chrome.exe

Chromium

The Chromium Authors

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Chromium’. This is installed with Chromium. The file has been seen being downloaded from myaccount.dropsend.com.
Publisher:
The Chromium Authors

Product:
Chromium

Version:
50.0.2632.0

MD5:
8faa4710621b352805d284346396e70c

SHA-1:
8fd53a27ffd23e19a19974a6b78b297479857b26

SHA-256:
4162e0dd500d8c0b5e86313cd93a10616ad06324451025641b340cfa5fec5d44

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:11:30 PM UTC  (today)

File size:
1019 KB (1,043,456 bytes)

Product version:
50.0.2632.0

Copyright:
Copyright 2015 The Chromium Authors. All rights reserved.

Original file name:
chrome.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\chromium\application\chrome.exe

File PE Metadata
Compilation timestamp:
1/26/2016 1:45:36 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:HcgGufB/m9XsKcqLkAexZNsXXh+LW+6o:HcyfB/QXsKc/AexZNcx+LWe

Entry address:
0x7B6CE

Entry point:
E8, FC, D9, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 53, 56, 8B, 4C, 24, 0C, 8B, 54, 24, 10, 8B, 5C, 24, 14, F7, C3, FF, FF, FF, FF, 74, 51, 2B, CA, F7, C2, 03, 00, 00, 00, 74, 18, 0F, B6, 04, 0A, 3A, 02, 75, 48, 85, C0, 0F, 44, D8, 42, 83, EB, 01, 76, 34, F6, C2, 03, 75, E8, 8D, 04, 0A, 25, FF, 0F, 00, 00, 3D, FC, 0F, 00, 00, 77, D9, 8B, 04, 0A, 3B, 02, 75, D2, 83, EB, 04, 76, 14, 8D, B0, FF, FE, FE, FE, 83, C2, 04, F7, D0, 23, C6, A9, 80, 80, 80, 80, 74, D1, 33, C0, 5E, 5B, C3, 8D, 64...
 
[+]

Entropy:
6.5982

Code size:
648 KB (663,552 bytes)

51 Scheduled Tasks
Task name:
Chromium_Reg_HKCURun_SID

Path:
\CareCenter\Chromium_Reg_HKCURun_SID

Trigger:
Logon (Runs on logon)

Description:
Chromium

Task name:
GoogleChromeAutoLaunch

Path:
\CareCenter\GoogleChromeAutoLaunch_F813685C921F5607D5DA0E7FFF80B01E_Reg_HKCURun_SID

Trigger:
Logon (Runs on logon)

Description:
Chromium

Task name:
RebateAll 1D

Trigger:
Time

Task name:
AION 1D

Trigger:
Time

Task name:
AION NF Saturday

Trigger:
Time

Task name:
AION NF Sunday

Trigger:
Time


7 Shell Open Commands
Open type:
ftp

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"

Open type:
http

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"

Open type:
https

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"

Open type:
mailto

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"

Open type:
news

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"

Open type:
nntp

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" -- "%1"


21 Startup Files (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Chromium

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GoogleChromeAutoLaunch

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session --restore-last-session

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GOOGLECHROMEAUTOLAUNCH_53FF3A51F02B7F7EC903F2E2C6F2E467

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session --restore-last-session

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GOOGLECHROMEAUTOLAUNCH_1C81D0A84C4EDAE1EA1BC52AD0E35B4C

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session --restore-last-session

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GOOGLECHROMEAUTOLAUNCH_7B5339D9A2B9C06DBAEDF9AB923EF570

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session --restore-last-session

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GOOGLECHROMEAUTOLAUNCH_9C9AED7A0567DFE0914680DF4C4F90AE

Command:
"C:\users\{user}\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="default" --restore-last-session --restore-last-session


4 Startup Files (User Run Once)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
Application Restart #1

Command:
C:\users\{user}\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=default --restore-last-session --use-new-edk --flag-switches-begin --flag-switches-end

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
Application Restart #2

Command:
C:\users\{user}\appdata\local\chromium\application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session httC:\www.yoursites123.com\?type=sc&ts=1449715808&z=e5897339c26d9836d266c

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
Application Restart #0

Command:
C:\users\{user}\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=default --restore-last-session --use-new-edk --flag-switches-begin --flag-switches-end

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
Application Restart #3

Command:
C:\users\{user}\appdata\local\chromium\application\chrome.exe --use-new-edk --flag-switches-begin --flag-switches-end --restore-last-session httC:\redirect.pmcdn.info\pfintermediate.html?type=quick&to


The file chrome.exe has been discovered within the following program.

Chromium  by The Chromium Project
Chromium is the open source web browser project from which Google Chrome draws its source code. The browsers share the majority of code and features, though there are some minor differences.
www.chromium.org
About 3% of users remove it
 
Powered by Should I Remove It?

The file chrome.exe has been seen being distributed by the following URL.

Scan chrome.exe - Powered by Reason Core Security