Skip to content

Instantly share code, notes, and snippets.

@adeii

adeii/gist:882ccbc86400202ca0132803e6d1b955

Created January 5, 2024 18:55
Show Gist options
  • Save adeii/882ccbc86400202ca0132803e6d1b955 to your computer and use it in GitHub Desktop.
Save adeii/882ccbc86400202ca0132803e6d1b955 to your computer and use it in GitHub Desktop.
Download ZIP
Chrome 117.0.5938.89 x86 for Win 7
Raw
gistfile1.txt
swap in import/export chrome 117.0.5938.89 32bit
add Blaukovitsch's libs to root folder and 117.0.x.x folder
chrome.exe
==========
110-00 3A 23 00 20 29 00 00 00 E0 23 00 C4 EC 00 00 --
00 00 00 00 00 00 00 00 00 E0 23 00 C4 EC 00 00
110-Security Directory RVA / Size --> 00000000
---
2a6b0: 00 53 52 FF 15 60 99 5C 00 85 C0 74 15 FF 4D F0 --
00 53 52 FF 15 60 99 5C 00 90 90 90 90 FF 4D F0
2a6c0: 8B 3E 85 FF 75 3E B3 01 83 7D F0 00 0F 85 CB 00 --
8B 3E 90 90 90 90 B3 01 90 90 90 90 90 90 90 90
2a6d0: 00 00 89 D8 83 C4 04 5E 5F 5B 5D C3 31 DB EB F2 --
90 90 89 D8 83 C4 04 5E 5F 5B 5D C3 31 DB EB F2
137240: 55 89 E5 53 57 56 83 EC 18 89 D6 89 CF A1 08 E0 --
55 89 E5 53 57 56 83 EC 78 89 D6 89 CF A1 08 E0
137250: 5C 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 E0 F3 0F --
5C 00 31 E8 89 45 F0 66 0F 76 C0 8D 45 A0 F3 0F
137260: 7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 10 50 FF --
7F 00 8D 5D DC C7 03 FF FF FF FF 53 6A 20 50 FF
137280: 83 3B 10 0F 94 C3 20 C3 80 FB 01 75 27 80 7D E0 --
83 3B 20 0F 94 C3 20 C3 80 FB 01 75 27 80 7D A0
1372A0: 89 4D E1 29 D0 83 C0 13 89 47 18 F3 0F 6F 45 E0 --
89 4D E1 29 D0 83 C0 13 89 47 18 E9 F0 53 05 00
b.c.r.y.p.t.p.r -> x.c.r.y.p.t.p.r (hidden) search HEX, not text [62 00 63 00 72 00 79 00 70 00 74 00 70 00]
userenv -> userenx (hidden)
kernel32 -> kernel64
chrome_proxy.exe
=======================
*
chrome_elf.dll
==============
clear digital sign:
110: 00 26 10 00 20 29 00 00 00 30 11 00 A0 91 00 00 --> 00 00 00 00 00 00 00 00 00 30 11 00 A0 91 00 00
e1b20: b.c.r.y.p.t.p.r.i.m.i.t -> x.c.r.y.p.t.p.r.i.m.i.t (hidden)
ed430: b.c.r.y.p.t.p.r.i -> x.c.r.y.p.t.p.r.i (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00 72]
f0ff0: kernel32 -> kernel64
chrome.dll
=================
clear digital sign:
110: 00 CA 54 0B 20 29 00 00 00 40 1D 0B A8 08 5F 00 --> 00 00 00 00 00 00 00 00 00 40 1D 0B A8 08 5F 00
110-Security Directory RVA / Size --> 00000000
10b2a0:
7E 08 00 0F 95 C1 30 C1 0F 84 09 01 00 00 89 66 --> 7E 08 00 0F 95 C1 30 C1 90 90 90 90 90 90 89 66
e1aec0:
40 50 57 68 0F 00 00 10 50 FF 75 D8 FF 15 78 0F --> 40 50 57 68 0F 00 00 00 50 FF 75 D8 FF 15 78 0F
6f74120:
89 C3 89 F9 E8 C7 B8 81 00 84 DB 89 F3 75 12 FF --> 89 C3 89 F9 E8 C7 B8 81 00 84 DB 89 F3 EB 12 FF
1547150:
00 48 85 C0 0F 84 C9 00 00 00 83 78 38 01 0F 85 --> 00 48 85 C0 E9 CA 00 00 00 90 83 78 38 01 0F 85 JOK!
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00]
a1a89a0: C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 --> 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) search HEX, not text [62 00 63 00 72 00 79 00 70 00 74 00 70 00]
user32 -> user64 (hidden)
mfplat -> xfplat (hidden)
netapi32 -> netapi64 (hidden)
kernel32 -> kernel64
userenv -> userenx
winhttp -> winxttp
chrome_wer.exe
==============
*
chrome_paw_launcher.exe
==============
*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment