Created
April 12, 2025 23:39
-
-
Save adeii/dcac55a821861fc8079dbab113ff76db to your computer and use it in GitHub Desktop.
Yandex 25.2 x86 on Win 7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Yandex 132.x x86 | |
| ------------------------ | |
| browser.exe <--- Enable VxKex | |
| =========== | |
| b8: 06 | |
| C0: 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| 55 89 E5 53 57 56 83 EC 18 89 D6 89 CF A1 40 E0 -- 55 89 E5 53 57 56 83 EC 78 89 D6 89 CF A1 40 E0 | |
| 6F 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 E0 F3 0F -- 6F 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 A0 F3 0F | |
| 7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 10 50 FF -- 7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 20 50 FF | |
| .. | |
| 83 3B 10 0F 94 C3 20 C3 80 FB 01 75 27 80 7D E0 -- 83 3B 20 0F 94 C3 20 C3 80 FB 01 75 27 80 7D A0 | |
| .. | |
| 89 4D E1 29 D0 83 C0 13 89 47 18 F3 0F 6F 45 E0 -- 89 4D E1 29 D0 83 C0 13 89 47 18 E9 37 91 06 00 | |
| .. | |
| 83 C4 18 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC -- 83 C4 78 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC | |
| F9 E8 8A 1C 01 00 8D 8D 44 FF FF FF 84 C0 74 0A -- F9 E8 8A 1C 01 00 8D 8D 44 FF FF FF 90 90 90 90 | |
| CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC -- | |
| CC CC CC CC CC CC CC F3 0F 6F 45 A0 F3 0F 7F 06 F3 0F 6F 45 B0 F3 0F 7F 46 10 E9 B5 6E F9 FF CC | |
| FF E0 CC CC F3 0F 6F 45 A0 F3 0F 7F 06 F3 0F 6F 45 B0 F3 0F 7F 46 10 E9 B5 7E F7 FF CC | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) | |
| USERENV.dll -> USERENX.dll (hidden) | |
| KERNEL32.dll -> KERNEL64.dll (CFF explorer-Import directory) | |
| ------------------------------------------------------------------------- | |
| ------------------------------------------------------------------------- | |
| browser_elf.dll | |
| ============== | |
| b8: 06 | |
| C0: 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 (62->78) x2 | |
| KERNEL32.dll -> KERNEL64.dll | |
| ------------------------------------------------------------------------- | |
| browser.dll | |
| =========== | |
| browser.dll | |
| ----------- | |
| Kernel64.dll EnumDateFormatsExEx > EnumResourceNamesW | |
| EnumResourceLanguagesW > EnumResourceNamesW | |
| GetCompressedFileSize* > GetFileSize | |
| GetFinalPathNameByHandleA > GetFinalPathNameByHandleW | |
| GetSystemTimes > GetSystemTime | |
| SetFileAPIStoASCII > SetFileTime | |
| SetFileAPIStoOEM > SetFileTime | |
| SetFileAttributesA > SetFileAttributesW | |
| WS2_32.dll GetHostNameW -> gethostname | |
| 85 C0 74 4E 31 F6 B8 0A 00 00 00 56 50 FF 75 DC -- 90 90 90 90 31 F6 B8 0A 00 00 00 56 50 FF 75 DC | |
| FF D1 31 FF 80 BD EC FE FF FF 00 0F 85 06 07 00 00 C7 85 00 FF FF FF 00 00 00 00 F6 85 E4 FE FF -- | |
| FF D1 31 FF 80 BD EC FE FF FF 00 90 90 90 90 90 90 C7 85 00 FF FF FF 00 00 00 00 F6 85 E4 FE FF | |
| FE FF FF 00 0F 85 06 --ima kao 2 | |
| 8D 55 08 83 C4 04 84 C0 B8 02 08 00 00 B9 00 09 00 00 0F 45 C8 89 4D E4 E9 A7 FA FF FF 8D 45 10 --+ | |
| 8D 55 08 83 C4 04 84 C0 B8 02 08 00 00 B9 00 00 00 00 0F 45 C8 89 4D E4 E9 A7 FA FF FF 8D 45 10 | |
| 1B 31 E8 89 45 F0 8B 07 F7 47 20 40 00 20 00 0F 85 30 01 00 00 8D 5D 3C 89 45 D4 C7 00 FF FF FF -- | |
| 1B 31 E8 89 45 F0 8B 07 90 90 90 90 90 90 90 90 90 90 90 90 90 8D 5D 3C 89 45 D4 C7 00 FF FF FF | |
| 1C 31 E8 89 45 F0 8B 07 F7 47 20 40 00 20 00 74 0A 83 7F 38 00 0F 84 63 01 00 00 8D 5D 3C 89 45 Y25 | |
| FF FF CC CC CC CC CC CC CC CC CC CC CC CC CC CC | |
| 55 89 E5 53 57 56 83 EC 28 A1 40 30 DE 1B 31 E8 -- B8 07 00 00 00 C3 83 EC 28 A1 40 30 DE 1B 31 E8--ima10 | |
| 00 31 C0 40 50 53 68 0F 00 00 10 50 FF 75 D8 FF -- nema | |
| 00 31 C0 40 50 53 68 0F 00 00 00 50 FF 75 D8 FF | |
| B5 DD 1B 85 C0 74 3B 8B 45 E8 8B 4D EC 89 C2 09 -- B5 DD 1B 90 90 90 90 8B 45 E8 8B 4D EC 89 C2 09 | |
| 3F AD 1C 85 C0 74 3B 8B 45 E8 8B 4D EC 89 C2 09 Y25 | |
| DC 2B 06 84 C0 0F 85 B1 FA FF FF CC 0F 0B 6A 2A -- | |
| DC 2B 06 84 C0 E9 B2 FA FF FF 90 CC 0F 0B 6A 2A | |
| 85 C0 0F 85 B1 FA FF FF --ima2 | |
| 74 24 20 FF 15 4C B3 DD 1B 85 FF 0F 94 C0 83 7C 24 04 00 0F 95 C1 30 C1 0F 84 B6 01 00 00 89 64 -- | |
| 74 24 20 FF 15 4C B3 DD 1B 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 64 | |
| 74 24 20 FF 15 94 3D AD 1C 85 F6 0F 94 C0 83 7C 24 04 00 0F 95 C1 30 C1 0F 84 A9 01 00 00 89 64 Y25 | |
| CF 00 01 00 0F A3 CA 73 0B 8B 0C 85 D8 71 3E 1B -- | |
| CF 00 01 00 0F A3 CA 90 90 8B 0C 85 D8 71 3E 1B | |
| 04 00 00 00 83 FA 09 73 0B 8B 0C 85 C8 BE 18 1C Y25?? | |
| 30 DE 1B 31 E8 89 44 24 28 E8 22 5F BA 00 83 F8 02 0F 85 28 01 00 00 8D 7C 24 24 C7 07 04 00 00 -- | |
| 30 DE 1B 31 E8 89 44 24 28 E8 22 5F BA 00 90 90 90 90 90 90 90 90 90 8D 7C 24 24 C7 07 04 00 00 | |
| .. (x7) | |
| 83 F8 02 0F 85 AC 00 00 00 89 F1 BA FF FF 00 80 -- 90 90 90 90 90 90 90 90 90 89 F1 BA FF FF 00 80 | |
| EB D1 E8 89 5E BA 00 83 F8 02 74 ED E9 97 00 00 -- EB D1 E8 89 5E BA 00 83 F8 02 EB ED E9 97 00 00 | |
| CC CC | |
| 55 89 E5 53 57 56 83 E4 F8 81 EC C0 00 00 00 89 -- B8 01 00 00 00 C2 04 00 90 81 EC C0 00 00 00 89 | |
| .. | |
| EC 5C BA 00 83 F8 02 0F 85 3C 01 00 00 8B 7D 08 -- EC 5C BA 00 90 90 90 90 90 90 90 90 90 8B 7D 08 | |
| DE 1B 31 E8 89 45 F0 E8 84 5B BA 00 83 F8 02 0F -- DE 1B 31 E8 89 45 F0 E8 84 5B BA 00 90 90 90 90 | |
| 85 2B 01 00 00 89 75 C8 8B 77 48 85 F6 74 15 C7 -- 90 90 90 90 90 89 75 C8 8B 77 48 85 F6 74 15 C7 | |
| AD 1C 31 E8 89 45 F0 E8 94 DD D1 00 83 F8 02 0F Y25 | |
| 85 2B 01 00 00 89 75 C8 8B 77 48 85 F6 74 15 C7 Y25 | |
| 01 00 00 E8 18 5A BA 00 83 F8 02 0F 85 AF 03 00 -- 01 00 00 E8 18 5A BA 00 90 90 90 90 90 90 90 90 | |
| 00 31 C0 48 8D BC 24 30 01 00 00 89 47 04 89 07 -- 90 31 C0 48 8D BC 24 30 01 00 00 89 47 04 89 07 | |
| 01 00 00 E8 28 DC D1 00 83 F8 02 0F 85 86 03 00 Y25 | |
| 00 31 C0 48 8D BC 24 30 01 00 00 89 47 04 89 07 Y25 | |
| DE 1B 31 E8 89 45 F0 E8 34 56 BA 00 83 F8 02 0F 85 D3 00 00 00 89 D9 E8 14 07 00 00 8D 55 EC C7 -- | |
| DE 1B 31 E8 89 45 F0 E8 34 56 BA 00 90 90 90 90 90 90 90 90 90 89 D9 E8 14 07 00 00 8D 55 EC C7 | |
| AD 1C 31 E8 89 45 F0 E8 74 D8 D1 00 83 F8 02 0F 85 D3 00 00 00 89 D9 E8 04 07 00 00 8D 55 EC C7 Y25 | |
| CC CC | |
| 55 89 E5 56 89 CE E8 85 D7 D1 00 83 F8 02 75 12 -- 55 89 E5 56 89 CE E8 85 D7 D1 00 90 90 90 90 90 | |
| .. (x3) | |
| E8 89 45 F4 E8 07 55 BA 00 83 F8 02 75 37 8D 55 -- E8 89 45 F4 E8 07 55 BA 00 90 90 90 90 90 8D 55 | |
| .. (x3) | |
| CC CC | |
| 55 89 E5 53 56 89 CE E8 F4 D6 D1 00 83 F8 02 75 21 89 F1 E8 28 05 00 00 89 C3 84 C0 75 06 89 D8 -- Y25 | |
| 55 89 E5 53 56 89 CE E8 F4 D6 D1 00 90 90 90 90 90 89 F1 E8 28 05 00 00 89 C3 84 C0 75 06 89 D8 | |
| .. (x3) | |
| E8 89 45 F4 E8 A7 D6 D1 00 83 F8 02 75 69 8D 55 -- | |
| E8 89 45 F4 E8 A7 D6 D1 00 90 90 90 90 90 8D 55 | |
| .. (x8) | |
| 30 DE 1B 31 E8 89 44 24 38 E8 D2 53 BA 00 83 F8 02 0F 85 16 01 00 00 8D 5C 24 20 53 E8 EF 45 48 -- | |
| 30 DE 1B 31 E8 89 44 24 38 E8 D2 53 BA 00 90 90 90 90 90 90 90 90 90 8D 5C 24 20 53 E8 EF 45 48 | |
| F0 AD 1C 31 E8 89 44 24 38 E8 12 D6 D1 00 83 F8 02 0F 85 08 01 00 00 8D 5C 24 20 53 E8 CF 0D 0A Y25 | |
| 30 DE 1B 31 E8 89 44 24 48 E8 42 51 BA 00 83 F8 02 0F 85 10 01 00 00 8B 7E 4C 8B 07 8B 48 24 FF -- | |
| 30 DE 1B 31 E8 89 44 24 48 E8 42 51 BA 00 90 90 90 90 90 90 90 90 90 8B 7E 4C 8B 07 8B 48 24 FF | |
| F0 AD 1C 31 E8 89 44 24 48 E8 92 D3 D1 00 83 F8 02 0F 85 10 01 00 00 8B 7E 4C 8B 07 8B 48 24 FF Y25 | |
| 30 DE 1B 31 E8 89 44 24 08 E8 62 4F BA 00 83 F8 02 75 44 89 E7 57 E8 85 41 48 FB 83 C4 04 8B 46 -- | |
| 30 DE 1B 31 E8 89 44 24 08 E8 62 4F BA 00 90 90 90 90 90 89 E7 57 E8 85 41 48 FB 83 C4 04 8B 46 | |
| F0 AD 1C 31 E8 89 44 24 08 E8 B2 D1 D1 00 83 F8 02 75 44 89 E7 57 E8 75 09 0A FA 83 C4 04 8B 46 Y25 | |
| 30 DE 1B 31 E8 89 44 24 20 E8 F2 4E BA 00 83 F8 02 0F 85 BE 00 00 00 89 34 24 83 7E 48 00 0F 84 -- | |
| 30 DE 1B 31 E8 89 44 24 20 E8 F2 4E BA 00 90 90 90 90 90 90 90 90 90 89 34 24 83 7E 48 00 0F 84 | |
| F0 AD 1C 31 E8 89 44 24 20 E8 42 D1 D1 00 83 F8 02 0F 85 BE 00 00 00 89 34 24 83 7E 48 00 0F 84 Y25 | |
| DE 1B 31 E8 89 45 F0 E8 04 4E BA 00 83 F8 02 0F 85 7E 01 00 00 89 7D C8 8B 76 48 85 F6 0F 84 73 -- | |
| DE 1B 31 E8 89 45 F0 E8 04 4E BA 00 90 90 90 90 90 90 90 90 90 89 7D C8 8B 76 48 85 F6 0F 84 73 | |
| AD 1C 31 E8 89 45 F0 E8 54 D0 D1 00 83 F8 02 0F 85 7E 01 00 00 89 7D C8 8B 76 48 85 F6 0F 84 73 Y25 | |
| DE 1B 31 E8 89 45 F0 E8 54 4C BA 00 83 F8 02 0F 85 3B 01 00 00 31 DB 8D 45 D4 89 18 89 58 04 89 -- | |
| DE 1B 31 E8 89 45 F0 E8 54 4C BA 00 90 90 90 90 90 90 90 90 90 31 DB 8D 45 D4 89 18 89 58 04 89 | |
| AD 1C 31 E8 89 45 F0 E8 A4 CE D1 00 83 F8 02 0F 85 3B 01 00 00 31 DB 8D 45 D4 89 18 89 58 04 89 Y25 | |
| 30 DE 1B 31 E8 89 45 F0 E8 42 49 BA 00 83 F8 02 0F 85 CB 01 00 00 31 C0 48 8D 75 E4 89 06 89 -- | |
| 30 DE 1B 31 E8 89 45 F0 E8 42 49 BA 00 90 90 90 90 90 90 90 90 90 31 C0 48 8D 75 E4 89 06 89 | |
| F0 AD 1C 31 E8 89 45 F0 E8 92 CB D1 00 83 F8 02 0F 85 CB 01 00 00 31 C0 48 8D 75 E4 89 06 89 Y25 | |
| C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 -> 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48 | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 (62->78) | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) | |
| bcryptprimitives.dll -> xcryptprimitives.dll (hidden) | |
| user32.dll -> user64.dll (hidden) | |
| mfplat.dll -> xfplat.dll (hidden) | |
| netapi32.dll -> netapi64.dll (hidden) | |
| kernel32.dll -> kernel64.dll | |
| userenv.dll -> userenx.dll | |
| winhttp.dll -> winxttp.dll | |
| ------------------------------------------------------------------------- | |
| chrome_wer.exe | |
| ======================= | |
| B8- Major Subsystem --> 06 | |
| C0- Major Subsystem --> 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| ------------------------------------------------------------------------- | |
| chrome_pwa_launcher.exe | |
| ======================= | |
| B8- Major Subsystem --> 06 | |
| C0- Major Subsystem --> 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) | |
| KERNEL32.dll -> KERNEL64.dll | |
| ------------------------------------------------------------------------- | |
| notification_helper.exe | |
| ======================= | |
| b8: 06 | |
| C0: 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2 | |
| KERNEL32.dll -> KERNEL64.dll | |
| ------------------------------------------------------------------------- | |
| mojo_core.dll | |
| ============= | |
| b8: 06 | |
| C0: 06 | |
| 110-Security Directory RVA / Size --> 00000000 | |
| b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2 | |
| KERNEL32.dll -> KERNEL64.dll | |
| ----------------------------------------------------------------- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment