home

yandexpacksetup.exe

Windows Installer XML

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
Windows Installer XML

Description:
Software Installer

Version:
3.0.5419.0

MD5:
fdfb3dc66801f80e59657d062af33512

SHA-1:
2b63da6228c4f37781271484166407392de7f8c2

SHA-256:
6bc5b93ed7120a085a0c22435ba6b01ce918049afc5994c28698fcc5e92d65ff

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 8:02:38 AM UTC  (today)

File size:
3.2 MB (3,337,528 bytes)

Product version:
3.0.5419.0

Copyright:
Copyright (c) Microsoft Corporation.  All rights reserved.

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\yandexpacksetup.exe

File PE Metadata
Compilation timestamp:
10/15/2014 9:02:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Z7oV8oxm12f9cb98cJ7kk/LCTe/mrWqykA+P8tPcHYmfm4swicTnTM+je:Z7oV8nYlWTzkAIo4sTcT

Entry address:
0x1613E

Entry point:
86, F5, F6, C5, 76, 0F, AF, F0, F7, C3, D1, 18, F1, 81, F6, C7, 57, 24, F4, 8D, 05, 03, B6, 39, CB, 8A, F3, 19, DB, 88, F5, 15, 1E, E9, 9C, 1F, B7, C1, 8B, F5, 8D, 05, 4D, 24, D7, 08, C7, C6, CC, C5, C4, DF, 4B, E8, 00, 00, 00, 00, B8, 7C, 4B, FF, BC, FF, CE, 8D, 0D, 5E, 64, 67, EF, F3, 3C, 56, 8D, 2D, E0, 24, 0D, C9, 0F, AF, DB, 8A, DB, 81, F7, F3, 00, 00, 00, 0F, BF, ED, 58, 89, CB, F7, C2, 56, 71, 09, DA, C6, C3, 4B, 88, EB, FF, C6, 81, CF, 88, 4D, 72, 28, 43, 45, EB, 02, 88, D7, 13, FE, 89, EB, C7, C3...
 
[+]

Entropy:
6.7808

Code size:
168.5 KB (172,544 bytes)

The file yandexpacksetup.exe has been seen being distributed by the following URL.

http://cache-default02d.cdn.yandex.net/downloader.yandex.net/yandex-pack/.../YandexPackSetup.exe

Scan yandexpacksetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.