Closed celalettin-turgut closed 1 year ago
a7c3d773-caef-227e-a7e7-c2f13c622329
UtcTime: 2023-11-09 05:22:07.963 ProcessId: 14328 Image: C:\Windows\System32\rundll32.exe FileVersion: 10.0.19041.3570 (WinBuild.160101.0800) Description: Windows host process (Rundll32) Product: Microsoft® Windows® Operating System Company: Microsoft Corporation OriginalFileName: RUNDLL32.EXE CommandLine: C:\Windows\System32\rundll32.exe CurrentDirectory: C:\Users\AHMET~1\AppData\Local\Temp\ User: COMPANY\Ahmet Faruk IntegrityLevel: Medium Hashes: MD5=A52BFA4A96F97C368312028DBD7C8461,SHA256=D64D27BE4C907B0A2A0C32E1B1A4A44A1333A936FE63127D69DF41C859DA8C9E,IMPHASH=4DB27267734D1576D75C991DC70F68AC ParentProcessId: 6216 ParentImage: C:\Users\Ahmet Faruk\AppData\Local\Google\Chrome\Application\119.0.6045.106\Installer\setup.exe ParentCommandLine: "C:\Users\Ahmet Faruk\AppData\Local\Google\Chrome\Application\119.0.6045.106\Installer\setup.exe" --uninstall --channel=stable --verbose-logging --self-destruct --force-uninstall --do-not-remove-shared-items --trigger-active-setup ParentUser: COMPANY\Ahmet Faruk
This chrome update is commen
it is doubled
celalettin-turgut
commented
1 year ago celalettin-turgut
commented
1 year ago
Rule UUID
a7c3d773-caef-227e-a7e7-c2f13c622329
Example EventLog
UtcTime: 2023-11-09 05:22:07.963 ProcessId: 14328 Image: C:\Windows\System32\rundll32.exe FileVersion: 10.0.19041.3570 (WinBuild.160101.0800) Description: Windows host process (Rundll32) Product: Microsoft® Windows® Operating System Company: Microsoft Corporation OriginalFileName: RUNDLL32.EXE CommandLine: C:\Windows\System32\rundll32.exe CurrentDirectory: C:\Users\AHMET~1\AppData\Local\Temp\ User: COMPANY\Ahmet Faruk IntegrityLevel: Medium Hashes: MD5=A52BFA4A96F97C368312028DBD7C8461,SHA256=D64D27BE4C907B0A2A0C32E1B1A4A44A1333A936FE63127D69DF41C859DA8C9E,IMPHASH=4DB27267734D1576D75C991DC70F68AC ParentProcessId: 6216 ParentImage: C:\Users\Ahmet Faruk\AppData\Local\Google\Chrome\Application\119.0.6045.106\Installer\setup.exe ParentCommandLine: "C:\Users\Ahmet Faruk\AppData\Local\Google\Chrome\Application\119.0.6045.106\Installer\setup.exe" --uninstall --channel=stable --verbose-logging --self-destruct --force-uninstall --do-not-remove-shared-items --trigger-active-setup ParentUser: COMPANY\Ahmet Faruk
Description
This chrome update is commen