» chrome.exe
Overview
Analysis
File Details
Behaviors (28)
Programs (1)
Downloads (4)

chrome.exe

Google Chrome

Google Inc

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘D6E85B88FB1069C5726446C1AE6B6C1EC9C0D683._service_run’. This is installed with Google Chrome. The file has been seen being downloaded from mail.google.com and multiple other hosts.

File name:

chrome.exe

Publisher:

Google Inc. (signed by Google Inc)

Product:

Google Chrome

Version:

36.0.1985.143

MD5:

0bdae865738d27a4d84d50591c8c9d2d

SHA-1:

613a51cc90b9b4be8d556c2342027bfeec9bf66e

SHA-256:

70010eba09129858af32f03079e70e974ebff8700f5f93dca2ec8a6b0991e2ac

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/26/2024 1:06:43 PM UTC (today)

File size:

840.3 KB (860,488 bytes)

Product version:

36.0.1985.143

Original file name:

chrome.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\google\chrome\application\chrome.exe

Digital Signature

Signed by:

Google Inc

Authority:

VeriSign, Inc.

Valid from:

1/28/2014 4:00:00 PM

Valid to:

1/29/2016 3:59:59 PM

Subject:

CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2912C70C9A2B8A3EF6F6074662D68B8D

File PE Metadata

Compilation timestamp:

8/6/2014 7:31:49 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:9Mu8RceKgFRppBEb8lO0UivLbB4wFl92P/YbQv2ZyldrWa/oZbBoTYKpuuSSV4KP:9MPzl+ForIYu+KloWOY

Entry address:

0x49C8F

Entry point:

E8, 80, AD, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 99, F7, 7D, 0C, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, 55, 8B, EC, 83, EC, 14, 53, 56, 33, DB, 57, 8B, 7D, 08, 89, 5D, F8, 89, 5D, F4, 89, 5D, FC, 85, FF, 75, 18, E8, 0F, 1E, 00, 00, 6A, 16, 5E, 89, 30, E8, 9A, EC, FF, FF, 8B... 
[+]

Entropy:

6.4078

Code size:

404.5 KB (414,208 bytes)

13 Scheduled Tasks

Task name:

{2B334A61-A529-4079-8182-579D713FAE19}

Trigger:

Registration (Runs on registration)

Action:

chrome.exe httC:\ui.skype.com\ui\0\6.1.0.129.272\pl\go\help.

Task name:

Open Chrome

Action:

chrome.exe --new-window

Task name:

Trigger:

Registration (Runs on registration)

Task name:

UNELEVATE_22205

Path:

C:\WINDOWS\Tasks\UNELEVATE_22205.job

Trigger:

Time (Next runs on 1/1/0001 at 12:00 AM)

Action:

chrome.exe httC:\www-youtubeaccelerator.com\finishinstall\?a

Task name:

UNELEVATE_2243

Path:

C:\WINDOWS\Tasks\UNELEVATE_2243.job

Trigger:

Time (Next runs on 1/1/0001 at 12:00 AM)

Action:

chrome.exe httC:\www-youtubeaccelerator.com\finishinstall\?a

Task name:

UNELEVATE_25143

Path:

C:\WINDOWS\Tasks\UNELEVATE_25143.job

Trigger:

Time (Next runs on 1/1/0001 at 12:00 AM)

Action:

chrome.exe httC:\www-youtubedownloader.com\finishinstall\?af

4 Shell Open Commands

Open type:

ftp

Command:

"C:\Program Files\google\chrome\application\chrome.exe" -- "%1"

Open type:

http

Command:

"C:\Program Files\google\chrome\application\chrome.exe" -- "%1"

Open type:

https

Command:

"C:\Program Files\google\chrome\application\chrome.exe" -- "%1"

Open type:

mailto

Command:

"C:\Program Files\google\chrome\application\chrome.exe" -- "%1"

11 Startup Files (User Run)

Registry location: