× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4a08e0502d92ab4dc869818fbfefe1645309199202d97aa3dc13d1375e2116bd
File name: chrome.exe
Detection ratio: 0 / 55
Analysis date: 2016-10-14 17:14:54 UTC ( 1 year, 1 month ago )
Antivirus Result Update
Ad-Aware 20161014
AegisLab 20161014
AhnLab-V3 20161014
Alibaba 20161014
ALYac 20161014
Antiy-AVL 20161014
Arcabit 20161014
Avast 20161014
AVG 20161014
Avira (no cloud) 20161014
AVware 20161014
Baidu 20161014
BitDefender 20161014
Bkav 20161014
CAT-QuickHeal 20161014
ClamAV 20161014
CMC 20161014
Comodo 20161014
CrowdStrike Falcon (ML) 20160725
Cyren 20161014
DrWeb 20161014
Emsisoft 20161014
ESET-NOD32 20161014
F-Prot 20161014
F-Secure 20161014
Fortinet 20161014
GData 20161014
Ikarus 20161014
Sophos ML 20160928
Jiangmin 20161014
K7AntiVirus 20161014
K7GW 20161014
Kaspersky 20161014
Kingsoft 20161014
Malwarebytes 20161014
McAfee 20161014
McAfee-GW-Edition 20161014
Microsoft 20161014
eScan 20161014
NANO-Antivirus 20161014
nProtect 20161014
Panda 20161014
Qihoo-360 20161014
Rising 20161014
Sophos AV 20161014
SUPERAntiSpyware 20161014
Symantec 20161014
Tencent 20161014
TheHacker 20161014
TrendMicro 20161014
VBA32 20161013
VIPRE 20161014
ViRobot 20161014
Yandex 20161013
Zillya 20161013
Zoner 20161014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright 2016 Google Inc. All rights reserved.

Product Google Chrome
Original name chrome.exe
Internal name chrome_exe
File version 53.0.2785.113
Description Google Chrome
Signature verification Signed file, verified signature
Signing date 12:38 AM 9/13/2016
Signers
[+] Google Inc
Status Valid
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 12/14/2015
Valid to 12:59 AM 12/15/2016
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 264E38570F882E5A0272423757741233A661B553
Serial number 4C 40 DB A5 F9 88 FA E5 7A 57 D6 45 74 95 F9 8B
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GlobalSign TSA for MS Authenticode - G2
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 5/24/2016
Valid to 1:00 AM 6/24/2027
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 63B82FAB61F583909695050B00249C502933EC79
Serial number 11 21 D6 99 A7 64 97 3E F1 F8 42 7E E9 19 CC 53 41 14
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
PE header basic information
Target machine x64
Compilation timestamp 2016-09-12 23:32:09
Entry Point 0x00095B7C
Number of sections 9
PE sections
Overlays
MD5 d7eb93c39020e389970d518799119099
File type data
Offset 1122816
Size 13128
Entropy 7.39
PE imports
RegCreateKeyExW
RegCloseKey
ConvertSidToStringSidW
GetAce
LookupPrivilegeValueW
GetSecurityInfo
RegDisablePredefinedCache
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateWellKnownSid
OpenProcessToken
GetKernelObjectSecurity
DuplicateToken
RegOpenKeyExW
SetSecurityInfo
SystemFunction036
SetTokenInformation
CopySid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
GetSecurityDescriptorSacl
CreateRestrictedToken
GetLengthSid
ImpersonateNamedPipeClient
ConvertStringSidToSidW
CreateProcessAsUserW
SetEntriesInAclW
RevertToSelf
RegSetValueExW
EqualSid
SetThreadToken
SetKernelObjectSecurity
GetStdHandle
GetDriveTypeW
lstrlenW
FileTimeToSystemTime
WaitForSingleObject
CreateIoCompletionPort
SetEndOfFile
CreateJobObjectW
EncodePointer
ReleaseSRWLockExclusive
GetFileAttributesW
SetInformationJobObject
SystemTimeToTzSpecificLocalTime
GetProcessId
DisconnectNamedPipe
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
EnumSystemLocalesW
GetFileInformationByHandle
InitializeSListHead
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetThreadPriority
GetExitCodeProcess
LocalFree
ConnectNamedPipe
GetTimeZoneInformation
OutputDebugStringW
FindClose
TlsGetValue
QueryDosDeviceW
FormatMessageA
GetFullPathNameW
SignalObjectAndWait
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
PeekNamedPipe
InitializeCriticalSection
GetUserDefaultLangID
LoadResource
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetUserDefaultLCID
RtlAddFunctionTable
QueryPerformanceFrequency
HeapSetInformation
LoadLibraryExA
SetThreadPriority
ReleaseSemaphore
RtlVirtualUnwind
GetSystemDefaultLCID
LoadLibraryExW
MultiByteToWideChar
TerminateJobObject
SetFilePointerEx
RegisterWaitForSingleObject
LockFileEx
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
DeleteCriticalSection
SetNamedPipeHandleState
CreateSemaphoreW
CreateMutexW
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
GetVersion
GetModuleHandleExW
SetCurrentDirectoryW
VirtualQuery
VirtualQueryEx
ReadConsoleW
GetCurrentThreadId
LeaveCriticalSection
SleepEx
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
FreeLibrary
CreateRemoteThread
RtlPcToFileHeader
GetWindowsDirectoryW
SetHandleInformation
AcquireSRWLockExclusive
WriteProcessMemory
OpenProcess
RtlCaptureStackBackTrace
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GetProcAddress
VirtualProtectEx
DebugBreak
GetProcessHeap
CreateFileMappingW
CompareStringW
WriteFile
WaitNamedPipeW
ExpandEnvironmentStringsW
FindNextFileW
RtlLookupFunctionEntry
ResetEvent
GetComputerNameExW
IsValidLocale
DuplicateHandle
FindFirstFileExW
RtlUnwindEx
SetEvent
CreateEventW
SearchPathW
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
SetProcessShutdownParameters
GetNativeSystemInfo
GetLastError
LCMapStringW
VirtualAllocEx
GetSystemInfo
GetConsoleCP
ResumeThread
UnregisterWaitEx
AssignProcessToJobObject
GetProcessTimes
GetThreadLocale
GetEnvironmentStringsW
RtlDeleteFunctionTable
Sleep
CreateProcessW
GetQueuedCompletionStatus
SizeofResource
GetCurrentDirectoryW
VirtualFreeEx
GetCurrentProcessId
GetFileSizeEx
LockResource
ProcessIdToSessionId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
Wow64GetThreadContext
RaiseException
UnhandledExceptionFilter
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CreateNamedPipeW
RtlCaptureContext
CloseHandle
UnlockFileEx
GetACP
GetModuleHandleW
CreatePipe
GetLongPathNameW
GetProcessHandleCount
GetThreadId
IsValidCodePage
UnmapViewOfFile
FindResourceW
PostQueuedCompletionStatus
VirtualFree
TransactNamedPipe
VirtualAlloc
UuidCreate
GetWindowThreadProcessId
GetUserObjectInformationW
AllowSetForegroundWindow
CloseDesktop
FindWindowExW
SetProcessWindowStation
CreateWindowStationW
SendMessageTimeoutW
IsWindow
GetProcessWindowStation
GetThreadDesktop
CreateDesktopW
CloseWindowStation
CreateEnvironmentBlock
DestroyEnvironmentBlock
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WinHttpConnect
WinHttpQueryHeaders
WinHttpReadData
WinHttpCloseHandle
WinHttpSetTimeouts
WinHttpCrackUrl
WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpOpen
WinHttpOpenRequest
WinHttpSendRequest
timeGetTime
WTSQuerySessionInformationW
WTSFreeMemory
SignalChromeElf
PE exports
Number of PE resources by type
RT_ICON 31
RT_GROUP_ICON 7
GOOGLEUPDATEAPPLICATIONCOMMANDS 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 41
PE resources
Debug information
ExifTool file metadata
ProductShortName
Chrome

SubsystemVersion
5.2

OfficialBuild
1

InitializedDataSize
380416

ImageVersion
0.0

ProductName
Google Chrome

FileVersionNumber
53.0.2785.113

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
exe

OriginalFileName
chrome.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

CompanyShortName
Google

FileVersion
53.0.2785.113

TimeStamp
2016:09:13 00:32:09+01:00

FileType
Win64 EXE

PEType
PE32+

InternalName
chrome_exe

ProductVersion
53.0.2785.113

FileDescription
Google Chrome

OSVersion
5.2

FileOS
Win32

LegalCopyright
Copyright 2016 Google Inc. All rights reserved.

MachineType
AMD AMD64

CompanyName
Google Inc.

CodeSize
757760

FileSubtype
0

ProductVersionNumber
53.0.2785.113

LastChange
67422c8fead813c7b6cbc44cfef10f3d49758d75-refs/branch-heads/2785@{#877}

EntryPoint
0x95b7c

ObjectFileType
Executable application

File identification
MD5 69098240a6ce78edc28e6b4ad4940546
SHA1 e030bc2c61124fe2d04f186688cdbf01d94a105e
SHA256 4a08e0502d92ab4dc869818fbfefe1645309199202d97aa3dc13d1375e2116bd
ssdeep
24576:Q9De1mjxDDGO2EV/YsXzZ4jD8KIz3HFhImwDC:kDe1SDD2EKsXzZmSTFhIM

authentihash 68feceeb9639f702d84ef62978e8f2fc9f233ce4d936795ad557c00a81966739
imphash 88d7083ad36f18074f39c57f54969861
File size 1.1 MB ( 1135944 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Tags
64bits peexe assembly signed overlay

VirusTotal metadata
First submission 2016-09-13 18:45:57 UTC ( 1 year, 2 months ago )
Last submission 2016-09-18 04:33:38 UTC ( 1 year, 2 months ago )
File names chrome.exe
chrome.exe
chrome.exe
CHROME.EXE
chrome.exe
chrome.exe
vt-upload-lADCxd
chrome.exe
chrome_exe
chrome.exe
chrome.exe
chrome.exe
chrome.exe
chrome.exe
new_chrome.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!