chrmstp.exe

  • File Path: C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe
  • Description: Google Chrome Installer

Hashes

Type Hash
MD5 5EB7D6AA57A71781710485717702A57A
SHA1 69AA3FA8DFA326DA38A2E0E9B2A8AC464B16C8F0
SHA256 7CBE211A4A539659D66B471FC43FA66DE772A877494A0BB877515A3589E9DA2C
SHA384 124791CEDCD63BEE1C1DD3D0EA56F0123CFE46155AD6D901E95532D98CDC5237D03AE940A559F46F7BC3BDB7658E662F
SHA512 DA06DCA5515D1CE5D82A44A7EB7BA49806EB41DC6B9BD05FE3A47AED30793A5BC72719C3CB4529D1A78666B5CF19B868EE8F62EB41984E847D384D31ECE3D6BB
SSDEEP 49152:YdEzORq0lX00QRotp+h47SpLd2IKE8pkvT+oTqK4YRZpao3VNoC1hyKPnTTVaY:eEqHvAh4RqaouAAkNoKP
IMP 126845BE5896326DCD19EE3EFF19BE41
PESHA1 68CC375B311054FA092B2878EE461FC425F4BB91
PE256 F48C1172DD1E65F7474CDCCD585342B3104C2021BD80F4C7D19317FB74578F2E

Runtime Data

Usage (stderr):

[1106/200307.139:ERROR:setup_main.cc(642)] Already installed version 95.0.4638.69 at system-level conflicts with this one at user-level.
[1106/200307.141:ERROR:persistent_histogram_storage.cc(121)] Could not write "SetupMetrics" persistent histograms to file as the storage directory does not exist.

Child Processes:

chrome.exe

Loaded Modules:

Path
C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe
C:\Windows\System32\ADVAPI32.dll
C:\Windows\System32\combase.dll
C:\Windows\SYSTEM32\dbghelp.dll
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\ole32.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\SHELL32.dll
C:\Windows\System32\SHLWAPI.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\System32\win32u.dll
C:\Windows\System32\WS2_32.dll
C:\Windows\SYSTEM32\WTSAPI32.dll

Signature

  • Status: Signature verified.
  • Serial: 0E4418E2DEDE36DD2974C3443AFB5CE5
  • Thumbprint: 2673EA6CC23BEFFDA49AC715B121544098A1284C
  • Issuer: CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O=”DigiCert, Inc.”, C=US
  • Subject: CN=Google LLC, O=Google LLC, L=Mountain View, S=California, C=US

File Metadata

  • Original Filename:
  • Product Name: Google Chrome Installer
  • Company Name: Google LLC
  • File Version: 95.0.4638.69
  • Product Version: 95.0.4638.69
  • Language: English (United States)
  • Legal Copyright: Copyright 2021 Google LLC. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/7cbe211a4a539659d66b471fc43fa66de772a877494a0bb877515a3589e9da2c/detection

File Similarity (ssdeep match)

File Score
C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\setup.exe 100

Possible Misuse

The following table contains possible examples of chrmstp.exe being misused. While chrmstp.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_runonce_persistence.yml Details\|endswith: '\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.