Skip to content

Instantly share code, notes, and snippets.

@adeii

adeii/gist:1e1842a8597ef7a8aaed69038a953c59

Created October 29, 2024 21:31
Show Gist options
  • Save adeii/1e1842a8597ef7a8aaed69038a953c59 to your computer and use it in GitHub Desktop.
Save adeii/1e1842a8597ef7a8aaed69038a953c59 to your computer and use it in GitHub Desktop.
Download ZIP
Chrome 130.0.6723.70 x64 Win 7
Raw
gistfile1.txt
chrome.exe
----------
B8: 06
C0: 06
120: 000000000
89 F9 E8 E9 6C 01 00 48 8D 4C 24 30 84 C0 74 20 -- 89 F9 E8 E9 6C 01 00 48 8D 4C 24 30 90 90 90 90
62 00 63 00 72 00 79 00 70 00 74 00 70 -- 78 00 63 00 72 00 79 00 70 00 74 00 70 (bcryptprim - xcryptprim)
USERENV - USERENX
------------------------------------------
chrome.dll
----------
B8: 06
C0: 06
120: 000000000
85 C0 0F 85 9F FB FF FF E8 73 3E 6E 03 84 C0 0F 85 92 FB FF FF CC 0F 0B 48 89 F9 E8 F0 82 0C FF --
85 C0 0F 85 9F FB FF FF E8 73 3E 6E 03 84 C0 E9 93 FB FF FF 90 CC 0F 0B 48 89 F9 E8 F0 82 0C FF
82 9E 0C 84 DB 0F 85 5E 08 00 00 45 31 E4 8B 9C -- 82 9E 0C 84 DB 90 90 90 90 90 90 45 31 E4 8B 9C
08 00 00 B9 00 09 00 00 0F 45 C8 89 8C 24 84 02 -- 08 00 00 B9 00 00 00 00 0F 45 C8 89 8C 24 84 02
48 89 84 24 D0 00 00 00 F7 84 24 58 01 00 00 40
00 20 00 0F 95 C0 48 83 BC 24 78 01 00 00 00 0F
94 C2 20 C2 80 FA 01 0F 84 AF 01 00 00 4D 89 C4 --
48 89 84 24 D0 00 00 00 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 4D 89 C4
FF E8 7A 1A 00 00 83 F8 0C 0F 8E 74 06 00 00 48 -- FF E8 7A 1A 00 00 83 F8 0C 90 90 90 90 90 90 48
FB FF FF E8 F8 13 00 00 89 C5 8D 45 F9 83 F8 06 73 0A 83 C5 FA 31 DB E9 7F FA FF FF E8 4F AD 33 --
FB FF FF E8 F8 13 00 00 89 C5 8D 45 F9 83 F8 06 90 90 83 C5 FA 31 DB E9 7F FA FF FF E8 4F AD 33
9C 8F 6D FF 83 F8 06 0F 8E 01 01 00 00 40 84 ED -- 9C 8F 6D FF 83 F8 06 90 90 90 90 90 90 40 84 ED
1C 61 0B 0A 45 85 F6 0F 94 C0 85 ED 0F 95 C1 30 C1 0F 84 B6 01 00 00 4C 8B 27 48 C7 07 00 00 00 --
1C 61 0B 0A 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 4C 8B 27 48 C7 07 00 00 00
89 F9 E8 09 3B DF 00 48 8D 4C 24 30 84 C0 74 20 8A 59 05 E8 D8 F9 33 FF EB 2F 48 C7 C1 00 00 00 --
89 F9 E8 09 3B DF 00 48 8D 4C 24 30 90 90 90 90 8A 59 05 E8 D8 F9 33 FF EB 2F 48 C7 C1 00 00 00
04 48 31 E0 48 89 44 24 68 E8 62 6E D6 00 83 F8 02 0F 85 59 01 00 00 48 8D 54 24 64 C7 02 04 00 --
04 48 31 E0 48 89 44 24 68 E8 62 6E D6 00 90 90 90 90 90 90 90 90 90 48 8D 54 24 64 C7 02 04 00
E8 FB 6D D6 00 83 F8 02 74 1D E9 FA 00 00 00 48 -- E8 FB 6D D6 00 83 F8 02 EB 1D E9 FA 00 00 00 48
..
02 0F 85 DF 00 00 00 48 89 F1 BA FF FF 00 80 EB -- 02 90 90 90 90 90 90 48 89 F1 BA FF FF 00 80 EB
5B 5F 5E 41 5C 41 5E 41 5F C3 CC CC CC CC CC CC 41 56 56 57 53 48 81 EC 78 01 00 00 48 89 D7 48 --
5B 5F 5E 41 5C 41 5E 41 5F C3 CC CC CC CC CC CC B8 01 00 00 00 C3 90 90 90 90 90 90 48 89 D7 48
..
70 01 00 00 E8 B7 6B D6 00 83 F8 02 0F 85 6A 01 00 00 48 8D 5C 24 40 48 89 D9 E8 B1 A9 C5 FA 48 --
70 01 00 00 E8 B7 6B D6 00 83 F8 02 90 90 90 90 90 90 48 8D 5C 24 40 48 89 D9 E8 B1 A9 C5 FA 48
70 E8 0A 6A D6 00 83 F8 02 0F 85 76 01 00 00 48 -- 70 E8 0A 6A D6 00 83 F8 02 90 90 90 90 90 90 48
31 E0 48 89 84 24 70 01 00 00 E8 51 68 D6 00 83 F8 02 0F 85 EF 03 00 00 48 B8 AA AA AA AA AA AA --
31 E0 48 89 84 24 70 01 00 00 E8 51 68 D6 00 90 90 90 90 90 90 90 90 90 48 B8 AA AA AA AA AA AA
30 E8 1A 64 D6 00 83 F8 02 0F 85 FB 00 00 00 4C 89 F1 E8 99 08 00 00 48 8D 54 24 28 48 C7 02 FF --
30 E8 1A 64 D6 00 90 90 90 90 90 90 90 90 90 4C 89 F1 E8 99 08 00 00 48 8D 54 24 28 48 C7 02 FF
56 48 83 EC 20 48 89 CE E8 03 63 D6 00 83 F8 02 75 17 48 89 F1 E8 B6 04 00 00 48 89 F1 89 C2 48 --
56 48 83 EC 20 48 89 CE E8 03 63 D6 00 90 90 90 90 90 48 89 F1 E8 B6 04 00 00 48 89 F1 89 C2 48
31 E0 48 89 44 24 28 E8 C4 62 D6 00 83 F8 02 75 49 48 8D 54 24 24 C7 02 00 00 00 00 48 8D 8E 98 --
31 E0 48 89 44 24 28 E8 C4 62 D6 00 90 90 90 90 90 48 8D 54 24 24 C7 02 00 00 00 00 48 8D 8E 98
56 53 48 83 EC 28 48 89 CE E8 52 62 D6 00 83 F8 02 75 26 48 89 F1 E8 55 06 00 00 89 C3 84 C0 75 --
56 53 48 83 EC 28 48 89 CE E8 52 62 D6 00 90 90 90 90 90 48 89 F1 E8 55 06 00 00 89 C3 84 C0 75
.. x3
48 31 E0 48 89 44 24 30 E8 03 62 D6 00 83 F8 02 75 7B 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E --
48 31 E0 48 89 44 24 30 E8 03 62 D6 00 90 90 90 90 90 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E
.. x10
00 83 F8 02 0F 85 2D 01 00 00 48 8D 7C 24 20 48 -- 00 90 90 90 90 90 90 90 90 90 48 8D 7C 24 20 48
48 31 E0 48 89 44 24 30 E8 D3 5B D6 00 83 F8 02 75 4B 48 8D 7C 24 28 48 89 F9 E8 D1 99 C5 FA B8 --
48 31 E0 48 89 44 24 30 E8 D3 5B D6 00 90 90 90 90 90 48 8D 7C 24 28 48 89 F9 E8 D1 99 C5 FA B8
.. x8
E8 3B 5B D6 00 83 F8 02 0F 85 2D 03 00 00 48 83 BE 90 00 00 00 00 0F 84 22 03 00 00 48 BD AA AA --
E8 3B 5B D6 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 BD AA AA
BC 57 D6 00 83 F8 02 0F 85 F1 01 00 00 48 8B 8F -- BC 57 D6 00 90 90 90 90 90 90 90 90 90 48 8B 8F
84 24 68 01 00 00 E8 75 55 D6 00 83 F8 02 0F 85 49 05 00 00 0F 57 C0 0F 29 44 24 50 45 31 F6 4C --
84 24 68 01 00 00 E8 75 55 D6 00 90 90 90 90 90 90 90 90 90 0F 57 C0 0F 29 44 24 50 45 31 F6 4C
DC 4F D6 00 83 F8 02 0F 85 88 02 00 00 49 BF AA -- DC 4F D6 00 90 90 90 90 90 90 90 90 90 49 BF AA
C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 -- 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48
62 00 63 00 72 00 79 00 70 00 74 00 70 -- 78 00 63 00 72 00 79 00 70 00 74 00 70 (bcryptprim - xcryptprim) x2
user32 -- user64
mfplat -- xfplat
netapi32 -- netapi64
bcryptprimitives.dll -- xcryptprimitives.dll
kernel32 -- kernel64
userenv -- userenx
winhttp -- winxttp
----------------------------------------------
chrome_proxy.exe
----------------
62 00 63 00 72 00 79 00 70 00 74 00 70 -- 78 00 63 00 72 00 79 00 70 00 74 00 70 x2
kernel32 -- kernel64
-----------------------------------------------
chrome_elf.dll
--------------
62 00 63 00 72 00 79 00 70 00 74 00 70 -- 62 00 63 00 72 00 79 00 70 00 74 00 70 x2
kernel32 -- kernel64
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment