Skip to content

Instantly share code, notes, and snippets.

@adeii

adeii/gist:80d3a3a098a8aa6d67ad03a38b3cae91

Created August 4, 2024 15:45
Show Gist options
  • Save adeii/80d3a3a098a8aa6d67ad03a38b3cae91 to your computer and use it in GitHub Desktop.
Save adeii/80d3a3a098a8aa6d67ad03a38b3cae91 to your computer and use it in GitHub Desktop.
Download ZIP
Chrome 127.0.6533.73 x86 on Win7
Raw
gistfile1.txt
Chrome 127.0.6533.73 32bit
--------------------------
chrome.exe
===========
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
55 89 E5 53 57 56 83 EC 18 89 D6 89 CF A1 40 F0 -> 55 89 E5 53 57 56 83 EC 78 89 D6 89 CF A1 40 F0
58 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 E0 F3 0F -- 58 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 A0 F3 0F
7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 10 50 FF -- 7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 20 50 FF
..
83 3B 10 0F 94 C3 20 C3 80 FB 01 75 27 80 7D E0 -> 83 3B 20 0F 94 C3 20 C3 80 FB 01 75 27 80 7D A0
..
89 4D E1 29 D0 83 C0 13 89 47 18 F3 0F 6F 45 E0 -> 89 4D E1 29 D0 83 C0 13 89 47 18 E9 37 81 08 00
..
83 C4 18 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC -> 83 C4 78 5E 5F 5B 5D C3 CC CC CC CC CC CC CC CC
F9 E8 AA 7E 01 00 8D 8D 44 FF FF FF 84 C0 74 0A -> F9 E8 AA 7E 01 00 8D 8D 44 FF FF FF 90 90 90 90
FF 5A 59 FF E0 CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC CC ->
FF 5A 59 FF E0 CC CC F3 0F 6F 45 A0 F3 0F 7F 06 F3 0F 6F 45 B0 F3 0F 7F 46 10 E9 B5 7E F7 FF CC
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78)
USERENV.dll -> USERENX.dll (hidden)
KERNEL32.dll -> KERNEL64.dll (CFF explorer-Import directory)
-------------------------------------------------------------------------
chrome_proxy.exe
================
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) 620063007200790070
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
chrome_elf.dll
==============
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
chrome.dll
==========
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
74 24 30 FF 15 6C D1 AB 1A 85 FF 0F 94 C0 83 7C 24 10 00 0F 95 C1 30 C1 0F 84 45 02 00 00 89 64 ->
74 24 30 FF 15 6C D1 AB 1A 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 89 64
55 89 E5 53 57 56 83 EC 28 A1 40 50 AC 1A 31 E8 -> B8 10 00 00 00 C3 83 EC 28 A1 40 50 AC 1A 31 E8 (5589E5535756 -> B810000000C3)
0F 00 00 10 50 57 FF 15 E8 43 B5 1A 85 C0 74 0E -> 0F 00 00 00 50 57 FF 15 E8 43 B5 1A 85 C0 74 0E
31 C9 83 F8 FF 7C 1C 8D 48 01 83 F9 11 73 0A BA -> 31 C9 83 F8 FF EB 1C 8D 48 01 83 F9 11 73 0A BA
F9 E8 BA 5A E0 00 8D 8D 44 FF FF FF 84 C0 74 0A -> F9 E8 BA 5A E0 00 8D 8D 44 FF FF FF 90 90 90 90
50 AC 1A 31 E8 89 44 24 28 E8 D2 EE D9 00 83 F8 02 0F 85 1E 01 00 00 8D 7C 24 24 C7 07 04 00 00 ->
50 AC 1A 31 E8 89 44 24 28 E8 D2 EE D9 00 90 90 90 90 90 90 90 90 90 8D 7C 24 24 C7 07 04 00 00
83 F8 02 0F 85 A2 00 00 00 89 F1 BA FF FF 00 80 -> 90 90 90 90 90 90 90 90 90 89 F1 BA FF FF 00 80
EB D1 E8 39 EE D9 00 83 F8 02 74 ED E9 8D 00 00 -- EB D1 E8 39 EE D9 00 83 F8 02 EB ED E9 8D 00 00
55 89 E5 53 57 56 83 E4 F8 81 EC C0 00 00 00 89 -> 31 C0 C2 04 00 56 83 E4 F8 81 EC C0 00 00 00 89 (5589E5535756 -> 31C0C2040056)
..
AC EC D9 00 83 F8 02 0F 85 2E 01 00 00 8B 7D 08 -> AC EC D9 00 90 90 90 90 90 90 90 90 90 8B 7D 08
AC 1A 31 E8 89 45 F0 E8 44 EB D9 00 83 F8 02 0F 85 2B 01 00 00 89 75 C8 8B 77 48 85 F6 74 15 C7 ->
AC 1A 31 E8 89 45 F0 E8 44 EB D9 00 90 90 90 90 90 90 90 90 90 89 75 C8 8B 77 48 85 F6 74 15 C7
01 00 00 E8 D8 E9 D9 00 83 F8 02 0F 85 68 03 00 00 31 C0 48 8D BC 24 30 01 00 00 89 47 04 89 07 ->
01 00 00 E8 D8 E9 D9 00 90 90 90 90 90 90 90 90 90 31 C0 48 8D BC 24 30 01 00 00 89 47 04 89 07
AC 1A 31 E8 89 45 F0 E8 44 E6 D9 00 83 F8 02 0F 85 D3 00 00 00 89 D9 E8 14 07 00 00 8D 55 EC C7 ->
AC 1A 31 E8 89 45 F0 E8 44 E6 D9 00 90 90 90 90 90 90 90 90 90 89 D9 E8 14 07 00 00 8D 55 EC C7
55 89 E5 56 89 CE E8 55 E5 D9 00 83 F8 02 75 12 -> 55 89 E5 56 89 CE E8 55 E5 D9 00 90 90 90 90 90
E8 89 45 F4 E8 17 E5 D9 00 83 F8 02 75 37 8D 55 -> E8 89 45 F4 E8 17 E5 D9 00 90 90 90 90 90 8D 55
55 89 E5 53 56 89 CE E8 C4 E4 D9 00 83 F8 02 75 -> 55 89 E5 53 56 89 CE E8 C4 E4 D9 00 90 90 90 90
21 89 F1 E8 28 05 00 00 89 C3 84 C0 75 06 89 D8 -- 90 89 F1 E8 28 05 00 00 89 C3 84 C0 75 06 89 D8
E8 89 45 F4 E8 77 E4 D9 00 83 F8 02 75 6B 8D 55 -> E8 89 45 F4 E8 77 E4 D9 00 90 90 90 90 90 8D 55
50 AC 1A 31 E8 89 44 24 38 E8 E2 E3 D9 00 83 F8 02 0F 85 08 01 00 00 8D 5C 24 20 53 E8 0F CC 4C ->
50 AC 1A 31 E8 89 44 24 38 E8 E2 E3 D9 00 90 90 90 90 90 90 90 90 90 8D 5C 24 20 53 E8 0F CC 4C
50 AC 1A 31 E8 89 44 24 48 E8 62 E1 D9 00 83 F8 02 0F 85 1F 01 00 00 8B 7E 4C 8B 07 8B 48 24 FF ->
50 AC 1A 31 E8 89 44 24 48 E8 62 E1 D9 00 90 90 90 90 90 90 90 90 90 8B 7E 4C 8B 07 8B 48 24 FF
50 AC 1A 31 E8 89 44 24 08 E8 72 DF D9 00 83 F8 02 75 44 89 E7 57 E8 A5 C7 4C FB 83 C4 04 8B 46 ->
50 AC 1A 31 E8 89 44 24 08 E8 72 DF D9 00 90 90 90 90 90 89 E7 57 E8 A5 C7 4C FB 83 C4 04 8B 46
50 AC 1A 31 E8 89 44 24 20 E8 02 DF D9 00 83 F8 02 0F 85 BE 00 00 00 89 34 24 83 7E 48 00 0F 84 ->
50 AC 1A 31 E8 89 44 24 20 E8 02 DF D9 00 90 90 90 90 90 90 90 90 90 89 34 24 83 7E 48 00 0F 84
AC 1A 31 E8 89 45 F0 E8 14 DE D9 00 83 F8 02 0F 85 7E 01 00 00 89 7D C8 8B 76 48 85 F6 0F 84 73 ->
AC 1A 31 E8 89 45 F0 E8 14 DE D9 00 90 90 90 90 90 90 90 90 90 89 7D C8 8B 76 48 85 F6 0F 84 73
AC 1A 31 E8 89 45 F0 E8 64 DC D9 00 83 F8 02 0F 85 3B 01 00 00 31 DB 8D 45 D4 89 18 89 58 04 89 ->
AC 1A 31 E8 89 45 F0 E8 64 DC D9 00 90 90 90 90 90 90 90 90 90 31 DB 8D 45 D4 89 18 89 58 04 89
40 50 AC 1A 31 E8 89 45 F0 E8 52 D9 D9 00 83 F8 02 0F 85 01 02 00 00 31 C0 48 8D 75 E4 89 06 89 ->
40 50 AC 1A 31 E8 89 45 F0 E8 52 D9 D9 00 90 90 90 90 90 90 90 90 90 31 C0 48 8D 75 E4 89 06 89
00 00
B9 00 09 00 00 0F 45 C8 89 4D E4 0F 57 C0 F2 0F -> B9 00 00 00 00 0F 45 C8 89 4D E4 0F 57 C0 F2 0F
1A 31 E8 89 45 F0 8B 07 F7 47 20 40 00 10 00 74 0A 83 7F 34 00 0F 84 20 01 00 00 8D 75 38 89 45 ->
1A 31 E8 89 45 F0 8B 07 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 8D 75 38 89 45
C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 -> 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 (62->78)
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden)
user32.dll -> user64.dll (hidden)
mfplat.dll -> xfplat.dll (hidden)
netapi32.dll -> netapi64.dll (hidden)
bcryptprimitives.dll -> xcryptprimitives.dll (hidden)
kernel32.dll -> kernel64.dll
userenv.dll -> userenx.dll
winhttp.dll -> winxttp.dll
-------------------------------------------------------------------------
notification_helper.exe
=======================
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2
KERNEL32.dll -> KERNEL64.dll
-------------------------------------------------------------------------
mojo_core.dll
=============
b8: 06
C0: 06
110-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t... -> x.c.r.y.p.t... (hidden) 62 00 63 00 72 00 79 00 70 00 74 00 70 00 -> 78 00 63 00 72 00 79 00 70 00 74 00 70 00 (62->78) x2
KERNEL32.dll -> KERNEL64.dll
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment