chrmstp.exe

File Path: C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\chrmstp.exe
Description: Google Chrome Installer

Hashes

Type	Hash
MD5	`8C9FE6FF801A1B6061F089FC517806EA`
SHA1	`6B2FACF01EC9349BD286AA0451621773BD554653`
SHA256	`B3A9BBFD7AAEC835B51AF73BD8848EB62B54FC2E4DB4101D07D196F358D49F18`
SHA384	`91F273C1635A7C2CEED8D114C7054ED99C597CF9FA835D3FE4E3474085A7608BE50C28DAC68BAF548B397801686965F2`
SHA512	`B2F434205C8B76336A05D24EA025F47DD235585D2F6CE3D7F8A1CDB28C333D856C1A63EBB2D29C03CF71CBA5F9672DC040CA656A3A2541F82BA317CCD675B84A`
SSDEEP	`49152:ZleWvsxXgsirVYXwiAP/P9TZ7krsuBhT1:AZakLBH`

Runtime Data

Usage (stderr):

[0815/134248.238:ERROR:setup_main.cc(523)] Already installed version 84.0.4147.125 at system-level conflicts with this one at user-level.
[0815/134248.238:ERROR:persistent_histogram_storage.cc(121)] Could not write "SetupMetrics" persistent histograms to file as the storage directory does not exist.

Child Processes:

chrome.exe

Signature

Status: Signature verified.
Serial: 0C15BE4A15BB0903C901B1D6C265302F
Thumbprint: CB7E84887F3C6015FE7EDFB4F8F36DF7DC10590E
Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Subject: CN=Google LLC, O=Google LLC, L=Mountain View, S=ca, C=US

File Metadata

Original Filename:
Product Name: Google Chrome Installer
Company Name: Google LLC
File Version: 84.0.4147.125
Product Version: 84.0.4147.125
Language: English (United States)

File Similarity (ssdeep match)

File	Score
C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\setup.exe	100

Possible Misuse

The following table contains possible examples of chrmstp.exe being misused. While chrmstp.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
sigma	registry_event_runonce_persistence.yml	`Details\\|endswith: '\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level'`	DRL 1.0