home

chrome.exe

Google Chrome

Google Inc

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. This is installed with Google Chrome. The file has been seen being downloaded from poczta.onet.pl and multiple other hosts.
Publisher:
Google Inc.  (signed by Google Inc)

Product:
Google Chrome

Version:
50.0.2661.102

MD5:
455927608c21945849e1a3e35e36671f

SHA-1:
e039ada866a953d05d503ca0ad66398de0c9926b

SHA-256:
b62b306d350848ab5cb7a1d3deeb06040e84ae57f61ec69377f90f6f0f7ed975

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/27/2024 3:33:59 AM UTC  (today)

File size:
860.6 KB (881,304 bytes)

Product version:
50.0.2661.102

Copyright:
Copyright 2015 Google Inc. All rights reserved.

Original file name:
chrome.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\google\chrome\application\chrome.exe

Digital Signature
Signed by:
Google Inc

Authority:
VeriSign, Inc.

Valid from:
12/14/2015 1:00:00 AM

Valid to:
12/15/2016 12:59:59 AM

Subject:
CN=Google Inc, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C40DBA5F988FAE57A57D6457495F98B

File PE Metadata
Compilation timestamp:
5/11/2016 3:56:18 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:COL5hi73/Ee1K9Evr5OmxbNSdZ8DJezLfuaSuaQfBY6/BgDZPINRZas6M6h3C9MD:COLLi1wyaSuvBCq2sB90ImwDtW

Entry address:
0x56B64

Entry point:
E8, 17, 80, 00, 00, E9, 7F, FE, FF, FF, CC, CC, 53, 56, 8B, 4C, 24, 0C, 8B, 54, 24, 10, 8B, 5C, 24, 14, F7, C3, FF, FF, FF, FF, 74, 51, 2B, CA, F7, C2, 03, 00, 00, 00, 74, 18, 0F, B6, 04, 0A, 3A, 02, 75, 48, 85, C0, 0F, 44, D8, 42, 83, EB, 01, 76, 34, F6, C2, 03, 75, E8, 8D, 04, 0A, 25, FF, 0F, 00, 00, 3D, FC, 0F, 00, 00, 77, D9, 8B, 04, 0A, 3B, 02, 75, D2, 83, EB, 04, 76, 14, 8D, B0, FF, FE, FE, FE, 83, C2, 04, F7, D0, 23, C6, A9, 80, 80, 80, 80, 74, D1, 33, C0, 5E, 5B, C3, 8D, 64, 24, 00, 1B, C0, 83, C8...
 
[+]

Code size:
523.5 KB (536,064 bytes)

Scheduled Task
Task name:
{450CB209-65E4-4B47-9D79-EE1CD5784256}

Trigger:
Registration (Runs on registration)


Shell Open Command
Open type:
ftp

Command:
"C:\Program Files\google\chrome\application\chrome.exe" -- "%1"


The file chrome.exe has been discovered within the following programs.

Google Chrome  by Google Inc
Google Chrome is a free web browser developed by Google that uses the WebKit layout engine. It is designed to be secure, fast, simple and stable. Chrome supports plug-ins with the Netscape Plugin Application Programming Interface (NPAPI).
www.google.com/chrome
6% remove it
 
Powered by Should I Remove It?

The file chrome.exe has been seen being distributed by the following 7 URLs.

http://poczta.onet.pl/download.html?kid=62030369&data={"attachments":["576174756:2"],"fn":"getAttachmentsFromAttachmentList"}

https://mega.nz/persistent/.../XwhWXaZb

https://doc-0o-4g-docs.googleusercontent.com/docs/securesc/fn34nqm07k46us1n4usupgj6mitpc0h3/ei107m08t4fbkthtoelogvhiij3uj6n0/1463572800000/.../18301631473112895430/0B_zkHmQHB3MubV8xLVdOMkxQOWM?e=download

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-rz0joDFhX144MpcBfT_ehrrmgZwvbxIcsFVvvld8nKOoNOdENTj2wwf8j2G6W6Dc/messages/@.id==AGJ2w0MAAD5BV0eLbAI2aHV5uDc/content/parts/.../raw?appid=YahooMailNeo&ymreqid=e403098a-7d28-8af0-0154-c80013010000&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBZYmWfdvIerzu-SL4qzp_l-6F676llwJijNHGM9Rx73ng

http://hotspot-shield.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmqKLoZ6ll5o=

https://mega.nz/temporary/.../FglSjAQB

temp:chrome.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.