Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Chrome Cache Entry: 59
|
ASCII text, with very long lines (2343)
|
downloaded
|
||
|
Chrome Cache Entry: 60
|
Unicode text, UTF-8 text
|
downloaded
|
||
|
Chrome Cache Entry: 61
|
ASCII text, with very long lines (65447)
|
downloaded
|
||
|
Chrome Cache Entry: 62
|
ASCII text, with very long lines (28900)
|
downloaded
|
||
|
Chrome Cache Entry: 63
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 64
|
ASCII text, with very long lines (5945)
|
downloaded
|
||
|
Chrome Cache Entry: 65
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 66
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 67
|
PNG image data, 229 x 76, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 68
|
ASCII text, with very long lines (65371)
|
downloaded
|
||
|
Chrome Cache Entry: 69
|
ASCII text, with very long lines (382)
|
downloaded
|
||
|
Chrome Cache Entry: 70
|
PNG image data, 229 x 76, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 71
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 72
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 73
|
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2248 --field-trial-handle=2172,i,2557239446117328043,1594672359937540245,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://jll.aravo.com/aems/login.do"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://jll.aravo.com/aems/login.do
|
|||
|
http://fontawesome.io
|
unknown
|
||
|
https://stats.g.doubleclick.net/g/collect
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/css/fontello/css/fontello.css
|
67.192.161.8
|
||
|
https://jll.aravo.com/aems/findpassword.do?btnCancel=true&cs=yks4Zxuaa-IhSYYKBL7klWVFg6lTUCzDQX3ET0rBrlc.arv
|
67.192.161.8
|
||
|
http://opensource.org/licenses/mit-license.php
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/js/jqBootstrapValidation.js
|
67.192.161.8
|
||
|
https://jll.aravo.com/favicon.ico?v=4
|
67.192.161.8
|
||
|
http://tinyurl.com/executeFunctionByName
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/js/fastclick.js
|
67.192.161.8
|
||
|
https://jll.aravo.com/aems/login.do
|
|||
|
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/css/bootstrap.min.css
|
67.192.161.8
|
||
|
https://tagassistant.google.com/
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/images/aravo_logo-2x.png
|
67.192.161.8
|
||
|
https://adservice.google.com/pagead/regclk
|
unknown
|
||
|
https://ampcid.google.com/v1/publisher:getClientId
|
unknown
|
||
|
https://cct.google/taggy/agent.js
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/css/font-awesome-4.6.3/css/font-awesome.min.css
|
67.192.161.8
|
||
|
http://fontawesome.io/license
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/css/unauthenticated.css
|
67.192.161.8
|
||
|
https://www.google.com/ads/ga-audiences
|
unknown
|
||
|
https://www.google.%/ads/ga-audiences
|
unknown
|
||
|
https://td.doubleclick.net
|
unknown
|
||
|
https://www.merchant-center-analytics.goog
|
unknown
|
||
|
http://getbootstrap.com)
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/js/jquery-3.6.0.min.js
|
67.192.161.8
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
||
|
https://stats.g.doubleclick.net/g/collect?v=2&
|
unknown
|
||
|
https://jll.aravo.com/aems/findaccount.do
|
|||
|
https://bugzilla.mozilla.org/show_bug.cgi?id=922896
|
unknown
|
||
|
https://stats.g.doubleclick.net/j/collect
|
unknown
|
||
|
http://stackoverflow.com/questions/359788/how-to-execute-a-javascript-function-when-i-have-its-name-
|
unknown
|
||
|
https://jll.aravo.com/simpletrade/default/css/fontello/css/animation.css
|
67.192.161.8
|
||
|
https://github.com/ftlabs/fastclick/issues/251
|
unknown
|
||
|
http://ReactiveRaven.github.com/jqBootstrapValidation/
|
unknown
|
There are 26 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
www.google.com
|
74.125.137.104
|
||
|
prod.aravo.com
|
67.192.161.8
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
|
jll.aravo.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
67.192.161.8
|
prod.aravo.com
|
United States
|
||
|
192.168.2.6
|
unknown
|
unknown
|
||
|
74.125.137.104
|
www.google.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/login.do
|
||
|
https://jll.aravo.com/aems/findaccount.do
|
||
|
https://jll.aravo.com/aems/findaccount.do
|
||
|
https://jll.aravo.com/aems/findaccount.do
|
||
|
https://jll.aravo.com/aems/findaccount.do
|
There are 3 hidden doms, click here to show them.