Chrome Downloads

Overview

Evidence: Chrome Downloads Description: Collect Chrome Downloads Platform: Cross-platform Short Name: cdwnlds Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

This collector gathers chrome downloads information from the system. This data is essential for forensic investigations and incident response.

Data Collected

This collector gathers structured data about chrome downloads.

Chrome Downloads Data

Field

Description

Example

ID

UserName

User Name

Example Name

Browser

Browser

Example value

ProfileName

Profile Name

Example Name

URL

URL

Example value

TargetPath

Target Path

/path/to/file

CurrentPath

Current Path

/path/to/file

Referrer

Referrer

Example value

LastModified

Last Modified

Example value

DangerType

Danger Type

Example value

Opened

Opened

Example value

TabURL

Tab URL

Example value

TabReferrerURL

Tab Referrer URL

Example value

StartTime

Start Time

2023-10-15 14:30:25

EndTime

End Time

2023-10-15 14:30:25

HistoryFilePath

History File Path

/path/to/file

Collection Method

This collector queries the cdwnlds table via osquery and parses the results into structured data.

Usage

This evidence is crucial for forensic investigations as it provides insights into system activity, user behavior, and potential security incidents.

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

PreviousChrome Cookies NextChrome Extensions

Last updated 2 hours ago

Was this helpful?