browser.exe

Yandex

YANDEX LLC

Publisher:
YANDEX LLC  (signed and verified)

Product:
Yandex

Version:
32.0.1700.12114

MD5:
402d9d871041f4a5a8781d802330d2ec

SHA-1:
ec47089b0d24e8156f36cd6debac4cd496f92e5d

SHA-256:
75f81e719c6a6b0f09ff255705d8e528e3b9958a833f65ed2fae95f91d3f4e82

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 4:13:28 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Symmi.37420
8.14.02.15.04

File size:
921.8 KB (943,920 bytes)

Product version:
32.0.1700.12114

Copyright:
Copyright © 2012-2013 YANDEX LLC. All Rights Reserved.

Original file name:
browser.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\yandex\yandexbrowser\application\browser.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/15/2013 4:00:00 AM

Valid to:
1/16/2016 3:59:59 AM

Subject:
CN=YANDEX LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=YANDEX LLC, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3667E158B524C8FFBFE538172786F1E2

File PE Metadata
Compilation timestamp:
2/7/2014 3:07:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:T89FNs2gk4OwvTydyuyGieO17dkzSBomqA:Ak2gFOwvTydyuLiemdk4omr

Entry address:
0x4A0BE

Entry point:
E8, 76, B6, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 4C, 92, 46, 00, 57, FF, 35, 74, 77, 4A, 00, FF, D6, FF, 35, 70, 77, 4A, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, CC, B6, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, BD, 4F, 00, 00, 59, 59, 85, C0, 75, 16, 8D, 43, 10, 3B, C3, 72, 3E, 50, FF, 75, FC, E8...
 
[+]

Code size:
412.5 KB (422,400 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ip94.147.odnoklassniki.ru  (217.20.147.94:80)

TCP (HTTP):
Connects to yandex.ru  (93.158.134.11:80)

TCP (HTTP SSL):
Connects to xiva-daria.mail.yandex.net  (213.180.204.179:443)

TCP (HTTP SSL):
Connects to upload-lb.esams.wikimedia.org  (91.198.174.208:443)

TCP (HTTP):
Connects to text-lb.esams.wikimedia.org  (91.198.174.192:80)

TCP (HTTP):
Connects to storage.ape.yandex.net  (213.180.204.55:80)

TCP (HTTP):
Connects to srv230-131.vkontakte.ru  (87.240.134.230:80)

TCP (HTTP):
Connects to srv120-131.vkontakte.ru  (87.240.131.120:80)

TCP (HTTP):
Connects to scl03s06-in-f15.1e100.net  (173.194.42.239:80)

TCP (HTTP):
Connects to par03s13-in-f8.1e100.net  (173.194.45.72:80)

TCP (HTTP):
Connects to par03s13-in-f7.1e100.net  (173.194.45.71:80)

TCP (HTTP SSL):
Connects to par03s13-in-f6.1e100.net  (173.194.45.70:443)

TCP (HTTP):
Connects to par03s13-in-f5.1e100.net  (173.194.45.69:80)

TCP (HTTP):
Connects to par03s13-in-f4.1e100.net  (173.194.45.68:80)

TCP (HTTP):
Connects to par03s13-in-f28.1e100.net  (173.194.45.92:80)

TCP (HTTP SSL):
Connects to par03s13-in-f12.1e100.net  (173.194.45.76:443)

TCP (HTTP SSL):
Connects to ntt-2.lastpass.com  (128.121.22.133:443)

TCP (HTTP):
Connects to mc.yandex.ru  (87.250.251.119:80)

TCP (HTTP SSL):
Connects to mailstatic.yandex.net  (213.180.193.87:443)

TCP (HTTP SSL):
Connects to mail.yandex.ru  (213.180.204.25:443)

Scan browser.exe - Powered by Reason Core Security