Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Discussions
IT & Cybersecurity
Chrome.exe Alerts
egrizzly
Hi all,
Do any of you all receive these notorious Chrome.exe alerts on your EDRs or IDRs? What are these alerts? Are they automatica updates coming from Chrome extensions, or micro version updates from the browser itself? Im stumpted. They're typically something like below:
Filename:
Chrome.exe
FilePath: \Device\HarddiskVolume3\Program Files\Chrome\Application
FileHash: these vary and have different hashes that register as PUPs or Grayware on VirusTotal
Find more posts tagged with
edr
chrome alerts
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
JDMurray
I've seen legit operations in Chrome that are interpreted as heap spraying attacks, but little else. Positive hits on extensions can be anything should be reported to the extension's vendor.
egrizzly
So are alerts from file Chrome.exe known to be from the extension installs/updates and not from the browser?
@JDMurray
JDMurray
Is your EDR is triggering on the chrome.exe file on disk or on the chrome.exe process running in memory? Extensions are individual files on disk, but may appear as part of the chrome.exe process(es) in memory.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
