Chromium Downloads
Overview
Section titled “Overview”Evidence: Chromium Downloads
Description: Collect Chromium Downloads
Category: Applications
Platform: linux
Short Name: cmdwnlds
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No
Background
Section titled “Background”Browser download history records files downloaded by users, including file paths, timestamps, URLs, referrer information, and download status. This data is essential for tracking file acquisition, identifying potentially malicious downloads, and reconstructing user activity timelines.
Data Collected
Section titled “Data Collected”This collector gathers structured data about chromium downloads.
Collection Method
Section titled “Collection Method”This collector queries the browser’s History database to extract download records, including file paths, download times, source URLs, and security flags.
Forensic Value
Section titled “Forensic Value”Download history reveals malware delivery vectors, data exfiltration attempts, unauthorized software installation, and user interaction with suspicious websites. Analysts can identify downloaded malicious files, track attack chains, and correlate downloads with other security events.