chrmstp.exe
- File Path:
C:\Program Files\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe - Description: Google Chrome Installer
Hashes
| Type | Hash |
|---|---|
| MD5 | AEA2671A54A5A19A449CA1F268F1D7BD |
| SHA1 | 14F565D448948BD23C563C27368BD08ACFD17B66 |
| SHA256 | 62ECBB932E0211217F62BD0D3D5744A54104E2431E27FF7A7822A25D04A8581B |
| SHA384 | 58904E6397FB0EE788E1631CDBDA807B429ACC8955B22D17CB87D25DDA1003FAFE8A789C37B9B89C60E89826792D4A19 |
| SHA512 | 73D8BF7C0BDF08502B8557176BDF192E9F1554CCF07C0540973F52071BE2E3C47F6C2B95444088EEBF7DFB29BFD8DE2E54A5BE2DB0BA74698EAA2287EED9E7E6 |
| SSDEEP | 49152:rk1nc3R1lRf+yAHLvThf0we+9fPF0RkBOETd4re:BbbAHPFDp4C |
| IMP | 81EE900A026224A1AA3F301BA1D6C063 |
| PESHA1 | B414823271439836526B15CAF9AB0A6E932D421A |
| PE256 | 4A8173B295F589C18D4594257AA8082626F4F977F3718A43CFD0A9917A291662 |
Runtime Data
Usage (stderr):
[0924/171427.404:ERROR:setup_main.cc(519)] Already installed version 85.0.4183.121 at system-level conflicts with this one at user-level.
[0924/171427.404:ERROR:persistent_histogram_storage.cc(121)] Could not write "SetupMetrics" persistent histograms to file as the storage directory does not exist.
Child Processes:
chrome.exe
Loaded Modules:
| Path |
|---|
| C:\Program Files\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe |
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\SYSTEM32\CRYPTBASE.DLL |
| C:\Windows\SYSTEM32\dbghelp.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\SYSTEM32\iertutil.dll |
| C:\Windows\System32\IMM32.DLL |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\NETAPI32.dll |
| C:\Windows\SYSTEM32\NETUTILS.DLL |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\SYSTEM32\PROPSYS.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\System32\SHLWAPI.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\SYSTEM32\urlmon.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\SYSTEM32\USERENV.dll |
| C:\Windows\SYSTEM32\VERSION.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\SYSTEM32\windows.storage.dll |
| C:\Windows\SYSTEM32\WINHTTP.dll |
| C:\Windows\SYSTEM32\WINMM.dll |
| C:\Windows\SYSTEM32\WKSCLI.DLL |
| C:\Windows\SYSTEM32\Wldp.dll |
| C:\Windows\System32\WS2_32.dll |
| C:\Windows\SYSTEM32\WTSAPI32.dll |
Signature
- Status: Signature verified.
- Serial:
0C15BE4A15BB0903C901B1D6C265302F - Thumbprint:
CB7E84887F3C6015FE7EDFB4F8F36DF7DC10590E - Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=Google LLC, O=Google LLC, L=Mountain View, S=ca, C=US
File Metadata
- Original Filename:
- Product Name: Google Chrome Installer
- Company Name: Google LLC
- File Version: 85.0.4183.121
- Product Version: 85.0.4183.121
- Language: English (United States)
- Legal Copyright: Copyright 2020 Google LLC. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/62ecbb932e0211217f62bd0d3d5744a54104e2431e27ff7a7822a25d04a8581b/detection/
File Similarity (ssdeep match)
Possible Misuse
The following table contains possible examples of chrmstp.exe being misused. While chrmstp.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source | Source File | Example | License |
|---|---|---|---|
| sigma | registry_event_runonce_persistence.yml | Details\|endswith: '\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level' |
DRL 1.0 |
MIT License. Copyright (c) 2020-2021 Strontic.