File name:

ChromeSetup.exe

Full analysis: https://app.any.run/tasks/9cadf0f7-e09c-4707-b067-3c72e497e107
Verdict: Malicious activity
Analysis date: May 10, 2025, 06:51:37
OS: Windows 10 Professional (build: 19044, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, 9 sections
MD5:

E6378392A79331F675960A6EEE8DFC9E

SHA1:

47BDEE423813A953EB93D11684A1EF08670C4568

SHA256:

F0AB0F4DB5D7E988EDF30206507D6E71AF5FB95E62F5D2F83EFAADAACA9DB9F7

SSDEEP:

98304:5l7pAEcLB806XcPEs0XQpe0DELXFAzz0Tpcky7+HlPmqPLQ4Za999RMAWDo5s7f4:Gyjk

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • setup.exe (PID: 7992)

  • SUSPICIOUS

    • Application launched itself

      • ChromeSetup.exe (PID: 7012)
      • updater.exe (PID: 3332)
      • updater.exe (PID: 5588)
      • updater.exe (PID: 7268)
      • setup.exe (PID: 7992)
      • setup.exe (PID: 8084)
      • updater.exe (PID: 8072)
      • updater.exe (PID: 8060)
      • updater.exe (PID: 7996)
      • updater.exe (PID: 4408)

    • Executable content was dropped or overwritten

      • updater.exe (PID: 3332)
      • updater.exe (PID: 5588)
      • 136.0.7103.93_chrome_installer.exe (PID: 7972)
      • setup.exe (PID: 7992)

    • Reads security settings of Internet Explorer

      • ChromeSetup.exe (PID: 7012)

    • Executes as Windows Service

      • updater.exe (PID: 5588)
      • updater.exe (PID: 7268)
      • updater.exe (PID: 8072)
      • updater.exe (PID: 8060)
      • updater.exe (PID: 7996)

    • Creates a software uninstall entry

      • setup.exe (PID: 7992)
      • chrome.exe (PID: 8188)

    • Searches for installed software

      • setup.exe (PID: 7992)

    • The process executes via Task Scheduler

      • updater.exe (PID: 4408)

  • INFO

    • Reads the computer name

      • ChromeSetup.exe (PID: 7012)
      • ChromeSetup.exe (PID: 4380)
      • 136.0.7103.93_chrome_installer.exe (PID: 7972)
      • setup.exe (PID: 7992)
      • setup.exe (PID: 8084)
      • updater.exe (PID: 8072)
      • elevation_service.exe (PID: 1452)

    • Checks supported languages

      • ChromeSetup.exe (PID: 7012)
      • ChromeSetup.exe (PID: 4380)
      • 136.0.7103.93_chrome_installer.exe (PID: 7972)
      • setup.exe (PID: 7992)
      • setup.exe (PID: 8012)
      • setup.exe (PID: 8084)
      • setup.exe (PID: 8104)
      • elevation_service.exe (PID: 1452)
      • updater.exe (PID: 8072)
      • updater.exe (PID: 8160)

    • Creates files in the program directory

      • ChromeSetup.exe (PID: 4380)
      • setup.exe (PID: 7992)
      • setup.exe (PID: 8084)
      • updater.exe (PID: 8072)
      • updater.exe (PID: 7268)

    • Create files in a temporary directory

      • ChromeSetup.exe (PID: 4380)

    • Process checks computer location settings

      • ChromeSetup.exe (PID: 7012)

    • The sample compiled with english language support

      • ChromeSetup.exe (PID: 7012)
      • updater.exe (PID: 3332)
      • updater.exe (PID: 5588)
      • 136.0.7103.93_chrome_installer.exe (PID: 7972)
      • setup.exe (PID: 7992)
      • chrome.exe (PID: 6256)

    • Manual execution by a user

      • chrome.exe (PID: 8188)

    • Executes as Windows Service

      • elevation_service.exe (PID: 1452)

    • Reads the software policy settings

      • slui.exe (PID: 5416)
      • updater.exe (PID: 8072)

    • Executable content was dropped or overwritten

      • chrome.exe (PID: 6256)

    • Process checks whether UAC notifications are on

      • updater.exe (PID: 8072)

    • Application launched itself

      • chrome.exe (PID: 8188)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Generic Win/DOS Executable (50)
.exe | DOS Executable Generic (49.9)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2025:05:02 03:02:06+00:00
ImageFileCharacteristics: Executable, Large address aware, 32-bit
PEType: PE32
LinkerVersion: 14
CodeSize: 3700736
InitializedDataSize: 7736320
UninitializedDataSize: -
EntryPoint: 0x1d7410
OSVersion: 10
ImageVersion: -
SubsystemVersion: 10
Subsystem: Windows GUI
FileVersionNumber: 138.0.7156.0
ProductVersionNumber: 138.0.7156.0
FileFlagsMask: 0x0017
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Unicode
CompanyName: Google LLC
FileDescription: Google Installer (x86)
FileVersion: 138.0.7156.0
InternalName: Google Installer (x86)
LegalCopyright: Copyright 2025 Google LLC. All rights reserved.
OriginalFileName: UpdaterSetup.exe
ProductName: Google Installer (x86)
ProductVersion: 138.0.7156.0
CompanyShortName: Google
ProductShortName: GoogleUpdater
LastChange: 1f8149e52d17f42e7cad03f331dfbac77fe56706-refs/branch-heads/7156@{#1}
OfficialBuild: 1
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
208
Monitored processes
73
Malicious processes
4
Suspicious processes
1

Behavior graph

Click at the process to see the details
start chromesetup.exe no specs chromesetup.exe updater.exe updater.exe no specs sppextcomobj.exe no specs slui.exe updater.exe updater.exe no specs updater.exe no specs updater.exe no specs 136.0.7103.93_chrome_installer.exe setup.exe setup.exe no specs setup.exe no specs setup.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe elevation_service.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs slui.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs updater.exe updater.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs updater.exe no specs updater.exe no specs updater.exe no specs updater.exe no specs updater.exe no specs updater.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
672"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --disable-quic --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=7060 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\136.0.7103.93\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
720"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=3168 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\136.0.7103.93\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1012"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=4200 /prefetch:2C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Exit code:
0
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\136.0.7103.93\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1096"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=4112 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\136.0.7103.93\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
1228C:\WINDOWS\system32\SppExtComObj.exe -EmbeddingC:\Windows\System32\SppExtComObj.Exesvchost.exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
KMS Connection Broker
Exit code:
0
Version:
10.0.19041.3996 (WinBuild.160101.0800)
1452"C:\Program Files\Google\Chrome\Application\136.0.7103.93\elevation_service.exe"C:\Program Files\Google\Chrome\Application\136.0.7103.93\elevation_service.exeservices.exe
User:
SYSTEM
Company:
Google LLC
Integrity Level:
SYSTEM
Description:
Google Chrome
Exit code:
0
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\136.0.7103.93\elevation_service.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\oleaut32.dll
1540"C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=138.0.7156.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0xf12e88,0xf12e94,0xf12ea0C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exeupdater.exe
User:
SYSTEM
Company:
Google LLC
Integrity Level:
SYSTEM
Description:
Google Updater (x86)
Version:
138.0.7156.0
Modules
Images
c:\program files (x86)\google\googleupdater\138.0.7156.0\updater.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\advapi32.dll
c:\windows\syswow64\msvcrt.dll
1672C:\Users\admin\AppData\Local\Temp\Google4380_251020318\bin\updater.exe --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=138.0.7156.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x2a8,0x2ac,0x2b0,0x284,0x2b4,0xb22e88,0xb22e94,0xb22ea0C:\Users\admin\AppData\Local\Temp\Google4380_251020318\bin\updater.exeupdater.exe
User:
admin
Company:
Google LLC
Integrity Level:
HIGH
Description:
Google Updater (x86)
Exit code:
0
Version:
138.0.7156.0
1764"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:1C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
LOW
Description:
Google Chrome
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\136.0.7103.93\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
2096"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --disable-quic --message-loop-type-ui --field-trial-handle=2004,i,11066968771603925506,17752414749556829762,262144 --variations-seed-version --mojo-platform-channel-handle=7120 /prefetch:8C:\Program Files\Google\Chrome\Application\chrome.exechrome.exe
User:
admin
Company:
Google LLC
Integrity Level:
MEDIUM
Description:
Google Chrome
Exit code:
0
Version:
136.0.7103.93
Modules
Images
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\aclayers.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
Total events
16 839
Read events
16 685
Write events
144
Delete events
10

Modification events

(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:StubPath
Value:
"C:\Program Files\Google\Chrome\Application\136.0.7103.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:Localized Name
Value:
Google Chrome
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:IsInstalled
Value:
1
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
Operation:writeName:Version
Value:
43,0,0,0
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
Operation:writeName:CommandLine
Value:
"C:\Program Files\Google\Chrome\Application\136.0.7103.93\Installer\setup.exe" --on-os-upgrade --channel=stable --system-level --verbose-logging %1
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
Operation:writeName:AutoRunOnOSUpgrade
Value:
1
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
Operation:writeName:CommandLine
Value:
"C:\Program Files\Google\Chrome\Application\136.0.7103.93\Installer\setup.exe" --store-dmtoken=%1 --system-level --verbose-logging --channel=stable
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
Operation:writeName:WebAccessible
Value:
1
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken
Operation:writeName:CommandLine
Value:
"C:\Program Files\Google\Chrome\Application\136.0.7103.93\Installer\setup.exe" --delete-dmtoken --system-level --verbose-logging --channel=stable
(PID) Process:(7992) setup.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken
Operation:writeName:WebAccessible
Value:
1
Executable files
18
Suspicious files
337
Text files
103
Unknown types
0

Dropped files

PID
Process
Filename
Type
4380ChromeSetup.exeC:\Users\admin\AppData\Local\Temp\Google4380_1865591791\UPDATER.PACKED.7Z
MD5:
SHA256:
3332updater.exeC:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.0\updater.exeexecutable
MD5:FFDA3134E0823DECE997E1A4FB4FC146
SHA256:802CE5E3714C0D7CCCE24629E9517034E9CCB1F601BC6D29C878985AAA9148C9
3332updater.exeC:\Program Files (x86)\Google\GoogleUpdater\prefs.jsonbinary
MD5:3F6427D2AB4B18D3993874E76EA4A70A
SHA256:8CD33DE899548BA6CBA67355CDF68040D6C9FAD2777B27220FFA49409266180C
3332updater.exeC:\Program Files (x86)\Google\GoogleUpdater\b80f4481-9a87-4818-bcec-617521b1228c.tmpbinary
MD5:3F6427D2AB4B18D3993874E76EA4A70A
SHA256:8CD33DE899548BA6CBA67355CDF68040D6C9FAD2777B27220FFA49409266180C
5588updater.exeC:\Program Files (x86)\Google\GoogleUpdater\prefs.json~RF10cb8f.TMPbinary
MD5:3F6427D2AB4B18D3993874E76EA4A70A
SHA256:8CD33DE899548BA6CBA67355CDF68040D6C9FAD2777B27220FFA49409266180C
5588updater.exeC:\Program Files (x86)\Google\GoogleUpdater\f2550f3a-2197-4b7b-bbd2-5559e3bf2adf.tmpbinary
MD5:00307500329DBCFB6E7CECB636DFF668
SHA256:358E3107A9C3E118616970C39EA2F31ABF420C04CF5C384B9365E181614A5FE1
5588updater.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeexecutable
MD5:FFDA3134E0823DECE997E1A4FB4FC146
SHA256:802CE5E3714C0D7CCCE24629E9517034E9CCB1F601BC6D29C878985AAA9148C9
3332updater.exeC:\Program Files (x86)\Google\GoogleUpdater\updater.logtext
MD5:6410D937DBDB39B55970BD5ADF3116B9
SHA256:DBBEE62FD943D7E0AF813F9913E6917205BD24DAA5C6CB7D3A359EB6F555C187
7268updater.exeC:\Windows\SystemTemp\chrome_url_fetcher_7268_457342768\-8a69d345-d564-463c-aff1-a69d9e530f96-_136.0.7103.93_all_adh2yb6q7t3w4x6zy5f536dugexq.crx3
MD5:
SHA256:
7268updater.exeC:\Program Files (x86)\Google\GoogleUpdater\crx_cache\e025f58d009aa9f0caedff775f66d9d945801e93b5240cf2a5547c469cd7eec5
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
35
TCP/UDP connections
88
DNS requests
113
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
GET
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome/lavkrwitlza3b2ssskklc2whmi_136.0.7103.93/-8a69d345-d564-463c-aff1-a69d9e530f96-_136.0.7103.93_all_adh2yb6q7t3w4x6zy5f536dugexq.crx3
unknown
whitelisted
GET
200
23.48.23.166:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6668
svchost.exe
HEAD
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/aca4j7naijrf65juvpzj5lv43una_2025.4.30.0/niikhdgajlphfehepabhhblakbdgeefj_2025.04.30.00_all_pi2vwi5t776kda42vjlunrgh5u.crx3
unknown
whitelisted
6668
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/aca4j7naijrf65juvpzj5lv43una_2025.4.30.0/niikhdgajlphfehepabhhblakbdgeefj_2025.04.30.00_all_pi2vwi5t776kda42vjlunrgh5u.crx3
unknown
whitelisted
6668
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/aca4j7naijrf65juvpzj5lv43una_2025.4.30.0/niikhdgajlphfehepabhhblakbdgeefj_2025.04.30.00_all_pi2vwi5t776kda42vjlunrgh5u.crx3
unknown
whitelisted
6668
svchost.exe
GET
206
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/aca4j7naijrf65juvpzj5lv43una_2025.4.30.0/niikhdgajlphfehepabhhblakbdgeefj_2025.04.30.00_all_pi2vwi5t776kda42vjlunrgh5u.crx3
unknown
whitelisted
6668
svchost.exe
HEAD
200
34.104.35.123:80
http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/neifaoindggfcjicffkgpmnlppeffabd_1.0.2738.0_win64_kj4dp5kifwxbdodqls7e5nzhtm.crx3
unknown
whitelisted
GET
200
23.35.229.160:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
GET
200
142.250.186.99:80
http://c.pki.goog/r/gsr1.crl
unknown
whitelisted
GET
200
142.250.186.99:80
http://c.pki.goog/r/r4.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
51.104.136.2:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
23.48.23.166:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
23.35.229.160:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
172.211.123.248:443
client.wns.windows.com
MICROSOFT-CORP-MSN-AS-BLOCK
FR
whitelisted
172.217.16.195:443
update.googleapis.com
GOOGLE
US
whitelisted
142.250.185.142:443
dl.google.com
GOOGLE
US
whitelisted
34.104.35.123:80
edgedl.me.gvt1.com
GOOGLE
US
whitelisted
142.250.186.99:80
c.pki.goog
GOOGLE
US
whitelisted
142.250.184.227:80
o.pki.goog
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 51.104.136.2
  • 40.127.240.158
whitelisted
crl.microsoft.com
  • 23.48.23.166
  • 23.48.23.156
whitelisted
www.microsoft.com
  • 23.35.229.160
whitelisted
google.com
  • 142.250.185.110
  • 142.250.185.174
whitelisted
client.wns.windows.com
  • 172.211.123.248
  • 172.211.123.250
whitelisted
update.googleapis.com
  • 172.217.16.195
whitelisted
dl.google.com
  • 142.250.185.142
whitelisted
edgedl.me.gvt1.com
  • 34.104.35.123
whitelisted
c.pki.goog
  • 142.250.186.99
whitelisted
o.pki.goog
  • 142.250.184.227
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
ChromeSetup.exe