\AppData\Local\Temp\0cf0593e-f09b-4a76-8db8-2d4ef06e1a88.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=511006318
            5⤵
            • Executes dropped EXE
            • System Location Discovery: System Language Discovery
            • Modifies registry class
            • Modifies system certificate store
            • Suspicious behavior: EnumeratesProcesses
            PID:5292
            • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe
              C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=5292 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x340,0x344,0x348,0x31c,0x34c,0x9190a4,0x9190b0,0x9190bc
              6⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              PID:1900
            • C:\Windows\TEMP\sdwra_5292_470211609\service_update.exe
              "C:\Windows\TEMP\sdwra_5292_470211609\service_update.exe" --setup
              6⤵
              • Checks computer location settings
              • Executes dropped EXE
              • Drops file in Program Files directory
              • System Location Discovery: System Language Discovery
              PID:1548
              • C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe
                "C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe" --install
                7⤵
                • Executes dropped EXE
                • Drops file in Program Files directory
                • System Location Discovery: System Language Discovery
                PID:1848
            • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\Temp\scoped_dir5292_472186139\explorer.exe
              "C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\Temp\scoped_dir5292_472186139\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
              6⤵
              • Checks computer location settings
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              • Suspicious use of FindShellTrayWindow
              PID:6424
              • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\Temp\scoped_dir5292_472186139\explorer.exe
                C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\Temp\scoped_dir5292_472186139\explorer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6424 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x2d4,0x2d8,0x2dc,0x2b0,0x2e0,0xa090a4,0xa090b0,0xa090bc
                7⤵
                • Executes dropped EXE
                • System Location Discovery: System Language Discovery
                PID:6460
            • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
              "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
              6⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              PID:7068
            • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
              "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source5292_1884432687\Browser-bin\clids_yandex.xml"
              6⤵
              • Executes dropped EXE
              • System Location Discovery: System Language Discovery
              PID:7160
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://yandex.com/legal/browser_agreement/?lang=en
      2⤵
      • Drops file in Program Files directory
      • Checks processor information in registry
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:2444
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x360,0x7ff9a599f208,0x7ff9a599f214,0x7ff9a599f220
        3⤵
          PID:5744
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1696,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=2460 /prefetch:3
          3⤵
            PID:3680
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2432,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=2428 /prefetch:2
            3⤵
              PID:1304
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2184,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=2468 /prefetch:8
              3⤵
                PID:2888
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3440,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=3540 /prefetch:1
                3⤵
                  PID:432
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3448,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=3544 /prefetch:1
                  3⤵
                    PID:4216
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5128,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5184 /prefetch:8
                    3⤵
                      PID:116
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4708,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5156 /prefetch:8
                      3⤵
                        PID:212
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5548,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5516 /prefetch:8
                        3⤵
                          PID:3596
                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5952,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6004 /prefetch:8
                          3⤵
                            PID:624
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5952,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6004 /prefetch:8
                            3⤵
                              PID:4972
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5556,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6172 /prefetch:8
                              3⤵
                                PID:5860
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5616,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5604 /prefetch:8
                                3⤵
                                  PID:4776
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6072,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6248 /prefetch:8
                                  3⤵
                                    PID:6680
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5740,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6224 /prefetch:8
                                    3⤵
                                      PID:6688
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5576,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=6256 /prefetch:8
                                      3⤵
                                        PID:6696
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5360,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5812 /prefetch:8
                                        3⤵
                                          PID:8364
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5464,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5756 /prefetch:8
                                          3⤵
                                            PID:8948
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6316,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=3560 /prefetch:8
                                            3⤵
                                              PID:6756
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6452,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=3560 /prefetch:8
                                              3⤵
                                                PID:7048
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=3776,i,15889953561305322911,9096318160688758169,262144 --variations-seed-version --mojo-platform-channel-handle=5588 /prefetch:8
                                                3⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:7364
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                            1⤵
                                              PID:3084
                                            • C:\Windows\system32\cmd.exe
                                              C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                              1⤵
                                                PID:4728
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                  2⤵
                                                    PID:1736
                                                • C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe
                                                  "C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe" --run-as-service
                                                  1⤵
                                                  • Executes dropped EXE
                                                  • Drops file in System32 directory
                                                  • Drops file in Program Files directory
                                                  • System Location Discovery: System Language Discovery
                                                  • Modifies data under HKEY_USERS
                                                  PID:4584
                                                  • C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe
                                                    "C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=4584 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0xb90b3c,0xb90b48,0xb90b54
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • System Location Discovery: System Language Discovery
                                                    PID:5792
                                                  • C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe
                                                    "C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe" --update-scheduler
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Drops file in Program Files directory
                                                    • Drops file in Windows directory
                                                    • System Location Discovery: System Language Discovery
                                                    PID:4344
                                                    • C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe
                                                      "C:\Program Files (x86)\Yandex\YandexBrowser\25.2.5.953\service_update.exe" --update-background-scheduler
                                                      3⤵
                                                      • Executes dropped EXE
                                                      • Drops file in Program Files directory
                                                      • Drops file in Windows directory
                                                      • System Location Discovery: System Language Discovery
                                                      PID:4600
                                                • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                  "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=524930 --ok-button-pressed-time=502411865 --install-start-time-no-uac=504927510
                                                  1⤵
                                                  • Checks computer location settings
                                                  • Executes dropped EXE
                                                  • Loads dropped DLL
                                                  • Adds Run key to start application
                                                  • Drops file in Windows directory
                                                  • System Location Discovery: System Language Discovery
                                                  • Enumerates system info in registry
                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  • Suspicious use of SetWindowsHookEx
                                                  PID:5928
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=5928 --annotation=metrics_client_id=1323c0ae4e78499c955c7153e33cb33d --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x180,0x184,0x188,0x15c,0x18c,0x71e4fd98,0x71e4fda4,0x71e4fdb0
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6044
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --no-pre-read-main-dll --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=2348,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=2344 /prefetch:2
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6548
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --no-pre-read-main-dll --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2180,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=2616 /prefetch:6
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6596
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Network Service" --field-trial-handle=2684,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=2780 --brver=25.2.5.953 /prefetch:3
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6788
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Storage Service" --field-trial-handle=2968,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=3436 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6820
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Audio Service" --field-trial-handle=3232,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=3656 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6824
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Video Capture" --field-trial-handle=3288,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=3880 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6880
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Data Decoder Service" --field-trial-handle=4028,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4064 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6912
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --may-use-trampoline-gpu --field-trial-handle=4440,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:1
                                                    2⤵
                                                    • Checks computer location settings
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:7028
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Profile Importer" --field-trial-handle=5136,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=5148 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:2788
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=uwp_cookie_provider.mojom.UwpCookieProvider --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name=uwp_cookie_provider.mojom.UwpCookieProvider --field-trial-handle=4828,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4420 --brver=25.2.5.953 /prefetch:8
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Loads dropped DLL
                                                    • System Location Discovery: System Language Discovery
                                                    PID:6616
                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\setup.exe
                                                    "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\setup.exe" --set-as-default-browser
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • System Location Discovery: System Language Discovery
                                                    • Modifies registry class
                                                    PID:2164
                                                    • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\setup.exe
                                                      C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=2164 --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x340,0x344,0x348,0x31c,0x34c,0xce90a4,0xce90b0,0xce90bc
                                                      3⤵
                                                      • Executes dropped EXE
                                                      • System Location Discovery: System Language Discovery
                                                      PID:5988
                                                    • C:\Windows\SysWOW64\regini.exe
                                                      regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1370627623\w.bin"
                                                      3⤵
                                                        PID:6224
                                                      • C:\Windows\SysWOW64\regini.exe
                                                        regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1920355567\d.bin"
                                                        3⤵
                                                          PID:1232
                                                        • C:\Windows\SysWOW64\regini.exe
                                                          regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1920355567\w.bin"
                                                          3⤵
                                                            PID:2844
                                                          • C:\Windows\SysWOW64\regini.exe
                                                            regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1731745139\d.bin"
                                                            3⤵
                                                              PID:7176
                                                            • C:\Windows\SysWOW64\regini.exe
                                                              regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1731745139\w.bin"
                                                              3⤵
                                                                PID:7268
                                                              • C:\Windows\SysWOW64\regini.exe
                                                                regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_211098789\d.bin"
                                                                3⤵
                                                                  PID:7324
                                                                • C:\Windows\SysWOW64\regini.exe
                                                                  regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_211098789\w.bin"
                                                                  3⤵
                                                                    PID:7372
                                                                  • C:\Windows\SysWOW64\regini.exe
                                                                    regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1703700227\d.bin"
                                                                    3⤵
                                                                      PID:7448
                                                                    • C:\Windows\SysWOW64\regini.exe
                                                                      regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1703700227\w.bin"
                                                                      3⤵
                                                                        PID:7504
                                                                      • C:\Windows\SysWOW64\regini.exe
                                                                        regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_2048261245\d.bin"
                                                                        3⤵
                                                                          PID:7564
                                                                        • C:\Windows\SysWOW64\regini.exe
                                                                          regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_2048261245\w.bin"
                                                                          3⤵
                                                                            PID:7624
                                                                          • C:\Windows\SysWOW64\regini.exe
                                                                            regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1022206747\d.bin"
                                                                            3⤵
                                                                              PID:7676
                                                                            • C:\Windows\SysWOW64\regini.exe
                                                                              regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1022206747\w.bin"
                                                                              3⤵
                                                                                PID:7724
                                                                              • C:\Windows\SysWOW64\regini.exe
                                                                                regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1736104095\d.bin"
                                                                                3⤵
                                                                                  PID:7780
                                                                                • C:\Windows\SysWOW64\regini.exe
                                                                                  regini.exe "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\Installer\Temp\scoped_dir2164_1736104095\w.bin"
                                                                                  3⤵
                                                                                    PID:7828
                                                                                • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                  "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --help-url=https://api.browser.yandex.com/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://brontp-pre.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=2696,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:1
                                                                                  2⤵
                                                                                  • Checks computer location settings
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:2176
                                                                                • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                  "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Windows Utilities" --field-trial-handle=4888,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4076 --brver=25.2.5.953 /prefetch:8
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:6888
                                                                                • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                  "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Windows Utilities" --field-trial-handle=4816,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4140 --brver=25.2.5.953 /prefetch:8
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:8748
                                                                                • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                  "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --user-id=A763CB3C-E7A7-4D1E-9884-06F1FEE4D292 --brand-id=int --string-annotations --process-name="Windows Utilities" --field-trial-handle=4672,i,1406900510490092984,13855365061829278963,262144 --variations-seed-version --mojo-platform-channel-handle=4100 --brver=25.2.5.953 /prefetch:8
                                                                                  2⤵
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • System Location Discovery: System Language Discovery
                                                                                  PID:8760
                                                                              • C:\Windows\system32\cmd.exe
                                                                                C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --shutdown-if-not-closed-by-system-restart
                                                                                1⤵
                                                                                  PID:6888
                                                                                  • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                    C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --shutdown-if-not-closed-by-system-restart
                                                                                    2⤵
                                                                                    • Executes dropped EXE
                                                                                    • Loads dropped DLL
                                                                                    • System Location Discovery: System Language Discovery
                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                    PID:2824
                                                                                    • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
                                                                                      C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" --url=https://crash-reports.browser.yandex.net/submit --annotation=install_date=1751308686 --annotation=last_update_date=1751308686 --annotation=launches_after_update=1 --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=2824 --annotation=metrics_client_id=1323c0ae4e78499c955c7153e33cb33d --annotation=plat=Win32 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=25.2.5.953 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x71e4fd98,0x71e4fda4,0x71e4fdb0
                                                                                      3⤵
                                                                                      • Executes dropped EXE
                                                                                      • Loads dropped DLL
                                                                                      • System Location Discovery: System Language Discovery
                                                                                      PID:4684

                                                                                Network

                                                                                      MITRE ATT&CK Enterprise v16

                                                                                      Replay Monitor

                                                                                      Loading Replay Monitor...

                                                                                      Downloads

                                                                                      • C:\Program Files (x86)\yandex_browser_installer.log

                                                                                        Filesize

                                                                                        25KB

                                                                                        MD5

                                                                                        31d5cc9e9cddc1af11faa74c9593afd0

                                                                                        SHA1

                                                                                        d76b75eac0301cdabbef55827b40fb77bbb8feac

                                                                                        SHA256

                                                                                        03cae35929240c13c973daf40ae990c9f535b5ab53cc000ee680e223f9323a2c

                                                                                        SHA512

                                                                                        c0ea460e88ac974393b3d1ca378d7bb3ba038c0341917f0a0358589ed900f464f424bbcfb68efccbc733a023e6ccb707e246cb068bd6381a7ac7714e7835effd

                                                                                      • C:\Program Files (x86)\yandex_browser_installer.log

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        b4138ab0bf2bf3be822bfa6624accd8a

                                                                                        SHA1

                                                                                        f8741a1e1ae4e421e8120beda1eded33d6b1c60f

                                                                                        SHA256

                                                                                        61908742e2fe1c5dbdf06512be595333d1d8df032ed355a9e1e0b47af0e9b0fc

                                                                                        SHA512

                                                                                        f0377865a0e6539dedf2943b9d728923aad7e0710fab1cbaf4391daeb862a1bfec9debf9013d3f4a9c0457fc3b1f456b57aabd3c11526314102eb1cad9bf5152

                                                                                      • C:\Program Files (x86)\yandex_browser_service_update.log

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        e4873686b6c7e3b3e67e269c39560a9b

                                                                                        SHA1

                                                                                        534f9119e5f1e1d2c4ed0f105ee0fbee45a23ff9

                                                                                        SHA256

                                                                                        318fe1c4e1e59ea488a5a63aa81ba15dadcb948f0d55d3ef6726ae900c87de8e

                                                                                        SHA512

                                                                                        9fa583d5fec542404661bc843d508f01bc499ca7406345d7e8ec98da4ec6b04c01865620dc3252eb1b3a71db6b96815da0cae319623ce49c7e4615954b007340

                                                                                      • C:\Program Files (x86)\yandex_browser_service_update.log

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        d763eeebdd4bf4e9200f1e8b6f7950e5

                                                                                        SHA1

                                                                                        a3be1c32c3827c1d757166deecaadbdba99e5c7b

                                                                                        SHA256

                                                                                        729b0ad65e8e141bf423d8c957e62932ff1f71e955d7dfd2a3222da2f949b29b

                                                                                        SHA512

                                                                                        c29afd818d597692b04799f9a5d2ab8513d7522df3e1e7d1a1289b00467c23b12d684bff5441a250833284edecb27c558bdfc05feea55df488ca82415d0f9a49

                                                                                      • C:\Program Files (x86)\yandex_browser_service_update.log

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        b688f7fc273a07b67800ec7e52d482d4

                                                                                        SHA1

                                                                                        bce668bf4e9ce5076497cd8c091a2940daa2a87a

                                                                                        SHA256

                                                                                        10865177ff26aad96dbb7a599890405884a459b5e761adb8390a375e29333ece

                                                                                        SHA512

                                                                                        6de30ab8f4faa1dd4000e60aaf66176edc4138ef46819b20135225562d3898ecf9bc2d0faa5e8e33e2237acaadaf81bc5402a8d89574bf4d2c0349e1169a2eb7

                                                                                      • C:\Program Files (x86)\yandex_browser_service_update.log

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        8aa79c2080680bdb652b76aa2ed52d50

                                                                                        SHA1

                                                                                        f6cd0223baa3a4445420014f45ddf5e38a16fdb0

                                                                                        SHA256

                                                                                        05ca3da21deaff921ef41f3a1a0bf11b86d104028ba3ce05995fc75e2ae6bd1d

                                                                                        SHA512

                                                                                        ac2697cc6adb1d216fa0d79051994710bce07bf4cf77329f882a8664464bd4953fe34cc48e0df7acd92ff6fc680d39ed104b72684417ec7fee6be8074f54a9cf

                                                                                      • C:\Program Files (x86)\yandex_browser_service_update.log

                                                                                        Filesize

                                                                                        6KB

                                                                                        MD5

                                                                                        9d1dfb8722c79c943a430da0aa1ff910

                                                                                        SHA1

                                                                                        865a7603b60b89eef204d4e31ddacbb135acaa27

                                                                                        SHA256

                                                                                        14515e3951eaf7dcc9485a91931514f40a58094bd443d4a76f2c01a4c31244b4

                                                                                        SHA512

                                                                                        3697f93a66ffda2431e22dfa8a6330d493ec36ffefb25fdcdc59aa0f4dcc808536b3a584d6463735692e68c49da2c432457668eaad644705df8a270e45dc293a

                                                                                      • C:\Program Files\chrome_Unpacker_BeginUnzipping2444_355376685\deny_domains.list

                                                                                        Filesize

                                                                                        12B

                                                                                        MD5

                                                                                        085a334bdb7c8e27b7d925a596bfc19a

                                                                                        SHA1

                                                                                        1e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2

                                                                                        SHA256

                                                                                        f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85

                                                                                        SHA512

                                                                                        c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34

                                                                                      • C:\Program Files\chrome_Unpacker_BeginUnzipping2444_355376685\manifest.json

                                                                                        Filesize

                                                                                        176B

                                                                                        MD5

                                                                                        e7314184e67b4501f5048c2e5f181d96

                                                                                        SHA1

                                                                                        f741a8a1b8c18c8d4974f937ef589b134dde5419

                                                                                        SHA256

                                                                                        7bd96fc0239229d64cc38693c64f2524d95711534c606b2b39957af8411d870a

                                                                                        SHA512

                                                                                        773ff8228cc87677e3f74667b61db59decfccb6ca4da80a5ac5e0aff0e3102e08e6c1561df35b9ed64c8b7db8dc8ed27210c2ca0139ec85d17f9e3f57018a086

                                                                                      • C:\Program Files\chrome_Unpacker_BeginUnzipping2444_619473589\manifest.json

                                                                                        Filesize

                                                                                        238B

                                                                                        MD5

                                                                                        15b69964f6f79654cbf54953aad0513f

                                                                                        SHA1

                                                                                        013fb9737790b034195cdeddaa620049484c53a7

                                                                                        SHA256

                                                                                        1bdda4a8fc3e2b965fbb52c9b23a9a34871bc345abfb332a87ea878f4472efbd

                                                                                        SHA512

                                                                                        7eeee58e06bba59b1ef874436035202416079617b7953593abf6d9af42a55088ab37f45fdee394166344f0186c0cb7092f55ed201c213737bb5d5318e9f47908

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        dc4ef674729c69dc6f8ce01e7713951e

                                                                                        SHA1

                                                                                        5218e2fa77c1432e5369892c6a1aeb713f14899a

                                                                                        SHA256

                                                                                        87042a859dc3b2b263fa84ee65231e68eddd470b69ba3822ee16e5c28af2c6e3

                                                                                        SHA512

                                                                                        09ed28945f51d4b3a3f178f5c56ecf298a0a9f573ab6f731eae675235e0c2ea9cce5136045e03ea96fa4cc3f6d0865bfd55065df9251758aa922d1f92e751510

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        498ad9853d167f2f1bde3f58ee8c63fe

                                                                                        SHA1

                                                                                        c7b079f72b4c80ae13263bab48fb114925d20982

                                                                                        SHA256

                                                                                        30790c363a1ba95a6397bbb1887a15464d17e82dcf50e6b08c45283b1e350c9b

                                                                                        SHA512

                                                                                        55cba5fd06dfc36bb3b776c5354e32d06aa502375c7bbe152ba774206bb69f6e134cde441133bf9dc9935bf1ad1a1c93359cd6bffef7bcbc4cd462cac0a4165d

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_2160353AED26D1201CFEDFD521209521

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        e185f054ea313d4383e6fbbca506964d

                                                                                        SHA1

                                                                                        bff51b14a76fe56ed31eb2d0f0867d2108d4cbf3

                                                                                        SHA256

                                                                                        dbc877e50348681c90ab6283640aa56da97e7a767a8674a1a47dc42d9cbfdc16

                                                                                        SHA512

                                                                                        d346417a319c65ab5d8c17f8aa7ead94a76b594e72362d566d4a8901a127da7a0bf2ddfee0e0602245fa32e1e224277be1f6264b952c7dcf6bd2ed6a835d72a2

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        4f4204ca6f9dbdefed65431e0d098e97

                                                                                        SHA1

                                                                                        f7f84842ee09e79b6d0cfc0ff0b2eac1dc34c59f

                                                                                        SHA256

                                                                                        92b0ad5f9eca16316e7ae307882816e4c6d40ed55af9fab98dc710951bee9cce

                                                                                        SHA512

                                                                                        17037175acd0797b88bc1e874dd79d9c36d0c740dc8b232a0fb5f0dc139e71fbfce10a14ddc6ce463fc6da0c9e76399c04e6929dcd36bfc7962d7223a13458f0

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        13f1eafc777b2b679e11196beb890dd2

                                                                                        SHA1

                                                                                        ec3997038b51c65dd86151941310d5a81d79f439

                                                                                        SHA256

                                                                                        0ac214f927d602ff2a4aa3fb178ab0489261d207dfbc803f7317265aa326f9e7

                                                                                        SHA512

                                                                                        eb8154daa6c8f39b0d2f58c4747e92510ee2a7c7b99137213417f9940e498003d0f7a5f41aa88fa498f704d17e79f46812099f669cb196a7c090a5a4c30c2526

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        6fe28659ba9a49940f4cd0374ea0ac60

                                                                                        SHA1

                                                                                        6f074f8f91774468518d3030225823498c65a60c

                                                                                        SHA256

                                                                                        d082c00af8949078f9a14f19305c7e49a3e07c8e3f78f62a424a6c23aa3a44b0

                                                                                        SHA512

                                                                                        3189a298cbc204033aeef5635102ef08ea3e01a10fa03123dbd3d9c3e05804f89d5f4e3b6dcedcbad283e45aec48c21cd4d833ab2a723e98f19f1f150c1c01c0

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D

                                                                                        Filesize

                                                                                        488B

                                                                                        MD5

                                                                                        0eaa430b224ab01a0c709f1579e7e93b

                                                                                        SHA1

                                                                                        5b9de61696d36a38974848124c125def7d3cd52a

                                                                                        SHA256

                                                                                        46113ddb105d6c3d7510b584230fde04f9144004334fd8a1cfcae7d473c54974

                                                                                        SHA512

                                                                                        e3f48f612a6e00a38808d07c9652e31d6ac8228a219a511212284837ea6191139c5afbd84942dae65475a243b1b0d86eb4687959e2df30c634e9c752e10f24c7

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B

                                                                                        Filesize

                                                                                        508B

                                                                                        MD5

                                                                                        668197979aeadf55b56378c56fc27456

                                                                                        SHA1

                                                                                        463801e6a36a30dffa2199b6dc7f107fe6cc75fe

                                                                                        SHA256

                                                                                        f74002fa936b1fe49ab5f1b4200b36ee51123f3d9846ea0422eb536d7f4c1d32

                                                                                        SHA512

                                                                                        b89f8b4a9029b460d6fef7691a8360c7bd3b0259586add0a297e2506fe50586d4e6df8ce3f8cc1d63f962aaf20f90715541fd70c32cbf4fe6900ae4d69d45e3f

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_2160353AED26D1201CFEDFD521209521

                                                                                        Filesize

                                                                                        532B

                                                                                        MD5

                                                                                        cddda702e71714964b2a47d8d5110231

                                                                                        SHA1

                                                                                        a66801c75dacc601f4af23eeff54a7d15c1a3cf8

                                                                                        SHA256

                                                                                        de89d5ce717583a1acd87754fca787163272b8ec1ff401f221dc2fed7bb49fbf

                                                                                        SHA512

                                                                                        c8ab313826c4e4e8df6e46077cd9ff694a390c5ec7d1242003f836712498caf3fc767b842dc27c9d15d68ca729289cc3db244b90aee3465bf983e457ad0a2a20

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_394487CAFBCFB8C5917AD7A10924C8A7

                                                                                        Filesize

                                                                                        536B

                                                                                        MD5

                                                                                        cb848cfc89680eeb6efb986aa3ce014a

                                                                                        SHA1

                                                                                        60635f911c35bf9ae902239b3a4ecde7cdca9bd0

                                                                                        SHA256

                                                                                        63ca4b058ecc3a98aea5073fb9e9c4aed4d1d4e30a5ea621ca50bde7f4ced222

                                                                                        SHA512

                                                                                        193bc3b35816bc4e3c3a327360b02abfcbc52fb9bee75d4f56a6af5f9a4c78e985099d17ddd12ee98e4c3fc0e954fa488b1ab94ab4900da786d9799ab1ca8245

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E

                                                                                        Filesize

                                                                                        536B

                                                                                        MD5

                                                                                        91c7d016991bd227b1c7291772f53a3a

                                                                                        SHA1

                                                                                        2a54a29b314fc7f381f937115e4b9c0f421b14df

                                                                                        SHA256

                                                                                        fc47a9acc0da7efb07544fb8609cfa360cd840e6c83f412614015fd5520bfc94

                                                                                        SHA512

                                                                                        33f0defb4bd7b23c8d1f60cfc84a79e12942e9a6204537e7de976a42d806562d6a1665ecc47a178fee507253985cf33514003d749880c978e0c1deb5995bb015

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D

                                                                                        Filesize

                                                                                        496B

                                                                                        MD5

                                                                                        a356a4bc93f9a93fb44f7d93e0386092

                                                                                        SHA1

                                                                                        dcd3b98b81dc0dfea8b70063a2c7d3f16f4b5341

                                                                                        SHA256

                                                                                        d3b9db67871994c190f995d563e12af29d4196a99a67a4cd44f93984445209de

                                                                                        SHA512

                                                                                        9608c5d0e4e81f73106e6436efb65cb83a1781d9ddc6aaa7701af0017877dc99d9f33e46fc489ef8de06dfa49dcdac04bab0297f769198a8101d4f3a3258d79f

                                                                                      • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3

                                                                                        Filesize

                                                                                        506B

                                                                                        MD5

                                                                                        023e1c45635d8f621457815d9e259550

                                                                                        SHA1

                                                                                        8f8ff19bbe52f32c125e5ea4f034584ccb3120d8

                                                                                        SHA256

                                                                                        27ec0b9014ada3b3b8b91168a0d65d4903b0fcc4a3f25022e1d0f1c70f595e9c

                                                                                        SHA512

                                                                                        47ebdfd9ccb8e7a898aa8db8993570e917221ec01d2d49c4b2f1b6c36ea8cae572ef4464f60936f559acb525a33ccc2840929eb92a3842bb401662b9a2f19f88

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                        Filesize

                                                                                        280B

                                                                                        MD5

                                                                                        2294f3d9a64baef128a25b87589d389f

                                                                                        SHA1

                                                                                        424e387efc6a6a15e78b75f6993c1c2b3075b1df

                                                                                        SHA256

                                                                                        36f7957c705b6991cf14d92a054f5f029666152a4064d59cb0ff3d928b29281a

                                                                                        SHA512

                                                                                        bb23f81a610122ced958c119f398ccb753bc760084b92484f78a9459cc4d055ac6268aecaa350bc311fddbc08be89103ff36ebfa92e240e383ee2f155e899858

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                        Filesize

                                                                                        41B

                                                                                        MD5

                                                                                        5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                        SHA1

                                                                                        d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                        SHA256

                                                                                        f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                        SHA512

                                                                                        de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        e16fcbba1b7ac3a2f01ac602184f27e4

                                                                                        SHA1

                                                                                        b82491bd3b1224d46a3c0ba47e90ff9d585758d1

                                                                                        SHA256

                                                                                        bb4374fd58237d026569aff309c5601aba1422fafff5c85ab1e8b2a72841daba

                                                                                        SHA512

                                                                                        6b4fd11f9792ca303f31f3bca653b4d647e8e23bab8149e48cd8f538d0bb5b0449c88d430dd98a47546976cc07d2ee962f5fa832b9c7e44462d65a856c3b60ba

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe589621.TMP

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        cc27b3e03388a4b7c2f58d7e21e4b6a5

                                                                                        SHA1

                                                                                        b54ea4747256ea9cd4f4da5007dd5f508ddfb28b

                                                                                        SHA256

                                                                                        d8e906a2e37b5284f4f0b656e6e835ec9fb9b4764df401a3b4c6201ab5acd915

                                                                                        SHA512

                                                                                        c554eb8996090b25faf2f47a07b293d32cd9fc4691d48eac7241b9753e3f45356eca5d54a1845eca8f89f6d9643abc72372e7a2451e0c54e6276ed8fb07dc78e

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                                                        Filesize

                                                                                        2B

                                                                                        MD5

                                                                                        99914b932bd37a50b983c5e7c90ae93b

                                                                                        SHA1

                                                                                        bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                        SHA256

                                                                                        44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                        SHA512

                                                                                        27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

                                                                                        Filesize

                                                                                        16B

                                                                                        MD5

                                                                                        46295cac801e5d4857d09837238a6394

                                                                                        SHA1

                                                                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                        SHA256

                                                                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                        SHA512

                                                                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                                                        Filesize

                                                                                        108KB

                                                                                        MD5

                                                                                        06d55006c2dec078a94558b85ae01aef

                                                                                        SHA1

                                                                                        6a9b33e794b38153f67d433b30ac2a7cf66761e6

                                                                                        SHA256

                                                                                        088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd

                                                                                        SHA512

                                                                                        ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        c977881bd63b4862490cbe54b296432c

                                                                                        SHA1

                                                                                        f8bf5c11bfbd6fb07af0db16379383c699949c6a

                                                                                        SHA256

                                                                                        aabd56b92398fa53a5cae0320417d84b9498d7558a354ce12a236f2b69f58275

                                                                                        SHA512

                                                                                        781885e26bfbaad5fac0afddf71e20b907b33dfd2d24d7dd466aca15a54f648b7d13fa81ec8da51924e5cc97bebfd3efa7b5453192823ef1979ff75579bc865d

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                        Filesize

                                                                                        2B

                                                                                        MD5

                                                                                        d751713988987e9331980363e24189ce

                                                                                        SHA1

                                                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                                                        SHA256

                                                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                        SHA512

                                                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

                                                                                        Filesize

                                                                                        40B

                                                                                        MD5

                                                                                        20d4b8fa017a12a108c87f540836e250

                                                                                        SHA1

                                                                                        1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                        SHA256

                                                                                        6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                        SHA512

                                                                                        507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        16KB

                                                                                        MD5

                                                                                        7431a6be24166d1b99ea303affea0440

                                                                                        SHA1

                                                                                        357cbe81fd9eec932e832f36c5eb245ffceed48b

                                                                                        SHA256

                                                                                        12423e0621d4bdee52b7571a2d535039cfce95ce8078347d56bb9f9f36ee9557

                                                                                        SHA512

                                                                                        8fd47a33cb467cde793bae3283bc7fb350a0c538cbf26a9b15bfd13b9f55016cf850f3c6538f39f388972725cdc9a52641e065b9c1715b5c9636c06e9e9f86d4

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        16KB

                                                                                        MD5

                                                                                        7b75b600914af462f8f7c1a16bc1bcb9

                                                                                        SHA1

                                                                                        dc97f405ac952a4cef871d2d2ed3d210ac5ec777

                                                                                        SHA256

                                                                                        334a73f97f00e408828b829195d1926d877ab248d033ceaec3617e586e542b7b

                                                                                        SHA512

                                                                                        0e00fbdde12b7afaedb72017f00b40c6da123479d25c84588095fe43aa864cf18a558bca0c020373e0778e256db300bdf80665070944d66c1994a417c6a58247

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                        Filesize

                                                                                        36KB

                                                                                        MD5

                                                                                        8374ef4595e5e7cb94c85973ad92f5a8

                                                                                        SHA1

                                                                                        27d5d1c19cb7ee7c11c7153fdebe5930c5386e29

                                                                                        SHA256

                                                                                        9a07c24b8b3b0b586b013a3c0734696456bcbad0926644d1969e152fb4ba2012

                                                                                        SHA512

                                                                                        800b799dedd7a5f5d63a419b4b3e1e09abaf9df90793a8fd6ef2fe1a0a0e148f5ad3ff527bb4d9640532758d7d1dc5ca6c14d1376b1011881c0278f847c0087f

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                                                        Filesize

                                                                                        22KB

                                                                                        MD5

                                                                                        c5b642d5f0f040e9650e680024144452

                                                                                        SHA1

                                                                                        cf62c45af549334785f0426a7d42033e006fbf38

                                                                                        SHA256

                                                                                        92b1fe0fb514d6f434af4e2af8eb25913ac0c0107be03ffb2fcab8f7f04fcfdb

                                                                                        SHA512

                                                                                        88a4f82d4d80ade0710610959fd0c86c5d5094c42677a5513ca5266ba855c2b53705ae041905226c136d3a380254e6d56b5e792d2f178bf101533a71af150207

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

                                                                                        Filesize

                                                                                        464B

                                                                                        MD5

                                                                                        8feabdb87b20f0415064bcbe06df6f24

                                                                                        SHA1

                                                                                        1d15518341aca4dc1b80d0b44f63fc2f685bcbc3

                                                                                        SHA256

                                                                                        3505b71f1e1142b69db65223956b36dc0deb5e42490402e98b6bf49d77444042

                                                                                        SHA512

                                                                                        aeabcee879eef6cac3f08536bcbbad27ba3ccf55b1f1e58a9cb1722ec6a85664288befa570cc82913f2e2ff80d9f3623160b35ca67f861e75c9e4c1706f72994

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                        Filesize

                                                                                        45KB

                                                                                        MD5

                                                                                        81796305edb2024be5424aee01e4b514

                                                                                        SHA1

                                                                                        29896a9e5af8622433a76a52e368bd15216dffd5

                                                                                        SHA256

                                                                                        fa9bffb84f9737d518773cd7b8843eea42d9f7de8dfed7a728fb22f2c4f9e36c

                                                                                        SHA512

                                                                                        a76a87531da387a48ee52c4eac30530d582724934b8f87e36a1816dedbe2f8032f907afd82a416ab35342289088eb104306801e242f44103c9ed754d9aa4088c

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                        Filesize

                                                                                        38KB

                                                                                        MD5

                                                                                        b3830d65ea69c2a1896336b47264aebe

                                                                                        SHA1

                                                                                        313792dfd3acf297f1c0408712bdf7ee8111e8c3

                                                                                        SHA256

                                                                                        3897b9f6fae0bbfcacc84a4bbf99cccbc77782efdea3a70c22e35c2b2d009b6c

                                                                                        SHA512

                                                                                        46bf549f39dd3b42ebb22eb0a155fcd740c7ca0c49f7262011e4f0b8880ed6da033747cbef40cdfed7d35ac452d9e8bc8cdbaead357a6b87ce754088735ef964

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                        Filesize

                                                                                        38KB

                                                                                        MD5

                                                                                        43119ded80db6e3fdedd14ffc6ed0c41

                                                                                        SHA1

                                                                                        aec0910ed080bf78fc81e2c58f1a63a4ef0d8588

                                                                                        SHA256

                                                                                        c2986eda54086d4b100dc7c458b6b9c015ad04424212c4e3b3ab49ec42802c24

                                                                                        SHA512

                                                                                        5e2ab0978fd4d75582321627f9a9a2bf2c6a3ecad3b7592c2b7526cc6d2b761223bd82190a61672527bf293cb1f318392ac997b99b13a571a97b4417f6188441

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                        Filesize

                                                                                        45KB

                                                                                        MD5

                                                                                        dcd8a3eccfa3b080b522035427d5da9c

                                                                                        SHA1

                                                                                        0cc65a880867f2108d0e08dd90822f146b3ddbdc

                                                                                        SHA256

                                                                                        7c0e238dab5c4b9f0cb49d41c7d9452c009542ee3f47c7664a5b03c291401c03

                                                                                        SHA512

                                                                                        0c3615a9e128b221b3c69e30945545a27a18cdf2dc18b7f399e5a0dad4593b1642a4f45e17cfa894cd0df2792968a31960f3f393426ae930067c8340cbb6eebf

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                        Filesize

                                                                                        45KB

                                                                                        MD5

                                                                                        57c6583ea43509334e59759814ff08cf

                                                                                        SHA1

                                                                                        76e2fd65c0115debfba76134e29fd70e2fdb1bcc

                                                                                        SHA256

                                                                                        e219ca3067cda3b222151a886be13a9c724e2cd67c3d97b569ac09560d4614f0

                                                                                        SHA512

                                                                                        478c425ae393e80a1290d4a3697289f6e7dcc758bd9c1cdb12903f9dcad01e582d12b37e3114f07b8f8fee8d76f99f4a914a04fc7f44f68d5af0229211fd80a6

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

                                                                                        Filesize

                                                                                        156KB

                                                                                        MD5

                                                                                        b384b2c8acf11d0ca778ea05a710bc01

                                                                                        SHA1

                                                                                        4d3e01b65ed401b19e9d05e2218eeb01a0a65972

                                                                                        SHA256

                                                                                        0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b

                                                                                        SHA512

                                                                                        272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be

                                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        320397ce031859f60b3bb3acbb260adb

                                                                                        SHA1

                                                                                        80373db98edae21b33d404bd9f0d3b3e42d2063b

                                                                                        SHA256

                                                                                        7a76a60fbcc83b9b7e51640d757fb6818e49096282fd557822e903b6678af88a

                                                                                        SHA512

                                                                                        354767abaebe43e7ddf9102c05d101cddfc910febe3c7b2fd51a018b3f8a2133a8b2deb27b4b6c6a017f5cb3322b48b04292627591c87e41bc8f0440cf62d3e3

                                                                                      • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\BRAND_COMMON

                                                                                        Filesize

                                                                                        26.5MB

                                                                                        MD5

                                                                                        89eaa2131f58f4e3ef79e7f161bf9fa6

                                                                                        SHA1

                                                                                        0538efcabb569f0f96d27b857ea6d72a97aaf625

                                                                                        SHA256

                                                                                        deee73c72269fac306789c9a5f9768743ba6e4cb3107513faa3f68ae564b96ec

                                                                                        SHA512

                                                                                        159b10393436a0c596aa506fed8753bcc6fa40b8b9060a439d32cfd5f5fcf2086d2f78ebff1875df6e390c089f83fd98af46e14792d6a7c834f13f4afc0d0050

                                                                                      • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\brand_int

                                                                                        Filesize

                                                                                        6.3MB

                                                                                        MD5

                                                                                        5759d6b0f32889fd68cd5405e13ea540

                                                                                        SHA1

                                                                                        ac8f7e15cf6969a14bfee188051d7c616f33f743

                                                                                        SHA256

                                                                                        7df21eb7620d75f5aff07f7d1201e31ece3adc7f5685b54a6d0fd20a2c43c119

                                                                                        SHA512

                                                                                        b80047937970c67990cd78d1ae37b4a376cd92b376098eb166a113697d2e6913fb56ba60f5f9f5c4f51aae956158b1050dd6b8249fb6d95c65f789fff7ac8e62

                                                                                      • C:\Users\Admin\AppData\Local\Temp\YB_0FFC5.tmp\setup.exe

                                                                                        Filesize

                                                                                        4.6MB

                                                                                        MD5

                                                                                        6a490251b60066a9326877bff301d0e6

                                                                                        SHA1

                                                                                        2b0d8b16593643a73dbc519b32fad7e0003c7ed3

                                                                                        SHA256

                                                                                        48cba769982d6441099a20da6f4c66394f9c09dbbd49ecab310b75b4944e6c05

                                                                                        SHA512

                                                                                        65925762130efc9ea0016b329497332a56d2c636df6bb3353473aec6ec227fe3b799422f3148ca28a7efebd871deb3afb61713b20c1ec87fc20b9ee41b5987ba

                                                                                      • C:\Users\Admin\AppData\Local\Temp\distrib_info

                                                                                        Filesize

                                                                                        352B

                                                                                        MD5

                                                                                        1bc39f0fb56a6fe09d13d11dfecbe263

                                                                                        SHA1

                                                                                        d5121750566e1941ced27d58c009f3ee953161c8

                                                                                        SHA256

                                                                                        afb57909c11993cd2f297dc9f7898a573b5e92d2dc333a18b4611bc6e6d6ba7e

                                                                                        SHA512

                                                                                        1d30a63df9fcb6e3f55dbc8403077fb639cb19c9ede383afde6a9b8977dd81927c70d519ef1dbd4095d636a9a171790f878c00f84b93e6985e560dc5f64db8e8

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        399a0cc0d4dad42458d37f4047a486d8

                                                                                        SHA1

                                                                                        898e1a16ac0d64ad91c441afc95ac1ddc46d44f9

                                                                                        SHA256

                                                                                        2195f1c4406f4f3dc42243aaf670dc6aab34009f7013eb973bea2baae58e635f

                                                                                        SHA512

                                                                                        64b60a18d71fcd1b64f83097fe994a053013de691f3334d4af95fd84006926f418e84df1877ed19733bec5bb3cfb77ee0fcc8b6d943cbaf8579db74abb067486

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        18KB

                                                                                        MD5

                                                                                        14adb3141c89a041116b1f09d68df311

                                                                                        SHA1

                                                                                        218c4bda966984b3ce763f405020c6f806762578

                                                                                        SHA256

                                                                                        486bc935aec9eecea518fbc1a46d9dd7ae755d17419828a606231a80ff40d008

                                                                                        SHA512

                                                                                        55dc7fd634a03e70315cae82be02f0d7c8bdbbd61ba3f28b590f8ddba5b436f3825c81ed0ca34f1bab85fbcf3db2920749bc98f0144002bac04ce980e7b6d989

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        20KB

                                                                                        MD5

                                                                                        9c12dcd5304a1cbb46fb7b6a9a7bfa2b

                                                                                        SHA1

                                                                                        311c2469db4a650862764da39969ad9250bd04b0

                                                                                        SHA256

                                                                                        8519b48abac3155c8763503d63b68efb9aa94f8d75684bd4681f0112ee0d9ce4

                                                                                        SHA512

                                                                                        ac95f074911728f0718fc64d20f7f9c8e41514ebd146927d03c0cad53fec70118336b091d499a13f52db561d846c4d8dc94b9a11f16d946653d32c4a45d982e6

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        6KB

                                                                                        MD5

                                                                                        a9732f48c4c54807493883c9bc3bafa3

                                                                                        SHA1

                                                                                        3e1e6d5fa8e27c18332f800ae4091a332bd7a850

                                                                                        SHA256

                                                                                        e85d84265fde313a5a333a5c78cd57fbaafe238da453beb9366290db0f96a418

                                                                                        SHA512

                                                                                        90e23c863f962099c16f427a30df57562f5b754be91adc867b3789b36ee54e4c72ffe737ac5b4928c1f01b2944642a73243210a03915a4982219e630a6604559

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        31KB

                                                                                        MD5

                                                                                        8ab877bda87699eba56fb298702ea96a

                                                                                        SHA1

                                                                                        5ea95221e7332785fb4bd95e3ddc5fedeaeee8b7

                                                                                        SHA256

                                                                                        3b780aac9d9fa757e5aa2c82c8e0ff505e496b849869ae6b4f877ece306f8919

                                                                                        SHA512

                                                                                        193e4117ec9d19d1a3486197e5b3d2f0a08c765c176c766f8e501e7f69ef578d93005bb4bed0611121a05ce8396c56ade4201b12b0f8fe6cbdc83742e3656a24

                                                                                      • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

                                                                                        Filesize

                                                                                        31KB

                                                                                        MD5

                                                                                        87d03ae64b8bfdc8912e456e5d2af084

                                                                                        SHA1

                                                                                        66486a75a794de3cd828f320c9c521b84fbe1df3

                                                                                        SHA256

                                                                                        3fe9689d6a2d78bdb423cfe268854c6acd00edfee9b0b2fa3358eef0695d9552

                                                                                        SHA512

                                                                                        2963c6d963ec725600ff5c7e4934ca1d64155b3a320f6b21e9477373569d563acab05b77729fcbb304c6a4d576bf495d3cc9079856f3403b81fdfa2fa875ffd3

                                                                                      • C:\Users\Admin\AppData\Local\Temp\master_preferences

                                                                                        Filesize

                                                                                        689B

                                                                                        MD5

                                                                                        2d4c2d86e4a7d3984ff9eefaa02d0576

                                                                                        SHA1

                                                                                        d92e6fb855ea64a83d91804139610f7d00cc5921

                                                                                        SHA256

                                                                                        2b06ca5554cbe5fb5804b9ddd5deb7e3bd0fa494e943fee13ca7da551b1f77ac

                                                                                        SHA512

                                                                                        ccd203bc6e343d131bae03e8d856c90a4d99f4b4073484a60ef2de7de4bf5ce395df3674853a91509bface588c0e394eabc7e7b304990d2691ae7413619054fb

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\25.2.5.953\brand_config

                                                                                        Filesize

                                                                                        6KB

                                                                                        MD5

                                                                                        098faca683b8b0981cd1985bcae0e83b

                                                                                        SHA1

                                                                                        dd1a0956bfaac9e4a2ca01bcee213224ad9eadc8

                                                                                        SHA256

                                                                                        32589433fa2d8492f8d8d40bbfda0d00ae3aa857e2131fe297e8812d00d86277

                                                                                        SHA512

                                                                                        ccb279b6caeb5213f2358abaee480e9e6f8eac6d4e5ff389eb14ac0daf7f40d5f8d8fa407a0775032bd699f88116201048587eeda8ab72b7ce64bf369ea195e5

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe

                                                                                        Filesize

                                                                                        4.5MB

                                                                                        MD5

                                                                                        91c000f1c9155d8f543ac1f012f5d39d

                                                                                        SHA1

                                                                                        eb271265141e452ebc2287c653dc60d36dbac7e3

                                                                                        SHA256

                                                                                        f48f8f19a1e996d763289b5968c53fd07a031e430fd7f8e8ef2f31ac91af5a55

                                                                                        SHA512

                                                                                        009b2bc9008d05773bb1a5898dd4846f8c65e4c7953b56918c2e5416d065499d869bf858bff97128551e63a34964f155ce4841ea88d03ac88bb02f01c2960e7e

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        0bf9b3763a949593f332ea04c09f9e04

                                                                                        SHA1

                                                                                        3eaf3565f810877c76dfe3233234c3d7a2920489

                                                                                        SHA256

                                                                                        f3a90f0576e4779de2caf5bdf7a2cafea71a97ae7b9354af936beeecc87eb616

                                                                                        SHA512

                                                                                        a74a266920a6e8bfa478f315e25560fae9e9d6d399d38d6f49f37bf5594adf68d573d97822cf6d2d302746b3654e7cafd74d4c7841302940a95f82f5202d3b52

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\about_logo_en.png

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        1376f5abbe56c563deead63daf51e4e9

                                                                                        SHA1

                                                                                        0c838e0bd129d83e56e072243c796470a6a1088d

                                                                                        SHA256

                                                                                        c56ae312020aef1916a8a01d5a1fc67ed3b41e5da539c0f26632c904a5e49c62

                                                                                        SHA512

                                                                                        a0bab3bae1307ea8c7ccbd558b86c9f40e748cdd6fd8067bb33eeef863191534af367a0058111553a2c3a24e666a99009176a8636c0a5db3bf1aa6226130498f

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\about_logo_en_2x.png

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        900fdf32c590f77d11ad28bf322e3e60

                                                                                        SHA1

                                                                                        310932b2b11f94e0249772d14d74871a1924b19f

                                                                                        SHA256

                                                                                        fe20d86fd62a4d1ab51531b78231749bd5990c9221eab1e7958be6d6aef292d9

                                                                                        SHA512

                                                                                        64ebc4c6a52440b4f9f05de8ffb343c2024c4690fe5c9f336e78cd1dd01ae8225e8bc446f386feb442e76136b20d6b04ee293467b21f5b294ce25e500922f453

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\about_logo_ru.png

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        ff321ebfe13e569bc61aee173257b3d7

                                                                                        SHA1

                                                                                        93c5951e26d4c0060f618cf57f19d6af67901151

                                                                                        SHA256

                                                                                        1039ea2d254d536410588d30f302e6ab727d633cf08cb409caa5d22718af5e64

                                                                                        SHA512

                                                                                        e98fbfb4ed40c5ac804b9f4d9f0c163508c319ec91f5d1e9deb6a5d3eada9338980f1b5fe11c49e6e88935ecd50119d321ce55ca5bdd0723a6e8c414e1e68e16

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\about_logo_ru_2x.png

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        a6911c85bb22e4e33a66532b0ed1a26c

                                                                                        SHA1

                                                                                        cbd2b98c55315ac6e44fb0352580174ed418db0a

                                                                                        SHA256

                                                                                        5bb0977553ded973c818d43a178e5d9874b24539dacbd7904cd1871e0ba82b23

                                                                                        SHA512

                                                                                        279fb0c1f2871ce41b250e9a4662046bc13c6678a79866eaf317cc93c997a683114122092214ce24f8e7f8a40520fe4ca03f54930148f4f794df0df3ecf74e9d

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\configs\all_zip

                                                                                        Filesize

                                                                                        691KB

                                                                                        MD5

                                                                                        f7ca8fead90bcbc1c3a1a84522ee16b3

                                                                                        SHA1

                                                                                        18c01a06df1972ceef8d496580f4bfaa66775f50

                                                                                        SHA256

                                                                                        5bc1b0a641b68a04607963210cdeb39bb4e08de392175b23e20abbc6b19ffbf4

                                                                                        SHA512

                                                                                        ee5871159f5976cb42ca3062f383aea6296e58cbce449a2e12dd8514e9b0b576e8ad7ed9f7407c910c57d167f17ee9ceaeb675668233ed99e40f3ef7937b8a64

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\extension\elokbjeafkcggjfjkakpchmcmhkhaofn\brand_settings.json

                                                                                        Filesize

                                                                                        382B

                                                                                        MD5

                                                                                        909b09582eadd71cdfd92d615ea70a87

                                                                                        SHA1

                                                                                        715f244e8c4b306f26649167a2186a598f65f3df

                                                                                        SHA256

                                                                                        7bbd3e9581b9990cd48933c7b6ed0a22216db7f3544daf510b4acfadcab0426a

                                                                                        SHA512

                                                                                        95a6d43d88b88bacc7ad49ea40b1797f28c2fe835f8c5287b13426581088154d952803c8461d6c311520fa3b92ceae4ee9f9328a9e70ceb9b48be639f948cc4c

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\extension\fcgfaidpicddcilhjhafmmcgfodijhjd\brand_settings.json

                                                                                        Filesize

                                                                                        318B

                                                                                        MD5

                                                                                        fda6c7f7660e9be254ef3745b8dcc4c0

                                                                                        SHA1

                                                                                        953062beb6ba234633f1de0a6964e7dec3ba2cf0

                                                                                        SHA256

                                                                                        29660aabd512c66468f36862bf0087855e4c18bee937e9d1a403d548f0ce1b8c

                                                                                        SHA512

                                                                                        0b18601b8771071d601c00a8ecb687d807ca4c785c387701f6dff99566fab72227b9af84a17bf9c40a583c2501d3c20cb93681f4a1f6cb0227e4dd5b5a005077

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\extension\gopnelejddjjkamjfblkcijjikkinnec\brand_settings.json

                                                                                        Filesize

                                                                                        247B

                                                                                        MD5

                                                                                        4c817e4c2d0ed4b5603e7192da413a6a

                                                                                        SHA1

                                                                                        e70fe2b6c5548273bc00b8863e0752c7bf93ad11

                                                                                        SHA256

                                                                                        cbbda477eaadbaf9fc385bff50dfaf9af360dd82fd8b345209456d8da580273b

                                                                                        SHA512

                                                                                        39a4796f25ee166dd8a079b3556b1e50d9e85a1bad8a9229a428a9d160411c7362fdf05db872ff167ce23f7769de582f63155863bd3e06313d49e71841f369ae

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\import-bg.png

                                                                                        Filesize

                                                                                        13KB

                                                                                        MD5

                                                                                        be2acbae1c7b09125a85c5517a7dd70c

                                                                                        SHA1

                                                                                        091dbd354f830ddf74258b337dc4f7177a860d1b

                                                                                        SHA256

                                                                                        d1f78371b8d86ecd9a1e6c5878ff5da756f8c9ebb6b1a6d5d24ed017ad64c010

                                                                                        SHA512

                                                                                        dfc66f11ab6f79a8726efe47c478664973b04a277a9290cc6703899a12271909c757482be8c0a2cdcdd290e5a2a29d441a8d09c2bfc686a9482f07ceeb33f673

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\morphology\dictionary-en-US.mrf

                                                                                        Filesize

                                                                                        372KB

                                                                                        MD5

                                                                                        c8a293e130ee93c08592f0f5ba9616a8

                                                                                        SHA1

                                                                                        49e7d245af097bd28af5ffa503858830cd45011e

                                                                                        SHA256

                                                                                        fbd6c8f911927a994db26eac21e4c028d75ea9de593eaa525f331e5c9a911ce3

                                                                                        SHA512

                                                                                        9f4c01c6083ad7063db29b7075e0ac475794dfaa9b6714b119174607aefbf5384cbf17a96256b097de5b2a73669d060d5082cf2aa9244e7968c3d8853d09083b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\morphology\dictionary-en-US.mrf.sig

                                                                                        Filesize

                                                                                        256B

                                                                                        MD5

                                                                                        197eaa00216af72690c09b8b82211809

                                                                                        SHA1

                                                                                        1e49ba86b771b391b63335fede7614f5ac427f84

                                                                                        SHA256

                                                                                        d5e3a63301977129113a9c0bdc0dd14173768c6f9f5ce2f2036c0cc6a53d706c

                                                                                        SHA512

                                                                                        f57b8e7d481ba5791c6bf454363fca3aad042270b572fb4b2ae1c0429a6e2f70d153b6bf44b139d48c959a1817c4e72ad3b280257b7877746fe93c40c880f514

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\morphology\stop-words-en-US.list

                                                                                        Filesize

                                                                                        9B

                                                                                        MD5

                                                                                        202e1cc3e24e0a76bb1fd8779ddae5cb

                                                                                        SHA1

                                                                                        7566a9437663e808740ef75c9a79f414daa6b44d

                                                                                        SHA256

                                                                                        95984aa8caca82fc5c2ac6721e17206e45f12404567bf05bf397131ab83cef58

                                                                                        SHA512

                                                                                        dba1d7714da25c670cef62d22638ba759add34e26e69666973e26b7e7542b7c04d3694bb0f22ec2b7f89a33e48b3546507a108a385ba5945e0d293f501511717

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\safebrowsing\download.png

                                                                                        Filesize

                                                                                        437B

                                                                                        MD5

                                                                                        528381b1f5230703b612b68402c1b587

                                                                                        SHA1

                                                                                        c29228966880e1a06df466d437ec90d1cac5bf2e

                                                                                        SHA256

                                                                                        3129d9eaba1c5f31302c2563ebfa85747eda7a6d3f95602de6b01b34e4369f04

                                                                                        SHA512

                                                                                        9eb45b0d4e3480a2d51a27ac5a6f20b9ef4e12bf8ac608043a5f01a372db5ea41a628458f7a0b02aaba94cd6bb8355a583d17666f87c3f29e82a0b899e9700bd

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\sxs.ico

                                                                                        Filesize

                                                                                        43KB

                                                                                        MD5

                                                                                        592b848cb2b777f2acd889d5e1aae9a1

                                                                                        SHA1

                                                                                        2753e9021579d24b4228f0697ae4cc326aeb1812

                                                                                        SHA256

                                                                                        ad566a3e6f8524c705844e95a402cdeb4d6eed36c241c183147409a44e97ebcd

                                                                                        SHA512

                                                                                        c9552f4db4b6c02707d72b6f67c2a11f1cf110b2c4ac5a1b7ac78291a14bf6eb35a9b4a05bc51ac80135504cd9dcad2d7a883249ee2e20a256cb9e9ceeb0032f

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo

                                                                                        Filesize

                                                                                        220KB

                                                                                        MD5

                                                                                        b8aca2f09f3c9ecbd1c848007c3fd8b6

                                                                                        SHA1

                                                                                        e81fc8e2512026f9df9a661529a1e7a9ce0b2ba3

                                                                                        SHA256

                                                                                        a3b688dbadf99ba57652809adf074bb6e441895d0035983fae33912128fdb7cc

                                                                                        SHA512

                                                                                        df4eae94ee9eee02ce2fb7ced9968d9f644369638ec1ff392a15a28c89e4ec112aef966260be4072681f87145eee1460db1ced15b61798e3955c10eed3454a38

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_BR_

                                                                                        Filesize

                                                                                        451KB

                                                                                        MD5

                                                                                        6a8fa7f8a6893d052627cd428d1e3237

                                                                                        SHA1

                                                                                        81422d8c739a136967a6bf77167bda1afee1280c

                                                                                        SHA256

                                                                                        71e8cdfe763f3479b399ffdb8dacd136e118c52b9d980e75e97a41e592cd258c

                                                                                        SHA512

                                                                                        86bf094a4b2d7d13ac1d9d872458ca88cadca6744a638173e0425f4eba5ff624343de2c9b9ef38502174847e0b4f00ce768c7fafdf8e7f8a9ad1d1c2fb308d42

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_CA_

                                                                                        Filesize

                                                                                        415KB

                                                                                        MD5

                                                                                        f8495a109372348b2f3aa8fd41fac4f7

                                                                                        SHA1

                                                                                        77c42c500e5a0889ad83d7693c6988b091a45012

                                                                                        SHA256

                                                                                        3b5a77e2a5d9bd96d68ae95981d82aab133fca44110622fcf5ee7e12dd667ebd

                                                                                        SHA512

                                                                                        19126463e599d7a41a7b1815ca8176a7aac922ef39807c262ae15671bb49c0244e884094b361a20554c08e0aae028155d6608f080fd0d72ee12d36185ea203a2

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_CN_

                                                                                        Filesize

                                                                                        746KB

                                                                                        MD5

                                                                                        f2826b7f3232265257d6efad0c443d21

                                                                                        SHA1

                                                                                        9da0d12745e199ac3f30f92c672b4dc97f35c75c

                                                                                        SHA256

                                                                                        cfb1791b0a72d00fde5675da5c041fc2de53123b5f5b2b2129237404eb8ba482

                                                                                        SHA512

                                                                                        4a8ac9dda75df8016e9b367b5d76afbab7f4f7f6fdcfe7f36d6273b7709fb992c377d21954a3665c234f84f640342b90161965e5dd09942ff8fbeaa8cccf7b8d

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_DE_

                                                                                        Filesize

                                                                                        561KB

                                                                                        MD5

                                                                                        4757da1b4ddb8085be308d987b150a35

                                                                                        SHA1

                                                                                        ce3492d4efa7f87e29c6b53aa7e3ac6d9ee95152

                                                                                        SHA256

                                                                                        9133f9eca9355387159ecfecc7158796305713c4046445d601eb5ded5fc0d3c3

                                                                                        SHA512

                                                                                        025d1e09494ac470f0cdefea6136d928d47f5f795f105603b43f37e43884e2c73da15757dc24f6793760bcc11501a2a4b3832a31f213c6751da20fc866ce9d72

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_ES_

                                                                                        Filesize

                                                                                        527KB

                                                                                        MD5

                                                                                        1c5d71e5a413ad550a08fe785f11d94c

                                                                                        SHA1

                                                                                        6c90db1ac6f5aa58202ee350f4e53ae3971be2bb

                                                                                        SHA256

                                                                                        e60f38def5e81c8784a6e09c61bb9577e3bba62a959d01a1a858f1ac30b61643

                                                                                        SHA512

                                                                                        5a74f8161ee5cbca1d935186b28d3650a6632be8d9b558996043decf0ebe05ab81af5ad8d94aa4632e370e596e9db9912c8e08bfaf0e1ef127c0cfd4d059b3af

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_GB_

                                                                                        Filesize

                                                                                        403KB

                                                                                        MD5

                                                                                        efda29551136fcc4de2ab4092ff02e21

                                                                                        SHA1

                                                                                        a911fb873c1221efd99e9ca330435788aea01a75

                                                                                        SHA256

                                                                                        c491c7db179d23b53ec7f378f280d971d7b96d738187c1377fed5bc8c89a652c

                                                                                        SHA512

                                                                                        e650b8b567dc658720cf74d8eb5cb6d51b4685f208232b9510a6b8739f8caa7f1d5e5e7b20a98b0b856ee56dce86cdae3eb7cf1b83974cb473011253a0af5c25

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_ID_

                                                                                        Filesize

                                                                                        161KB

                                                                                        MD5

                                                                                        2271cc49e222c5fd558572fe9d7808b0

                                                                                        SHA1

                                                                                        6dbcf76e96e67434b8b9f294a61d1185afd9cbba

                                                                                        SHA256

                                                                                        8a4d261a6344c0eca555038eab21dd54d68c3cfbbe6eb11e7792c33f12537d03

                                                                                        SHA512

                                                                                        f3c5b9480dda3b8d7d7c36e5b2d4084c776ddd92d3a1e8086b9bb447486060ba07fb3d7ad9c8a15421d19b82b4e61f60057e94da726e5c8a7362438fa8b1961d

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_IT_

                                                                                        Filesize

                                                                                        566KB

                                                                                        MD5

                                                                                        da963f528183e2c335b3523c5b5e667f

                                                                                        SHA1

                                                                                        1b63bc824508cc978916ad6ace199d8058ef53dc

                                                                                        SHA256

                                                                                        bdc01e40b4ac8d262d616d31bef7d8bd2784c918ec9ea76e2be929bfb554585e

                                                                                        SHA512

                                                                                        8e1dca38a869a00bf7eb86b4173850631b1085068da2b49a184ef68029e03b8fe1906d8d0df2f6a5457905570b6dad57191a8175d6581a50092d531bda672e73

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_JP_

                                                                                        Filesize

                                                                                        426KB

                                                                                        MD5

                                                                                        eb6d55790b6164b73e275c2401ad0550

                                                                                        SHA1

                                                                                        5c47d0c866925eb05a4b59986921ed60f8a612c4

                                                                                        SHA256

                                                                                        61f5b2ef85394c0034cfb05b650d7f4d9d79ffa87f2f6448566929f27a11411f

                                                                                        SHA512

                                                                                        0d4915979764f168b320e5152adfc18b186c5c966a3d42ba02c81bd5041386e08a89c818aa79d1c76304a3c9a3971982d5c97fc0493f19c1f283a64317acf9f3

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_KZ_

                                                                                        Filesize

                                                                                        380KB

                                                                                        MD5

                                                                                        7a9698fd54deaf12679dfa246adf5b60

                                                                                        SHA1

                                                                                        e824691b404a9aafe617c9c88e2063aaa08794bb

                                                                                        SHA256

                                                                                        8ff43d0de20a9e37107bd6428d6ac41843fe4f8261b00b8cea5792b72e365122

                                                                                        SHA512

                                                                                        805d72d8ade2e2018e7dba83bfdc292b3cdc4dff9746e717d74f5955466e55f67f8d03076bf1a6c5f8be37e77f8aaf855044b8b28a0e7f39580dad009fea4e8c

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_PT_

                                                                                        Filesize

                                                                                        523KB

                                                                                        MD5

                                                                                        0dde45f225a4290e59bfb55c80d4a51c

                                                                                        SHA1

                                                                                        3ebbbbb509d51a7c8e5cf409068644ad5ddbc09e

                                                                                        SHA256

                                                                                        8acb93ee7331e6b12feb81102b435c4bc044c614ef0fb8e69d2a0116bfe33d40

                                                                                        SHA512

                                                                                        d250d3891165505eb1fb7c5d2ccad397428785e8a6bb689dc56b55f2313f4b11bf402132d6f34ab6e9192453c43b74915bd7ddfafaf1716a954ccabd8b4d28c7

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_RU_

                                                                                        Filesize

                                                                                        286KB

                                                                                        MD5

                                                                                        fbd7c40aa538b758a4588a07e88ac57c

                                                                                        SHA1

                                                                                        af30b54822bbd0674cb1ea9a51be19b7a78d43b4

                                                                                        SHA256

                                                                                        4ff2f383821f2e77878e4e624aadda8d4fc942e54803c69747da41c9988919c8

                                                                                        SHA512

                                                                                        bb183fe4b7f197bcf1ef72b5095cf41065f288c1426b006a6b99873969592825b623eeec51642a98fa783f6d7817766747a3f1209c8344559d21614f12c58448

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_TR_

                                                                                        Filesize

                                                                                        530KB

                                                                                        MD5

                                                                                        9aac83dab47ce1228e8819cdcf1cceb4

                                                                                        SHA1

                                                                                        c3d60af194dc7be089ea62750ecedbb6e5fa16fe

                                                                                        SHA256

                                                                                        199b7586e0d25718342e3657eedbe81d20968759af4a8a63b04eb9ac6ee56d5f

                                                                                        SHA512

                                                                                        3cf47d3c13c752222a34a94896c005db96927c2d5d4c132655bd7a84bfb9607a0feeccefbfae8e98467cd8642c31d843bba4c6293007ef071d91e7dcfc8bf1b3

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\tablo_UA_

                                                                                        Filesize

                                                                                        557KB

                                                                                        MD5

                                                                                        1af7c65a09f5b23c8919656a631580db

                                                                                        SHA1

                                                                                        c9dca1523cc25f50bdd8d5ce2d354abb40cf6e5c

                                                                                        SHA256

                                                                                        71f09d4dc7592990580ad74d2f5262c29f98f72e11319daccdbcd1f095cec3f0

                                                                                        SHA512

                                                                                        f39f7490857186663577af939c802757ba35a8b15fd0d7acc9786779f5cd2e179dc41d5b89695abaeaf1b6acc9d20b5754e6201f2ffe55c393e8fedb3ac24eb6

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\1-1x.png

                                                                                        Filesize

                                                                                        18KB

                                                                                        MD5

                                                                                        80121a47bf1bb2f76c9011e28c4f8952

                                                                                        SHA1

                                                                                        a5a814bafe586bc32b7d5d4634cd2e581351f15c

                                                                                        SHA256

                                                                                        a62f9fdf3de1172988e01a989bf7a2344550f2f05a3ac0e6dc0ccd39ed1a697e

                                                                                        SHA512

                                                                                        a04df34e61fd30764cf344b339ba2636b9280a358863f298690f6a8533c5e5dfa9773a14f8d16a5bb709ea17cf75e1da6302335aa9120009892e529bfad30df9

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\abstract\light.jpg

                                                                                        Filesize

                                                                                        536KB

                                                                                        MD5

                                                                                        3bf3da7f6d26223edf5567ee9343cd57

                                                                                        SHA1

                                                                                        50b8deaf89c88e23ef59edbb972c233df53498a2

                                                                                        SHA256

                                                                                        2e6f376222299f8142ff330e457867bad3300b21d96daec53579bf011629b896

                                                                                        SHA512

                                                                                        fef8e951c6cf5cec82dbeafd306de3ad46fd0d90e3f41dcea2a6046c95ab1ae39bf8a6e4a696580246c11330d712d4e6e8757ba24bbf180eec1e98a4aec1583b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\abstract\light_preview.jpg

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        9f6a43a5a7a5c4c7c7f9768249cbcb63

                                                                                        SHA1

                                                                                        36043c3244d9f76f27d2ff2d4c91c20b35e4452a

                                                                                        SHA256

                                                                                        add61971c87104187ae89e50cec62a196d6f8908315e85e76e16983539fba04b

                                                                                        SHA512

                                                                                        56d7bd72c8a380099309c36912513bcafbe1970830b000a1b89256aae20137c88e1e281f2455bb381ab120d682d6853d1ef05d8c57dd68a81a24b7a2a8d61387

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\custogray\custogray_full.png

                                                                                        Filesize

                                                                                        313B

                                                                                        MD5

                                                                                        55841c472563c3030e78fcf241df7138

                                                                                        SHA1

                                                                                        69f9a73b0a6aaafa41cecff40b775a50e36adc90

                                                                                        SHA256

                                                                                        a7cd964345c3d15840b88fd9bc88f0d0c34a18edbf1ce39359af4582d1d7da45

                                                                                        SHA512

                                                                                        f7433d17937342d9d44aa86bcc30db9ae90450b84aa745d2c7390ff430449e195b693a8ae6df35d05fee2d97149a58a7d881737d57902d9885c6c55393d25d6f

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\custogray\preview.png

                                                                                        Filesize

                                                                                        136B

                                                                                        MD5

                                                                                        0474a1a6ea2aac549523f5b309f62bff

                                                                                        SHA1

                                                                                        cc4acf26a804706abe5500dc8565d8dfda237c91

                                                                                        SHA256

                                                                                        55a236ad63d00d665b86ff7f91f2076226d5ed62b9d9e8f835f7cb998556545f

                                                                                        SHA512

                                                                                        d8e3de4fea62b29fd719376d33a65367a3a2a2a22ed175cc1eeff3e38dfbaac448c97a6fbea55bc6159351d11a6aad97e09cb12548cf297e01bd23bf6074de08

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\custogray\wallpaper.json

                                                                                        Filesize

                                                                                        233B

                                                                                        MD5

                                                                                        662f166f95f39486f7400fdc16625caa

                                                                                        SHA1

                                                                                        6b6081a0d3aa322163034c1d99f1db0566bfc838

                                                                                        SHA256

                                                                                        4cd690fb8ed5cd733a9c84d80d20d173496617e8dde6fca19e8a430517349ed5

                                                                                        SHA512

                                                                                        360a175c5e72ff8d2a01ee4e0f365237bbd725b695139ea54afc905e9e57686c5db8864b5abf31373a9cb475adcbdb3db292daf0a53c6eb643a5d61b868ad39b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\fir_tree\fir_tree_preview.png

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        d6305ea5eb41ef548aa560e7c2c5c854

                                                                                        SHA1

                                                                                        4d7d24befe83f892fb28a00cf2c4121aeb2d9c5d

                                                                                        SHA256

                                                                                        4c2b561cf301d9e98383d084a200deb7555ec47a92772a94453d3d8d1de04080

                                                                                        SHA512

                                                                                        9330009997d62c1804f1e4cf575345016cda8d6a1dd6cb7d2501df65ea2021df6b8a5bc26809ddfc84e6ff9450f1e404c135561b1b00b9e4915c69e84f89cfec

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\fir_tree\wallpaper.json

                                                                                        Filesize

                                                                                        384B

                                                                                        MD5

                                                                                        8a2f19a330d46083231ef031eb5a3749

                                                                                        SHA1

                                                                                        81114f2e7bf2e9b13e177f5159129c3303571938

                                                                                        SHA256

                                                                                        2cc83bc391587b7fe5ddd387506c3f51840b806f547d203ccd90487753b782f1

                                                                                        SHA512

                                                                                        635828e7b6044eeede08e3d2bb2e68bc0dbbe9e14691a9fb6e2bc9a2ac96526d8b39c8e22918ff2d944fb07b2531077f8febd43028be8213aa2fad858b6ee116

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\flowers\flowers_preview.png

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        ba6e7c6e6cf1d89231ec7ace18e32661

                                                                                        SHA1

                                                                                        b8cba24211f2e3f280e841398ef4dcc48230af66

                                                                                        SHA256

                                                                                        70a7a65aa6e8279a1a45d93750088965b65ea8e900c5b155089ca119425df003

                                                                                        SHA512

                                                                                        1a532c232dd151474fbc25e1b435a5e0d9d3f61372036d97bcaab3c352e7037f1c424b54a8904ef52cf34c13a77b7ab295fb4fd006c3ab86289577f469a6cd4c

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\flowers\wallpaper.json

                                                                                        Filesize

                                                                                        359B

                                                                                        MD5

                                                                                        4938bc67f6e2d6e8faeb7ba9ca8dbc69

                                                                                        SHA1

                                                                                        7600cfbe9d5e6be6a12642670107857abe36e383

                                                                                        SHA256

                                                                                        3bdb98cfc0379426a56ac7813f4bdd4787bea9ee8a65b7914e62226e584ac977

                                                                                        SHA512

                                                                                        27b680deb837cf7831c2d865f210fa1321fe5a2ee885be1dc058916ae0fa0e6fcf9c9f9de4ee86806dd3ab271c47f79ab621741664b8bdce7be117ff52ef6c85

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\huangshan\huangshan.jpg

                                                                                        Filesize

                                                                                        211KB

                                                                                        MD5

                                                                                        c51eed480a92977f001a459aa554595a

                                                                                        SHA1

                                                                                        0862f95662cff73b8b57738dfaca7c61de579125

                                                                                        SHA256

                                                                                        713c9e03aac760a11e51b833d7e1c9013759990b9b458363a856fd29ea108eec

                                                                                        SHA512

                                                                                        6f896c5f7f05524d05f90dc45914478a2f7509ea79114f240396791f658e2f7070e783fab6ac284327361dc2a48c5918b9f1c969b90795ceacce2c5c5bfa56ca

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\huangshan\huangshan.webm

                                                                                        Filesize

                                                                                        9.6MB

                                                                                        MD5

                                                                                        b78f2fd03c421aa82b630e86e4619321

                                                                                        SHA1

                                                                                        0d07bfbaa80b9555e6eaa9f301395c5db99dde25

                                                                                        SHA256

                                                                                        05e7170852a344e2f3288fc3b74c84012c3d51fb7ad7d25a15e71b2b574bfd56

                                                                                        SHA512

                                                                                        404fb2b76e5b549cbcba0a8cf744b750068cbd8d0f9f6959c4f883b35bcaa92d46b0df454719ca1cef22f5924d1243ba2a677b2f86a239d20bfad5365dc08650

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\huangshan\huangshan_preview.jpg

                                                                                        Filesize

                                                                                        26KB

                                                                                        MD5

                                                                                        1edab3f1f952372eb1e3b8b1ea5fd0cf

                                                                                        SHA1

                                                                                        aeb7edc3503585512c9843481362dca079ac7e4a

                                                                                        SHA256

                                                                                        649c55ccc096cc37dfe534f992b1c7bda68da589258611924d3f6172d0680212

                                                                                        SHA512

                                                                                        ecd9609fbf821239ddcbdc18ef69dade6e32efd10c383d79e0db39389fa890a5c2c6db430a01b49a44d5fa185f8197dbbde2e1e946f12a1f97a8c118634c0c34

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\meadow\preview.png

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        d10bda5b0d078308c50190f4f7a7f457

                                                                                        SHA1

                                                                                        3f51aae42778b8280cd9d5aa12275b9386003665

                                                                                        SHA256

                                                                                        0499c4cc77a64cc89055b3c65d7af8387f5d42399ff2c0a2622eccbd6d481238

                                                                                        SHA512

                                                                                        668e1a70a50a0decf633167ac23cba6916d0e05d0894daae1f7e3d487519f0a126abd4298430b38f52746a5c3b83ccd520b3d9b0ae1a79f893e36821a0458566

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\meadow\wallpaper.json

                                                                                        Filesize

                                                                                        439B

                                                                                        MD5

                                                                                        f3673bcc0e12e88f500ed9a94b61c88c

                                                                                        SHA1

                                                                                        e96e2b2b5c9de451d76742f04cc8a74b5d9a11c0

                                                                                        SHA256

                                                                                        c6581e9f59646e0a51a3194798ec994c7c5c99f28897108838aaf4a4e2bda04a

                                                                                        SHA512

                                                                                        83fb3fe4a3562449a53c13d1c38d5fe9ef1fa55c3006f59b65eace9a6ad4963e768088bc500dbe5266b5979c6ace77874ef11a15a7bd9fabae00ff137e70ecb5

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\misty_forest\preview.png

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        77aa87c90d28fbbd0a5cd358bd673204

                                                                                        SHA1

                                                                                        5813d5759e4010cc21464fcba232d1ba0285da12

                                                                                        SHA256

                                                                                        ea340a389af6d7ad760dff2016cf4e79488bda1a45d0a415b3cd02a4430c9711

                                                                                        SHA512

                                                                                        759519b8822a6a4b88fc9ba47fa9d5d898b2f5a0f359acfbefc04809e6d7f5df86fb130f191eb6f63322792a18c0e7170aedf3ce7060fd9ad7e1bec2e686c3b2

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\misty_forest\wallpaper.json

                                                                                        Filesize

                                                                                        423B

                                                                                        MD5

                                                                                        2b65eb8cc132df37c4e673ff119fb520

                                                                                        SHA1

                                                                                        a59f9abf3db2880593962a3064e61660944fa2de

                                                                                        SHA256

                                                                                        ebe9cadad41bd573f4b5d20e3e251410300b1695dfdf8b1f1f1276d0f0f8fa6d

                                                                                        SHA512

                                                                                        c85fe6895453d0c38a1b393307b52d828bad8fa60d1d65bb83ffa3c5e17b71aa13cab60955489198503839ce5a4a6c1bb353752ab107f5e5b97908116c987e52

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\mountains_preview.jpg

                                                                                        Filesize

                                                                                        35KB

                                                                                        MD5

                                                                                        a3272b575aa5f7c1af8eea19074665d1

                                                                                        SHA1

                                                                                        d4e3def9a37e9408c3a348867169fe573050f943

                                                                                        SHA256

                                                                                        55074794869b59cd5c693dfa6f6615aea068c2cd50cdae6dd69bd0410661ded8

                                                                                        SHA512

                                                                                        c69bf39362658dd6cbd827cf6db0f188a9c4410b3c6b7b532595fd5907974e2141d857942ffb2497282e31eaa33c71240c2c2bd8721046df55e3358e8b76c061

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\neuro_dark\neuro_dark_preview.jpg

                                                                                        Filesize

                                                                                        24KB

                                                                                        MD5

                                                                                        29c69a5650cab81375e6a64e3197a1ea

                                                                                        SHA1

                                                                                        5a9d17bd18180ef9145e2f7d4b9a2188262417d1

                                                                                        SHA256

                                                                                        462614d8d683691842bdfb437f50bfdea3c8e05ad0d5dac05b1012462d8b4f66

                                                                                        SHA512

                                                                                        6d287be30edcb553657e68aef0abc7932dc636306afed3d24354f054382852f0064c96bebb7ae12315e84aab1f0fd176672f07b0a6b8901f60141b1042b8d0be

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\neuro_dark\neuro_dark_static.jpg

                                                                                        Filesize

                                                                                        2.4MB

                                                                                        MD5

                                                                                        e6f09f71de38ed2262fd859445c97c21

                                                                                        SHA1

                                                                                        486d44dae3e9623273c6aca5777891c2b977406f

                                                                                        SHA256

                                                                                        a274d201df6c2e612b7fa5622327fd1c7ad6363f69a4e5ca376081b8e1346b86

                                                                                        SHA512

                                                                                        f6060b78c02e4028ac6903b820054db784b4e63c255bfbdc2c0db0d5a6abc17ff0cb50c82e589746491e8a0ea34fd076628bbcf0e75fa98b4647335417f6c1b7

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\neuro_light\neuro_light_preview.jpg

                                                                                        Filesize

                                                                                        13KB

                                                                                        MD5

                                                                                        d72d6a270b910e1e983aa29609a18a21

                                                                                        SHA1

                                                                                        f1f8c4a01d0125fea1030e0cf3366e99a3868184

                                                                                        SHA256

                                                                                        031f129cb5bab4909e156202f195a95fa571949faa33e64fe5ff7a6f3ee3c6b3

                                                                                        SHA512

                                                                                        96151c80aac20dbad5021386e23132b5c91159355b49b0235a82ca7d3f75312cfea9a2158479ebc99878728598b7316b413b517b681486105538bbeb7490b9c2

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\neuro_light\neuro_light_static.jpg

                                                                                        Filesize

                                                                                        726KB

                                                                                        MD5

                                                                                        9c71dbde6af8a753ba1d0d238b2b9185

                                                                                        SHA1

                                                                                        4d3491fa6b0e26b1924b3c49090f03bdb225d915

                                                                                        SHA256

                                                                                        111f666d5d5c3ffbcb774403df5267d2fd816bdf197212af3ac7981c54721d2e

                                                                                        SHA512

                                                                                        9529a573013038614cd016a885af09a5a06f4d201205258a87a5008676746c4082d1c4a52341d73f7c32c47135763de6d8f86760a3d904336f4661e65934077e

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\peak\preview.png

                                                                                        Filesize

                                                                                        5KB

                                                                                        MD5

                                                                                        1d62921f4efbcaecd5de492534863828

                                                                                        SHA1

                                                                                        06e10e044e0d46cd6dccbcd4bae6fb9a77f8be45

                                                                                        SHA256

                                                                                        f72ea12f6c972edfe3d5a203e1e42cbbaf4985633de419342c2af31363f33dab

                                                                                        SHA512

                                                                                        eec8171bd3bea92e24066e36801f334ac93905b7e8e50935f360e09fa8c9b9f848c4c62b687299e8297c0693d6dbaf9c6035b471e6345d626510b73e3606ee4d

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\peak\wallpaper.json

                                                                                        Filesize

                                                                                        440B

                                                                                        MD5

                                                                                        f0ac84f70f003c4e4aff7cccb902e7c6

                                                                                        SHA1

                                                                                        2d3267ff12a1a823664203ed766d0a833f25ad93

                                                                                        SHA256

                                                                                        e491962b42c3f97649afec56ad4ea78fd49845ceb15f36edddd08d9e43698658

                                                                                        SHA512

                                                                                        75e048c1d1db6618ead9b1285846922c16a46ee138a511e21235342a5a6452c467b906578bdd4a56e7b9e0a26535df6fb6319ae1cae238055887b48963fa6ed6

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\raindrops\raindrops_preview.png

                                                                                        Filesize

                                                                                        7KB

                                                                                        MD5

                                                                                        28b10d683479dcbf08f30b63e2269510

                                                                                        SHA1

                                                                                        61f35e43425b7411d3fbb93938407365efbd1790

                                                                                        SHA256

                                                                                        1e70fc9965939f6011488f81cd325223f17b07ee158a93c32c124602b506aa6b

                                                                                        SHA512

                                                                                        05e5b5e9c5ef61f33a883b0286c2239cb2a464581d6e8a86d7b179b1887b4cb2cd7304e0821cdd3208501421c44c63c248a5166c790792717a90f8ac528fbf2f

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\raindrops\wallpaper.json

                                                                                        Filesize

                                                                                        385B

                                                                                        MD5

                                                                                        5f18d6878646091047fec1e62c4708b7

                                                                                        SHA1

                                                                                        3f906f68b22a291a3b9f7528517d664a65c85cda

                                                                                        SHA256

                                                                                        bcfea0bebf30ee9744821a61fcce6df0222c1a266e0995b9a8cfbb9156eeeefd

                                                                                        SHA512

                                                                                        893b2077a4abaa2fe89676c89f5e428ccd2420177268159395b5568824dd3fe08bea8a8b2f828c6c9297b19e0f8e3a1b7899315c0b07f4b61fc86ce94301518b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\sea.webm

                                                                                        Filesize

                                                                                        12.5MB

                                                                                        MD5

                                                                                        00756df0dfaa14e2f246493bd87cb251

                                                                                        SHA1

                                                                                        39ce8b45f484a5e3aa997b8c8f3ad174e482b1b9

                                                                                        SHA256

                                                                                        fa8d0ae53ebdbec47b533239709b7e1514ecb71278907621ca2d288241eb0b13

                                                                                        SHA512

                                                                                        967670863f3c77af26fa1d44cd7b4fe78148d2ba6ea930b7b29b9f35d606554d664c0577068e0c26fa125d54627d7e7543360bce4acee0af17783b07450b5f52

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\sea\sea_preview.png

                                                                                        Filesize

                                                                                        3KB

                                                                                        MD5

                                                                                        3c0d06da1b5db81ea2f1871e33730204

                                                                                        SHA1

                                                                                        33a17623183376735d04337857fae74bcb772167

                                                                                        SHA256

                                                                                        02d8e450f03129936a08b67f3a50ea5d2e79f32c4e8f24d34b464f2cb5e0b086

                                                                                        SHA512

                                                                                        ff0e60c94fc3c0c61d356a26667c5170256e1143b29adf23d4e7d27012da72ed8865ef59dc2046314c7335b8d3d331e5fd78f38b9b92f6af48729dae80f85b15

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\sea\wallpaper.json

                                                                                        Filesize

                                                                                        379B

                                                                                        MD5

                                                                                        92e86315b9949404698d81b2c21c0c96

                                                                                        SHA1

                                                                                        4e3fb8ecf2a5c15141bb324ada92c5c004fb5c93

                                                                                        SHA256

                                                                                        c2bb1e5d842c7e5b1b318f6eb7fe1ce24a8209661ddd5a83ab051217ca7c3f65

                                                                                        SHA512

                                                                                        2834b1ef7bb70b2d24c4fedef87cd32c6e8f401d8ee5f3852808f6a557724ce036c31a71298cd0ed601cde4be59ec4042542351c63c4e0ac3d31419f79240956

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\sea_preview.jpg

                                                                                        Filesize

                                                                                        59KB

                                                                                        MD5

                                                                                        53ba159f3391558f90f88816c34eacc3

                                                                                        SHA1

                                                                                        0669f66168a43f35c2c6a686ce1415508318574d

                                                                                        SHA256

                                                                                        f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e

                                                                                        SHA512

                                                                                        94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\sea_static.jpg

                                                                                        Filesize

                                                                                        300KB

                                                                                        MD5

                                                                                        5e1d673daa7286af82eb4946047fe465

                                                                                        SHA1

                                                                                        02370e69f2a43562f367aa543e23c2750df3f001

                                                                                        SHA256

                                                                                        1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a

                                                                                        SHA512

                                                                                        03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\stars\preview.png

                                                                                        Filesize

                                                                                        6KB

                                                                                        MD5

                                                                                        ed9839039b42c2bf8ac33c09f941d698

                                                                                        SHA1

                                                                                        822e8df6bfee8df670b9094f47603cf878b4b3ed

                                                                                        SHA256

                                                                                        4fa185f67eaf3a65b991cea723d11f78de15a6a9a5235848a6456b98a9d7f689

                                                                                        SHA512

                                                                                        85119055ddfc6bc4cca05de034b941b1743cbb787607c053e8c10309572d2ef223786fc454d962fbb5e3cde5320117f9efe99041116db48916bc3d2fcd4ffa25

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\stars\wallpaper.json

                                                                                        Filesize

                                                                                        537B

                                                                                        MD5

                                                                                        9660de31cea1128f4e85a0131b7a2729

                                                                                        SHA1

                                                                                        a09727acb85585a1573db16fa8e056e97264362f

                                                                                        SHA256

                                                                                        d1bef520c71c7222956d25335e3ba2ea367d19e6c821fb96c8112e5871576294

                                                                                        SHA512

                                                                                        4cb80766c8e3c77dfb5ca7af515939e745280aa695eca36e1f0a83fb795b2b3ef406472f990a82c727cea42d1b4ef44a0d34a7f4f23e362f2992dbff2527798b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\web\wallpaper.json

                                                                                        Filesize

                                                                                        379B

                                                                                        MD5

                                                                                        e4bd3916c45272db9b4a67a61c10b7c0

                                                                                        SHA1

                                                                                        8bafa0f39ace9da47c59b705de0edb5bca56730c

                                                                                        SHA256

                                                                                        7fdddc908bd2f95411dcc4781b615d5da3b5ab68e8e5a0e2b3d2d25d713f0e01

                                                                                        SHA512

                                                                                        4045e262a0808225c37711b361837070d0aeb5d65a32b5d514cc6f3c86962ba68f7d108bf4d81aa3bf645789d0753029a72c1ce34688a6d7af15f3e854c73f07

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\25.2.5.953\resources\wallpapers\web\web_preview.png

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        3f7b54e2363f49defe33016bbd863cc7

                                                                                        SHA1

                                                                                        5d62fbfa06a49647a758511dfcca68d74606232c

                                                                                        SHA256

                                                                                        0bbf72a3c021393192134893777ecb305717ccef81b232961ca97ae4991d9ba8

                                                                                        SHA512

                                                                                        b3b458860701f3bc163b4d437066a58b5d441d8a427a8b03772c9c519c01983e3d3fdb8da20f6a53ad95c88dcdd0298f72822f39bc3672cb6f1d77fcc3f025a9

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\4bf94651-ccf7-44bd-9c2a-b72b7f86f598.tmp

                                                                                        Filesize

                                                                                        223KB

                                                                                        MD5

                                                                                        549d276aa171e5775b923e5e14d4a29c

                                                                                        SHA1

                                                                                        e2dc59f9558afcf647e4e8caf2e5cb7bf87736bc

                                                                                        SHA256

                                                                                        fd20567aef67980ba32e9cb4979f6a620047d67b6a5d377a27a38967877c15f0

                                                                                        SHA512

                                                                                        e32074ac38b9f262aff7b415f6705cf7c6847f090b9ea3be6c1284fc79eb58f90add2b39b128ccba36af5636e9d545a6006c5e317db6aa9ad8a82928f31f0d45

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat

                                                                                        Filesize

                                                                                        48B

                                                                                        MD5

                                                                                        804d54676daa87f979d6a92a7a488ddc

                                                                                        SHA1

                                                                                        c82dd8106508000c222a699974609a62ac6293a4

                                                                                        SHA256

                                                                                        20fbdf9f2bab4fd5154cf07c3b6e6839f0cb74abc326b7cca10f7c25b3db6570

                                                                                        SHA512

                                                                                        f6dd881af9da552c563b5645dc7b887686713537bce0d3c08a6eda45f44336bc6dd340ce869397ed3b94e262d4a44b36ded3e5a8bef7043e07bb6543dc5b2d73

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat

                                                                                        Filesize

                                                                                        48B

                                                                                        MD5

                                                                                        0f4c0ffb7e3dba99130511338df01fa9

                                                                                        SHA1

                                                                                        0d2bd9647bd8577511d25d2905b296fd26349a4b

                                                                                        SHA256

                                                                                        c56ae312f0c238f437cc018459e1cd1ef9e7efb1cc39ceec9760ae75ac844c6c

                                                                                        SHA512

                                                                                        c715d880392adbffb42728f5f2ed5fc6f215a391d3bb05899f0ddc9a01e23f965cfe309bf21c02716e34cdd23e30530744b63e3124baadacd08af7fe0718a581

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\0b653c76-ec56-493f-881f-96cfec9a8a36.tmp

                                                                                        Filesize

                                                                                        160KB

                                                                                        MD5

                                                                                        54497ce2271deb0e673ec048b44da343

                                                                                        SHA1

                                                                                        5f886314234b7aa6a4da5efc937a9d63ed007727

                                                                                        SHA256

                                                                                        3dcf052bb8050fa32f28873bb665f63f457799cb9a92549fb2dbea94014f929b

                                                                                        SHA512

                                                                                        d0d77d763b1b12c1b9d7a9a3f2aee4640ed5fb10d828b7c3c2cb051504c2b7b6438309124b934b346a4152c0aca009883d6bda42dc997188b8ca2736ac3419c9

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State

                                                                                        Filesize

                                                                                        887B

                                                                                        MD5

                                                                                        cfd79b50847ad2654cbf22535a945ecc

                                                                                        SHA1

                                                                                        ff856673ec89db2ed32c9f02a59da79d1a07f035

                                                                                        SHA256

                                                                                        59e19bdd38396f6b53a1dc45d40200e82f870616e488523bf4c5692c2313dde1

                                                                                        SHA512

                                                                                        ee43ff6d28082f795f26453328c4d94bdadc2908b88b4956ceb7dcd98bbd2511ea59fbc5bcd9b5847e36a0976bd389dcf08547423b1dd8f9ae94f23c7201f288

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\Network Persistent State~RFe59b4fe.TMP

                                                                                        Filesize

                                                                                        59B

                                                                                        MD5

                                                                                        2800881c775077e1c4b6e06bf4676de4

                                                                                        SHA1

                                                                                        2873631068c8b3b9495638c865915be822442c8b

                                                                                        SHA256

                                                                                        226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

                                                                                        SHA512

                                                                                        e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        f541cad788ab9249a5630381aa2b6da0

                                                                                        SHA1

                                                                                        e09d3a23b11ea0ba8ea4d39e4ccca3ec3305c116

                                                                                        SHA256

                                                                                        d2ae77bbd82f275074c99d940559836e4693796c0e385acdca8c633f048d3916

                                                                                        SHA512

                                                                                        541be9bec78ca6d2c02db94388bda0997c7d3349a7fccf10fe44ad6281b6a6b66809a283a68047304ff88a7c842867752f8c42378f9784950ba7f4da1b58cf7f

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        5f16c93e5894b20d4c771fd9ff389cba

                                                                                        SHA1

                                                                                        81ae05201829654c584fed8a7ebd80579f696be6

                                                                                        SHA256

                                                                                        b2ef034aabcc5c7528f6ee6739f2bbb53bbeee63889cb060eb0707033f579e65

                                                                                        SHA512

                                                                                        06c05b266f70bd9ab0acb1f2fe719f1d443da51c3789e97b3573a46eaddb1ca80f1b8c918fd045f2a1972decfebe712600ac5a72e3c4703af80c48e02537447e

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        8063621117cce7a62c661d2f1ddb91dd

                                                                                        SHA1

                                                                                        188c40f4021e5b63b20c4308b0597a4020234b98

                                                                                        SHA256

                                                                                        5dc39dd3aa40603aaa4c9d5f1b8a6c3a1ea3a383f44b515df23c1398492ade47

                                                                                        SHA512

                                                                                        60b5225c042e2b5e9a7b8bb5236689e68be9882c075c06f26bce5ec9f6fd9eddd230d0690ad4edad4c5ae3e94ad799c7ba87f7f6848b3cc135117e8aecfcbef9

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        50ae286f328f0d03cc5acf18cc052e32

                                                                                        SHA1

                                                                                        8a93f0825eed731d5c635b4daa089bb466c6bfd1

                                                                                        SHA256

                                                                                        e196925edbe7cc99bcb88280891ce664a72d13a384a19c3c426785c2340d1143

                                                                                        SHA512

                                                                                        ed4b63ebf65fca30c016318ed306fb001957d1933fdc214b974ad271a4b76cf0bcb881817221ea32ad9140ed2ab9ea6132ae07f0decdcfa1605bcde74543ccb4

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        690B

                                                                                        MD5

                                                                                        c2eb3847fe60bb74bdacf30db7a76944

                                                                                        SHA1

                                                                                        c8ff71355e1328bc3d0a04c6861da916ab64b907

                                                                                        SHA256

                                                                                        a917bde527466bbaca164e099ba5925b2f33816adc6488424564d47927486ff2

                                                                                        SHA512

                                                                                        81b74d0fa66100c2d6c073a5ca6701bf32bf5a1ce66b6fdeaada1b128c71397973b24049008bf1e0bf45f1b76c6e3e9bd1dac0faad771b11c716c685dc2356f2

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        585b214813902f41279363a8db4a0331

                                                                                        SHA1

                                                                                        3028d61cb7209cf725942921e07a573c190b2dcb

                                                                                        SHA256

                                                                                        227c2f09629a433a748468fd74234fcca0c748f35bfc2f9b2fe09ef150e7b266

                                                                                        SHA512

                                                                                        b49bf9c0ff93edf0a0af9245b6194913c53c6a225b02e6465f380d53e4f6104ce5d51a79695149b7094e296b30d9c06d172b29c10e4adf4b03a32595871136ea

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\TransportSecurity~RFe59042c.TMP

                                                                                        Filesize

                                                                                        356B

                                                                                        MD5

                                                                                        bcf1a42e5ae3d0059bd133be03665f16

                                                                                        SHA1

                                                                                        7d2cf1a019dd4249293c6ccdf46ab84c32a15692

                                                                                        SHA256

                                                                                        a0d86820621df7c243abf394d9c8ee41df118d96b1c297c07b54d7805a15c573

                                                                                        SHA512

                                                                                        cd119100cbfa1fc1e6db203dcd41d5225a89d24496e1999ef6a5d739cd3744372917d070b40ad37386ed9c6c584a693120ec7a439d8ef6cd9d6c8a9b833693b4

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        7KB

                                                                                        MD5

                                                                                        ec2bc3b809757454b9d4d7425b134490

                                                                                        SHA1

                                                                                        c843dca5db11eefba43810c02776c4b04fb75e8a

                                                                                        SHA256

                                                                                        9851a97d71ea6fa84345bb67efbc74639407961803000fed97c4357ccc67944d

                                                                                        SHA512

                                                                                        7118aef10c47818cc9c2d1ece1a48b6458b05bbbab27e28df767646540817f5b132d42f82b4806b02acfe4922230f3e90383e519790ce0ea545afbf580516d8b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        13KB

                                                                                        MD5

                                                                                        fb310c1b74bf4b650252f47b4cd13ba5

                                                                                        SHA1

                                                                                        adc11e1ff65e141bcbcac5bd31013da6e8018978

                                                                                        SHA256

                                                                                        0b3a26466f7fcb9925d95dfa27a20b018206f30bb3f6e53ce20c83acd76368f2

                                                                                        SHA512

                                                                                        ac2cbb9de61f79b78361310190b816ffc17cfe7b761dd074d02865f1dffe24ea30ad3da46bf62c9de03f5a1636550f8d380d8dba8ce63bf08f8221922ef5b970

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        a04c509e350482421cce4c1cbf68e577

                                                                                        SHA1

                                                                                        bcfe0df3d8270c06c87526e27755614fd318d137

                                                                                        SHA256

                                                                                        649244db118fa9a3b437db186f26fa534315ac98597d7ccfa84e287e2b09679f

                                                                                        SHA512

                                                                                        7ed9593b6dc6a01a450318788134da1d100d9784dc94f07c3a3f80deba5fda793f1c0d9d78faf225f3fdb24ef6cce8994c3967ef64affd687287a333bc967b6d

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        e69b930626dcf3d7a6562841d881b423

                                                                                        SHA1

                                                                                        b3b2d6e9b21c676e9c6c2c356a82527ac59af2a2

                                                                                        SHA256

                                                                                        a6e3ebe96af4762865b108c6b38e1d677685d45c76cc47a9707eb723f44de958

                                                                                        SHA512

                                                                                        647b0c290791e63d03063715841dc056f9e53b741339915f0862e2ee3be7f2b54768e71e3bacc0f76186a74c081ad49bcc8031b399d6a66344543b2d6185d4df

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe589cf7.TMP

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        5ce9671d2e41f828c55605888b218655

                                                                                        SHA1

                                                                                        445c39e45fd1abe035030debfae3c88b7061d9e7

                                                                                        SHA256

                                                                                        4055c354e1c04ad0456cd65b8884681774217d9be0af80892752897a1c4e3c77

                                                                                        SHA512

                                                                                        b8bb6437236af99aabb9fc2b9244c94f7d9f4d0a5829918287bb696bb6d4ae6b708c975474ade0da2fa4604c92e31df6ce3eae213280b26c42336e936579b8c8

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences

                                                                                        Filesize

                                                                                        9KB

                                                                                        MD5

                                                                                        3d55081d5700612ae1fb4f2bc9aee8e2

                                                                                        SHA1

                                                                                        e192c118695aa4c9e435578a3a5a008474d9cb23

                                                                                        SHA256

                                                                                        b4b35f04ee88c95d1e1fece144b70ed87103375ed8f6398c12317642a804d8ec

                                                                                        SHA512

                                                                                        a747495044178e54ca2659605534630f800536f98cc6afdcb7122f56ebe72644cecf575b4490579853850119e55e4067372f99be9572209d52961de752020ed6

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe589eeb.TMP

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        423991eae8521aec09a7a961c878e843

                                                                                        SHA1

                                                                                        fae9b74f95206423aed0ed210947f28e4cc53692

                                                                                        SHA256

                                                                                        877c101919eeab749de66d18051b2029e5f3aab8575bb71eed4bf474d9c65349

                                                                                        SHA512

                                                                                        296ab711dbf06b89cb6f33a4cd526be09c78dfa8315d164f875b88e1f793441d7347d1834c3e050a9dfea80ea99e1dd01a5167e9bd171f580846d907ebc83429

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\a1ee86e2-92d7-4da7-8e9c-a0daf8543812\index-dir\the-real-index

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        030bbf0ecc0626ec15944b67bfe16ff4

                                                                                        SHA1

                                                                                        3d6496679306957244d7041e2e1829cc9da94136

                                                                                        SHA256

                                                                                        7d32598a1137134cdbb8d3f4a644c0470613c4ed15615073df92bc01e41c6e12

                                                                                        SHA512

                                                                                        e67531c451ee4f735cebf7d445718ce235ccf09c4def93653368879e5bc46ea84965faf6c88dc54ba2e0dba75139c553dac091830f62ce4d300b467274703939

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\TurboAppCache\Nativecache\web_ntp_cache\index

                                                                                        Filesize

                                                                                        24B

                                                                                        MD5

                                                                                        54cb446f628b2ea4a5bce5769910512e

                                                                                        SHA1

                                                                                        c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                        SHA256

                                                                                        fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                        SHA512

                                                                                        8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\128.png

                                                                                        Filesize

                                                                                        12KB

                                                                                        MD5

                                                                                        e4e50cc5b187d2c380bd98cda0ce9140

                                                                                        SHA1

                                                                                        4b9e71a015e7201eedec8b1cd51219b18e232eab

                                                                                        SHA256

                                                                                        b7e5aff778e8930f415ae444c9caa6fc4eb6a26bfee7d80603c6c69a645a2702

                                                                                        SHA512

                                                                                        fd454ffcbd68f1071dd5d54a221b3f41aee88be38b5acb63bc285d04232da9d13fdb9011a85f87c579043d7987f0863e6ec8b3ac1013454ee6bffa5acf4e67cf

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\16.png

                                                                                        Filesize

                                                                                        752B

                                                                                        MD5

                                                                                        4ba9bff449aa818bd40d00277c088df7

                                                                                        SHA1

                                                                                        3fd8742ca57a086075239e1c2f76821177aac653

                                                                                        SHA256

                                                                                        1532cd8dd902ae80ed72d42304d8a43194cca7d18b0c993fa4ac938a8631b702

                                                                                        SHA512

                                                                                        8dee24d83ceabe5728dc4cd38f21de57ae7355db34818976d117adfe37e2687b8630d353dde0d5815354c63b75d960769ad151d0717213924b1a8a1abb406573

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\256.png

                                                                                        Filesize

                                                                                        24KB

                                                                                        MD5

                                                                                        1535a76a498b65bee06ded1c5f50e4a1

                                                                                        SHA1

                                                                                        018661eeef38f3d500aedbfe207d832b0f90a42f

                                                                                        SHA256

                                                                                        3bca4e4770c35facfc30643c961cdd582df578fbe5c8dc4fac0b58bb11dd4e5d

                                                                                        SHA512

                                                                                        87005610e053dde9f81f2f86e41170b6470678a8dd6963b0bb979e1ae0c493c204f93fdc002a4cf76d17bf627750968802dd0773afe5d5cc6a8fbd4a8425f3bf

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\32.png

                                                                                        Filesize

                                                                                        1KB

                                                                                        MD5

                                                                                        b2e115beeb708b1128414a99e1364795

                                                                                        SHA1

                                                                                        7133bd55ba21daa3a1309e89e4ae6add3c7e582e

                                                                                        SHA256

                                                                                        db9a7fa18af97a9ed6d6936b6661da6d5438f3580191a879079e444a1675405d

                                                                                        SHA512

                                                                                        3760e8ba321ea5265ec92340768b2f8f3247b97751f7998c48694e7890c3521bca126dedaa26272b0b570f2e4338e42b6f377f9afbe581ba7a7d51730379bffe

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\48.png

                                                                                        Filesize

                                                                                        2KB

                                                                                        MD5

                                                                                        d2febeac064e50019485b7eed903fc19

                                                                                        SHA1

                                                                                        83d85f246a6cb8d55d7d159a82163cbca82a5476

                                                                                        SHA256

                                                                                        086dbea695a07a1c9a128e217c75f33feed49be7c48b86987928ed1286145994

                                                                                        SHA512

                                                                                        592d28728d6278ea1a7425122c88a556e4584107bab883915cd5a7414abfeec2f3ca6efa89b78147399a12943261a80f1931d721363e52e82afe0675a03c63a1

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\64.png

                                                                                        Filesize

                                                                                        4KB

                                                                                        MD5

                                                                                        8440c3597e83ff1c7a7cf59556cf5a2c

                                                                                        SHA1

                                                                                        cb5f1dce00457d8475dae15df3dd71f66c43060e

                                                                                        SHA256

                                                                                        bf089d45819bf9d044583525c34ec0a1199fbd8ae1858f8d3eea07ee332b2a59

                                                                                        SHA512

                                                                                        5b00af8c7ac557c8bc2ec9f9afee1e91cf06c33ee3deabfec7dd4b382a12ff0a942f90c501c44e66b38f38e448b465fa55a8c74e8afbb357e3c2e1381aef4628

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Web Applications\Manifest Resources\fipcnjpflgbbjnfeonhlfgalcilbfaie\Icons\96.png

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        4f2707f07034b3bff67c301f7e849d2e

                                                                                        SHA1

                                                                                        3c3fc972f9eb7b670d94b018356a78067851c2d2

                                                                                        SHA256

                                                                                        ef2af430071fedf5ca3a58ee3370ed517aeac8ed39860cb914c69730f9dec188

                                                                                        SHA512

                                                                                        1ef91c533c93ed39246514be9bb4817bc553f755a08c0f36d6f0f40c31a73ccc1003fb422e4ada109d15048c80abb7da2a13bc5a5557ea189bd528c1e3a9cb2b

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\f9518420-d457-4cdf-9d8d-fb47785747fc.tmp

                                                                                        Filesize

                                                                                        1B

                                                                                        MD5

                                                                                        5058f1af8388633f609cadb75a75dc9d

                                                                                        SHA1

                                                                                        3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                        SHA256

                                                                                        cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                        SHA512

                                                                                        0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json

                                                                                        Filesize

                                                                                        40KB

                                                                                        MD5

                                                                                        1a06e08dfed875c7c748f64c025271e4

                                                                                        SHA1

                                                                                        59a6141df43098a3c310c1270a7ff7f0cef5835d

                                                                                        SHA256

                                                                                        43e05d187b826422c36e4c9acb77808bca80e7cde5b84a686b93eb2437984c97

                                                                                        SHA512

                                                                                        8c719eefed7204e7938525652ff9fdf70278bdcfe004cb8d2860a20545410f1833cc1af03b84a4073b520557a367bbeae996514d1a855da0ebfe95c6a600ad71

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe58a1c9.TMP

                                                                                        Filesize

                                                                                        24KB

                                                                                        MD5

                                                                                        1d59a0a6c415adab506916c65a193662

                                                                                        SHA1

                                                                                        af5ad5bcca658cee30578922da38de57ebea9747

                                                                                        SHA256

                                                                                        1281e37e94ff1db893a3c5ae1aaf5f3d04448abaa0cc394c7485dbee4cdca616

                                                                                        SHA512

                                                                                        0ff4c4fdc59bc138b502e27146b9ac40803a6726d34a65d35e577c123d2f72c7b6fa324dce0346e32d6514a9388927cda49d852d44642afb54c4bfce970f2dfd

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_0

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        cf89d16bb9107c631daabf0c0ee58efb

                                                                                        SHA1

                                                                                        3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                                        SHA256

                                                                                        d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                                        SHA512

                                                                                        8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_1

                                                                                        Filesize

                                                                                        264KB

                                                                                        MD5

                                                                                        d0d388f3865d0523e451d6ba0be34cc4

                                                                                        SHA1

                                                                                        8571c6a52aacc2747c048e3419e5657b74612995

                                                                                        SHA256

                                                                                        902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

                                                                                        SHA512

                                                                                        376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_2

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        0962291d6d367570bee5454721c17e11

                                                                                        SHA1

                                                                                        59d10a893ef321a706a9255176761366115bedcb

                                                                                        SHA256

                                                                                        ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                        SHA512

                                                                                        f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                      • C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\GrShaderCache\data_3

                                                                                        Filesize

                                                                                        8KB

                                                                                        MD5

                                                                                        41876349cb12d6db992f1309f22df3f0

                                                                                        SHA1

                                                                                        5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                        SHA256

                                                                                        e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                        SHA512

                                                                                        e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                      • C:\Users\Admin\AppData\Roaming\Yandex\ui

                                                                                        Filesize

                                                                                        38B

                                                                                        MD5

                                                                                        ee7adeb6130218042cf81fc772b180a4

                                                                                        SHA1

                                                                                        afc73e3e84ce451a4a8c3d5ac27221c077a9286d

                                                                                        SHA256

                                                                                        ee6049f4221bfdbd94a2de0973ca39d89ae960773736b73af96895c4be5ffd9e

                                                                                        SHA512

                                                                                        6d6e02f2579420d7d08b39dd1115b6f3466d26fc44ede83c03feb81cacd4a5cc7fc218600ed4983998ef898826af986d213f9f19705f720a98ea3788d18b0f3c

                                                                                      • C:\Windows\Temp\sdwra_5292_470211609\service_update.exe

                                                                                        Filesize

                                                                                        3.2MB

                                                                                        MD5

                                                                                        bf41f8b435b3f60dc71829aa4cbd73f4

                                                                                        SHA1

                                                                                        33079b8e8525872b0640b727541112b6bb83cc11

                                                                                        SHA256

                                                                                        f2c822e9e553d0432be8acb4cc561743b49fe11c6bb07a6d730a88bbddd40adb

                                                                                        SHA512

                                                                                        ace1bd09acd2967c3b331cc173903d81ec7fbda4318a833627b0ef307e1f9cc4af1491a95f64e24394d1230e21364cd3a505cc39196be105de38e1752734d208

                                                                                      • memory/5928-2923-0x00000000113D0000-0x0000000011402000-memory.dmp

                                                                                        Filesize

                                                                                        200KB

                                                                                      • memory/5928-3240-0x00000000113D0000-0x0000000011402000-memory.dmp

                                                                                        Filesize

                                                                                        200KB

                                                                                      • memory/5928-2922-0x0000000008EC0000-0x0000000008ECB000-memory.dmp

                                                                                        Filesize

                                                                                        44KB