» chrome.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

chrome.exe

Google Chrome

Google Inc

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘GoogleChromeAutoLaunch’. This is installed with Google Chrome Canary.

File name:

chrome.exe

Publisher:

Google Inc. (signed by Google Inc)

Product:

Google Chrome

Version:

34.0.1813.0

MD5:

74bfe533161e92073172dd38860f803b

SHA-1:

bd1c2c0324dbfa81baa85ab3d9a48e1d7fbeb451

SHA-256:

6fa0779ee4a65f45ef0a9132ae39fa69021797b9f69add5a6d8c453a547de245

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

5/11/2024 2:52:00 AM UTC (today)

File size:

822.8 KB (842,568 bytes)

Product version:

34.0.1813.0

Original file name:

chrome.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\google\chrome sxs\application\chrome.exe

Digital Signature

Signed by:

Google Inc

Authority:

VeriSign, Inc.

Valid from:

1/28/2014 7:00:00 PM

Valid to:

1/28/2017 6:59:59 PM

Subject:

CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5A327DEF2C461ACF55FC354285E3B1FA

File PE Metadata

Compilation timestamp:

1/30/2014 2:21:45 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:EArak9pZdA2VSSfP1J0ApLlWckZePBuqb8eOwv3yzijuNbl4fKKdOtmcoJjXYvDm:EAeks4rPdOwv3yzijWdwEoJMhfKlW5Fm

Entry address:

0x47C02

Entry point:

E8, AF, B4, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 99, F7, 7D, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 04, 53, 46, 00, 57, FF, 35, 54, 64, 49, 00, FF, D6, FF, 35, 50, 64, 49, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE... 
[+]

Entropy:

6.4128

Code size:

398 KB (407,552 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

GoogleChromeAutoLaunch

Command:

"C:\users\{user}\appdata\local\google\chrome sxs\application\chrome.exe" --no-startup-window

The file chrome.exe has been discovered within the following programs.

Google Chrome Canary by Google Inc

Publisher's description - “The canary build is less stable, but with even more cutting-edge features than the developer's build, which tests new features before they're pushed to the beta build. It should only be used by those who are willing to risk browsing data loss.”

www.google.com/intl/en/chrome/browser/canary.html

7% remove it

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.