Skip to content

Instantly share code, notes, and snippets.

@adeii

adeii/gist:4bfa66f1e84f04ebc5189da44f8ed547

Created February 29, 2024 14:45
Show Gist options
  • Save adeii/4bfa66f1e84f04ebc5189da44f8ed547 to your computer and use it in GitHub Desktop.
Save adeii/4bfa66f1e84f04ebc5189da44f8ed547 to your computer and use it in GitHub Desktop.
Download ZIP
Chrome 122.0.6261.70 x32 on Win 7+
Raw
gistfile1.txt
Chrome 122.0.6261.70 x32
chrome.exe
=========
110-Security Directory RVA / Size --> 00000000
55 89 E5 53 57 56 83 EC 18 89 D6 89 CF A1 10 00 -- 55 89 E5 53 57 56 83 EC 78 89 D6 89 CF A1 10 00
5A 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 E0 F3 0F -- 5A 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 A0 F3 0F
7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 10 50 FF -- 7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 20 50 FF
..
83 3B 10 0F 94 C3 20 C3 80 FB 01 75 27 80 7D E0 -- 83 3B 20 0F 94 C3 20 C3 80 FB 01 75 27 80 7D A0
89 4D E1 29 D0 83 C0 13 89 47 18 F3 0F 6F 45 E0 -- 89 4D E1 29 D0 83 C0 13 89 47 18 E9 40 34 04 00
83 C4 18 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC -- 83 C4 78 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC
89 F3 75 12 FF 15 DC B8 59 00 68 62 1B 00 00 50 -- 89 F3 EB 12 FF 15 DC B8 59 00 68 62 1B 00 00 50
50 68 D4 A7 59 00 E8 27 E1 F8 FF 5A 59 FF E0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC --
50 68 D4 A7 59 00 E8 27 E1 F8 FF 5A 59 FF E0 CC F3 0F 6F 45 A0 F3 0F 7F 06 F3 0F 6F 45 B0 F3 0F 7F 46 10 E9 AC CB FB FF CC CC CC CC CC CC CC CC
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78)
USERENV.dll -> USERENX.dll (hidden)
KERNEL32.dll -> KERNEL64.dll (CFF explorer-Import directory)
-------------------------------------------------------------------------
chrome_proxy.exe
================
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) 620063007200790070
KERNEL32.dll -> KERNEL64.dll
USERENV.dll -> USERENX.dll (hidden)
-------------------------------------------------------------------------
chrome_elf.dll
==============
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
chrome.dll
==========
110-Security Directory RVA / Size --> 00000000
247040:
7E 08 00 0F 95 C1 30 C1 0F 84 E0 00 00 00 89 66 -- 7E 08 00 0F 95 C1 30 C1 90 90 90 90 90 90 89 66 (C1 0F 84 E0 00 00 00 -- nop)
7BD680:
E6 17 05 8B 08 8D 51 01 89 10 85 C9 75 5E 89 70 -- E6 17 05 8B 08 8D 51 01 89 10 85 C9 90 90 89 70 trig(75 5E -- nop)
95C360:
10 85 C9 0F 85 A5 00 00 00 89 65 D0 8B 4D 24 89 -- 10 85 C9 90 90 90 90 90 90 89 65 D0 8B 4D 24 89 trig(0F 85 A5 00 00 00 -- nop)
F3BD40:
00 31 C0 40 50 57 68 0F 00 00 10 50 53 FF 15 20 -- 00 31 C0 40 50 57 68 0F 00 00 00 50 53 FF 15 20 (10->00)
75 0E 8B 4D 24 89 48 04 E9 D5 FD FF FF CC 0F 0B -- 90 90 8B 4D 24 89 48 04 E9 D5 FD FF FF CC 0F 0B (75 0E -> nop)
1B 31 E8 89 45 F0 8B 07 F6 47 20 80 0F 85 CF 00 -- 1B 31 E8 89 45 F0 8B 07 90 90 90 90 90 90 90 90
00 00 89 45 DC C7 00 FF FF FF FF 68 58 01 00 00 -- 90 90 89 45 DC C7 00 FF FF FF FF 68 58 01 00 00
BC E8 4A 78 31 03 8B 08 8D 51 01 89 10 85 C9 75 -- BC E8 4A 78 31 03 8B 08 8D 51 01 89 10 85 C9 90
4D 89 70 04 8B 7D E0 57 FF 15 24 28 A3 1B 8B 45 -- 90 89 70 04 8B 7D E0 57 FF 15 24 28 A3 1B 8B 45
51 01 89 10 85 C9 0F 85 C1 00 00 00 8B 7D 24 89 -- 51 01 89 10 85 C9 90 90 90 90 90 90 8B 7D 24 89
78 ..
01 89 10 85 C9 0F 85 A5 00 00 00 89 65 E8 89 78 -- 01 89 10 85 C9 90 90 90 90 90 90 89 65 E8 89 78
31 03 8B 08 8D 51 01 89 10 85 C9 75 3C 8B 4D 0C -- 31 03 8B 08 8D 51 01 89 10 85 C9 90 90 8B 4D 0C
1B 31 E8 89 44 24 48 64 A1 18 00 00 00 8B 80 80 -- 1B 31 E8 89 44 24 48 90 90 90 90 90 90 90 90 90
0F 00 00 85 C0 0F 84 8F 01 00 00 89 CE B9 C0 01 -- 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 00 23 48 0C 81 F9 40 01 00 00 0F 85 79 01 00 -- 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 8B 7E 4C 8B 07 8B 48 24 FF 15 7C D1 A2 1B 57 -- 90 8B 7E 4C 8B 07 8B 48 24 FF 15 7C D1 A2 1B 57
1B 31 E8 89 44 24 18 64 A1 18 00 00 00 8B 80 80 -- 1B 31 E8 89 44 24 18 90 90 90 90 90 90 90 90 90
0F 00 00 85 C0 0F 84 25 01 00 00 BA C0 01 00 00 -- 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
23 50 0C 81 FA 40 01 00 00 0F 85 11 01 00 00 89 -- 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89
0C 24 83 79 48 00 0F 84 07 01 00 00 31 DB 4B 8D -- 0C 24 83 79 48 00 0F 84 07 01 00 00 31 DB 4B 8D
1B 31 E8 89 45 F0 64 A1 18 00 00 00 8B 80 80 0F -- 1B 31 E8 89 45 F0 90 90 90 90 90 90 90 90 90 90
00 00 85 C0 0F 84 E0 01 00 00 BA C0 01 00 00 23 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
50 0C 81 FA 40 01 00 00 0F 85 CC 01 00 00 8B 71 90 90 90 90 90 90 90 90 90 90 90 90 90 90 8B 71
89 45 F0 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 -- 89 45 F0 90 90 90 90 90 90 90 90 90 90 90 90 90
C0 0F 84 0D 04 00 00 89 CF B9 C0 01 00 00 23 48 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
0C 81 F9 40 01 00 00 0F 85 F7 03 00 00 89 D6 31 90 90 90 90 90 90 90 90 90 90 90 90 90 89 D6 31
21 01 00 00 E9 BE 02 00 00 64 A1 18 00 00 00 8B -- 21 01 00 00 E9 BE 02 00 00 90 90 90 90 90 90 90
80 80 0F 00 00 85 C0 0F 84 8D 02 00 00 B9 C0 01 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 00 23 48 0C 81 F9 40 01 00 00 0F 85 79 02 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 0F 57 C0 8D 75 D4 F2 0F 11 06 C7 46 08 00 00 90 0F 57 C0 8D 75 D4 F2 0F 11 06 C7 46 08 00 00
89 F3 75 12 FF 15 28 25 A3 1B 68 62 1B 00 00 50 -- 89 F3 EB 12 FF 15 28 25 A3 1B 68 62 1B 00 00 50
62 5D FF 83 C4 04 84 C0 B8 02 08 00 00 B9 00 09 -- 62 5D FF 83 C4 04 84 C0 B8 02 08 00 00 B9 00 00 (09--00)
00 00 0F 45 C8 89 4D E4 31 FF 8D 9D 14 FF FF FF 00 00 0F 45 C8 89 4D E4 31 FF 8D 9D 14 FF FF FF
1B 31 E8 89 44 24 28 64 A1 18 00 00 00 8B 80 80 -- 1B 31 E8 89 44 24 28 90 90 90 90 90 90 90 90 90
0F 00 00 85 C0 0F 84 6F 01 00 00 89 CE B9 C0 01 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 00 23 48 0C 81 F9 40 01 00 00 0F 85 59 01 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 8D 7C 24 24 C7 07 04 00 00 00 8B 5E 4C 8B 03 90 8D 7C 24 24 C7 07 04 00 00 00 8B 5E 4C 8B 03
DE A4 C1 FB 8D 65 F4 5E 5F 5B 5D C3 64 A1 18 00 -- DE A4 C1 FB 8D 65 F4 5E 5F 5B 5D C3 90 90 90 90
00 00 8B 80 80 0F 00 00 85 C0 0F 84 CD 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 0F 85 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
B9 00 00 00 89 F1 BA FF FF 00 80 EB B7 64 A1 18 90 90 90 90 89 F1 BA FF FF 00 80 EB B7 90 90 90
00 00 00 8B 80 80 0F 00 00 85 C0 0F 84 9F 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
00 B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 74 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 EB
D3 E9 8A 00 00 00 89 F1 E8 F3 0A 00 00 8B 7E 08 D3 E9 8A 00 00 00 89 F1 E8 F3 0A 00 00 8B 7E 08
65 F4 5E 5F 5B 5D C2 08 00 CC CC CC CC CC CC CC -- 65 F4 5E 5F 5B 5D C2 08 00 CC CC CC CC CC CC CC
55 89 E5 53 57 56 83 E4 F8 81 EC C8 00 00 00 A1 B8 01 00 00 00 C2 04 00 90 81 EC C8 00 00 00 A1
20 A0 A3 1B 31 E8 89 84 24 C0 00 00 00 64 A1 18 20 A0 A3 1B 31 E8 89 84 24 C0 00 00 00 64 A1 18
89 45 F0 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 0F 84 41 01 00 00 89 CF B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 0F 85 2B 01 00 00 89 55 C8 --
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 55 C8
24 38 01 00 00 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 0F 84 89 03 00 00 B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 0F 85 75 03 00 00 31 C0 48 --
24 38 01 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 C0 48
89 45 F0 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 0F 84 EE 00 00 00 89 CB B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 0F 85 D8 00 00 00 89 D7 89 --
89 45 F0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 D7 89
55 89 E5 56 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 74 24 89 CE B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 75 12 89 F1 E8 D3 56 76 FA 89 F1 89 --
55 89 E5 56 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 F1 E8 D3 56 76 FA 89 F1 89
45 F4 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 74 49 89 CE B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 75 37 8D 55 F0 C7 02 00 00 00 00 8D 4E 4C --
45 F4 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 8D 55 F0 C7 02 00 00 00 00 8D 4E 4C
55 89 E5 53 56 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 74 33 89 CE B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 75 21 89 F1 E8 C2 02 00 00 89 C3 --
55 89 E5 53 56 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 F1 E8 C2 02 00 00 89 C3
45 F4 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 74 7D 89 CE B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 75 6B 8D 55 F0 C7 02 00 00 00 00 8D 4E 4C --
45 F4 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 8D 55 F0 C7 02 00 00 00 00 8D 4E 4C
1B 31 E8 89 44 24 38 64 A1 18 00 00 00 8B 80 80 --
0F 00 00 85 C0 0F 84 1E 01 00 00 89 CE B9 C0 01
00 00 23 48 0C 81 F9 40 01 00 00 0F 85 08 01 00
00 8D 5C 24 20 53 E8 45 33 60 FB 83 C4 04 F2 0F
1B 31 E8 89 44 24 38 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 8D 5C 24 20 53 E8 45 33 60 FB 83 C4 04 F2 0F
1B 31 E8 89 44 24 08 64 A1 18 00 00 00 8B 80 80 0F 00 00 85 C0 74 56 89 CE B9 C0 01 00 00 23 48 0C 81 F9 40 01 00 00 75 44 89 E7 57 E8 5F 31 60 --
1B 31 E8 89 44 24 08 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 E7 57 E8 5F 31 60
C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 -> 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 (62->78)
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden)
user32 -> user64 (hidden)
mfplat -> xfplat (hidden)
netapi32 -> netapi64 (hidden)
kernel32 -> kernel64
userenv -> userenx
winhttp -> winxttp
-------------------------------------------------------------------------
notification_helper.exe
=======================
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
chrome_wer.exe
=======================
110-Security Directory RVA / Size --> 00000000
-------------------------------------------------------------------------
chrome_pwa_launcher.exe
=======================
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78)
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment