online.exe

Я.Онлайн

OOO Yandex

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘YandexOnline’.
Publisher:
ООО Яндекс  (signed by OOO Yandex)

Product:
Я.Онлайн

Version:
2, 9, 6, 548

MD5:
ae479b45b9f05fef9d3f2be578523e84

SHA-1:
927b296e1a43a67fc478ed06743ab5e40247d80d

SHA-256:
4ee5028fbddfac717257245a9aea8dd8ec70dda7d59fea23b61af5bbab8795bb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:39:17 PM UTC  (today)

File size:
2.2 MB (2,267,912 bytes)

Product version:
2, 9, 6, 548

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\yandex\online\online.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/22/2007 3:00:00 AM

Valid to:
2/5/2010 2:59:59 AM

Subject:
CN=OOO Yandex, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OOO Yandex, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0EDF623F38757683D4FBF756F79369B4

File PE Metadata
Compilation timestamp:
10/15/2009 4:35:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x154C

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 98, 50, 58, 00, A1, 8B, 50, 58, 00, C1, E0, 02, A3, 8F, 50, 58, 00, 52, 6A, 00, E8, D5, 26, 18, 00, 8B, D0, E8, 42, 5B, 14, 00, 5A, E8, A0, 5A, 14, 00, E8, 77, 5B, 14, 00, 6A, 00, E8, 9C, 82, 14, 00, 59, 68, 34, 50, 58, 00, 6A, 00, E8, AF, 26, 18, 00, A3, 93, 50, 58, 00, 6A, 00, E9, 83, 31, 15, 00, E9, CA, 82, 14, 00, 33, C0, A0, 7D, 50, 58, 00, C3, A1, 93, 50, 58, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, B4, 00, 00, 00, 0B, C9...
 
[+]

Code size:
1.5 MB (1,589,248 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
YandexOnline

Command:
"C:\Program Files\yandex\online\online.exe" -autostart


Scan online.exe - Powered by Reason Core Security